Pages:
Author

Topic: summary of Proof of Work - page 2. (Read 1056 times)

legendary
Activity: 2352
Merit: 6089
bitcoindata.science
April 22, 2018, 05:15:47 PM
#20
Sorry if this is a very dumb question, but can you help me understand the "longest chain" is the valid chain concept? This is something I'm confused about when it comes to bcash, as it is currently the longer chain. Is it because these are two separate coins at this point? Or does the "Longest chain" refer to mined blocks that become orphaned?

Bcash is another coin, no matter how long that chain is. It has nothing to do with bitcoin.
sr. member
Activity: 574
Merit: 296
Bitcoin isn't a bubble. It's the pin!
April 22, 2018, 03:50:38 PM
#19

Quote from: satoshi
The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power.  

So basically, the longest chain is whatever Jihan is pointing his machines at? this is how I see it at the moment, unfortunately. We need more competition in mining, im looking forward to the next decade to see what others have to offer. Right now im with Luke when it comes to paying attention to hashrate distribution, it's a problem... but changing the PoW would be a disaster and kicking the can down the road. We either need proper game changing approach to PoW or simply we need more competition for Jihan's monopoly. Again, I think things will look different during the next decade, im not too pessimistic.

Cobra has the same concerns. I believe some "Bitcoin oracles" were overreacting when they said that he was compromised when he tweeted about buying some Bitcoin Cash.

I personally believe that Bitcoin Cash is good for those people who want to have bigger blocks. But what they should not be doing is claiming that it's the real Bitcoin.

Plus there are some interesting proposals in Bitcoin Cash that should be considered by Bitcoin Core in my opinion, like implementing more Opcodes to add more functionality.

Cobra made 0 sense. One thing is to point at possible centralization of mining on Bitcoin, then a very different thing is saying "im going to buy some Bitcoin Cash" as if BCash wasn't even more centralized. It's sane to think that he was compromised or bribed in some way to shill BCash, it solves none of the fundamental Bitcoin problems.

Sorry if this is a very dumb question, but can you help me understand the "longest chain" is the valid chain concept? This is something I'm confused about when it comes to bcash, as it is currently the longer chain. Is it because these are two separate coins at this point? Or does the "Longest chain" refer to mined blocks that become orphaned?
legendary
Activity: 2898
Merit: 1823
April 17, 2018, 12:52:41 AM
#18
Quote from: satoshi
The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power.  

So basically, the longest chain is whatever Jihan is pointing his machines at? this is how I see it at the moment, unfortunately. We need more competition in mining, im looking forward to the next decade to see what others have to offer. Right now im with Luke when it comes to paying attention to hashrate distribution, it's a problem... but changing the PoW would be a disaster and kicking the can down the road. We either need proper game changing approach to PoW or simply we need more competition for Jihan's monopoly. Again, I think things will look different during the next decade, im not too pessimistic.

Cobra has the same concerns. I believe some "Bitcoin oracles" were overreacting when they said that he was compromised when he tweeted about buying some Bitcoin Cash.

I personally believe that Bitcoin Cash is good for those people who want to have bigger blocks. But what they should not be doing is claiming that it's the real Bitcoin.

Plus there are some interesting proposals in Bitcoin Cash that should be considered by Bitcoin Core in my opinion, like implementing more Opcodes to add more functionality.

Cobra made 0 sense. One thing is to point at possible centralization of mining on Bitcoin, then a very different thing is saying "im going to buy some Bitcoin Cash" as if BCash wasn't even more centralized. It's sane to think that he was compromised or bribed in some way to shill BCash, it solves none of the fundamental Bitcoin problems.

That is not what I meant, sorry. I was saying that LukeDashjr and Cobra have the same concerns about the centralization of mining in Bitcoin, and that some Bitcoiners saying that he is compromised just because tweeted that he was buying some Bitcoin Cash may be overreacting.

Refer to this blog, https://medium.com/@CobraBitcoin/an-open-letter-to-the-bitcoin-community-to-change-the-proof-of-work-algorithm-12a6545c20d0

Quote
An open letter to the Bitcoin community to change the proof-of-work algorithm

I believe Cobra is one of those Bitcoiners who still has his eyes open.
newbie
Activity: 60
Merit: 0
April 16, 2018, 11:42:58 PM
#17

There is no reason for the number '6', its only a number of confirmation adopted by most of the services, because when you have more confirmations, more difficult to the miners reverse the transaction. In truth its very difficult to happen, the attacker needs a big percentage of the total hash rate to reverse the transaction even after only one or two cofirmations, and try to mine again a block to try to build a new longest chain above the old block is not profitable since you are competing with other miners which are already mining the longest chain.

You can calcule the probability for a miner to reverse a transaction here: people.xiph.org/~greg/attack_success.html

Got it, thank you! However, when I check the tool, with 40% hash-power a group can have more than 50% probability to win over the network. It is not really needed to have enough 51% I guess.
legendary
Activity: 1372
Merit: 1252
April 16, 2018, 11:21:06 AM
#16
So basically, the longest chain is whatever Jihan is pointing his machines at? this is how I see it at the moment, unfortunately. We need more competition in mining, im looking forward to the next decade to see what others have to offer. Right now im with Luke when it comes to paying attention to hashrate distribution, it's a problem... but changing the PoW would be a disaster and kicking the can down the road. We either need proper game changing approach to PoW or simply we need more competition for Jihan's monopoly. Again, I think things will look different during the next decade, im not too pessimistic.

Yes, the PoW could generate a seriously problem of centralization in the future, but this still  is not a valid reason to change/update the PoW, we still need a consensus of what type of the algorithm will work better, an example of this is to change the SHA2 to ShA3, invalidating all of the asics, or change the PoW to PoS, which theoretically fishish with the high centralization. But all of these examples has their problem and nobody has certainty if these changes can really improve the bitcoin.

The problem is, the longer you leave this unsolved, the worse it will be. If it is basically impossible changing PoW now, I think it's delusional to think it will happen in the future. I guess we will have to deal with what we have and hope for more competition. PoW will never change... unless the algo gets compromised somehow.


Quote from: satoshi
The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power. 

So basically, the longest chain is whatever Jihan is pointing his machines at? this is how I see it at the moment, unfortunately. We need more competition in mining, im looking forward to the next decade to see what others have to offer. Right now im with Luke when it comes to paying attention to hashrate distribution, it's a problem... but changing the PoW would be a disaster and kicking the can down the road. We either need proper game changing approach to PoW or simply we need more competition for Jihan's monopoly. Again, I think things will look different during the next decade, im not too pessimistic.

Cobra has the same concerns. I believe some "Bitcoin oracles" were overreacting when they said that he was compromised when he tweeted about buying some Bitcoin Cash.

I personally believe that Bitcoin Cash is good for those people who want to have bigger blocks. But what they should not be doing is claiming that it's the real Bitcoin.

Plus there are some interesting proposals in Bitcoin Cash that should be considered by Bitcoin Core in my opinion, like implementing more Opcodes to add more functionality.

Cobra made 0 sense. One thing is to point at possible centralization of mining on Bitcoin, then a very different thing is saying "im going to buy some Bitcoin Cash" as if BCash wasn't even more centralized. It's sane to think that he was compromised or bribed in some way to shill BCash, it solves none of the fundamental Bitcoin problems.
sr. member
Activity: 476
Merit: 314
April 16, 2018, 06:22:17 AM
#15
Can you please explain more about "a transaction is only considered irreversible with 6 confirmations."

There is no reason for the number '6', its only a number of confirmation adopted by most of the services, because when you have more confirmations, more difficult to the miners reverse the transaction. In truth its very difficult to happen, the attacker needs a big percentage of the total hash rate to reverse the transaction even after only one or two cofirmations, and try to mine again a block to try to build a new longest chain above the old block is not profitable since you are competing with other miners which are already mining the longest chain.

You can calcule the probability for a miner to reverse a transaction here: people.xiph.org/~greg/attack_success.html
newbie
Activity: 60
Merit: 0
April 16, 2018, 05:52:12 AM
#14
Quote
It doesn't need 6 confirmations to be finalized.
Bust many exchanges and websites will wait for 6 confirmations before accepting it, as a transaction is only considered irreversible with 6 confirmations.

I know only the rule - The longest chain will be the right one.

Can you please explain more about "a transaction is only considered irreversible with 6 confirmations."
jr. member
Activity: 168
Merit: 3
#Please, read:Daniel Ellsberg,-The Doomsday *wk
April 16, 2018, 05:50:19 AM
#13
Thanks OP for such nice summary ...

While reading about Openpgp protocol[1] it came to my mind ...Regards to blockchain itself (think in terms of data structure) ..

 ... is the blockchain "data at rest" or "data in transit" ?



[1]

Quote
*** Data at Rest

OpenPGP is used to protect both data at rest as well as data in
motion.  Whereas data at rest refers to data that is stored, e.g., on
a hard drive, data in motion refers to data that is transferred, e.g.,
via HTTP.  Thus, an encryption scheme that only protects data in
motion, such as TLS, removes the encryption on receipt; the data is
only protected on the wire.  Another way to think about the difference
between data at rest and data in motion is that encryption that
protects data at rest protects it in time and space whereas encryption
that protects data in motion only protects it in space.  Yet another
way to think about the difference is that data at rest is to the ~tar~
or ~zip~ tools as data in motion is to HTTP or XMPP.

The decision to protect not only data in motion, but also data at rest
using the same scheme significantly constrains the solution space.  In
particular, because data at rest may be accessed asynchronously with
respect to the encryption, there is no possibility to negociate
parameters on the fly.

Consider an encrypted backup.  When you encrypt the data, you can only
use the strongest encryption that is available at the time of the
encryption.  When you access the data 10 years later, your
implementation needs to support that now old encryption algorithm;
there is no way to go back in time and say to your former self,
"could you use this implementation instead?"

# I don't think 10 year old backups are that relevant.  Typically only
# the latest snapshot is interesting, which should be fresh.  And
# backups are not longterm preservation archives for many other
# reasons.  (marcus)

An additional consequence is that upgrading the cryptography becomes
very difficult.  It is not possible to completely deprecate old
algorithms, because old messages (like our backup) still need to be
decrypted.  Similarly, since people continue to use old software, we
often cannot use the latest and greatest encryption scheme, because
they might not be able to decrypt the data!

Another result of this decision to protect data at rest is that
enabling forward secrecy is not possible.  Forward secrecy is an
oft-lauded encryption property, which prevents old encrypted messages
from being decrypted if the private key material is somehow
compromised.  Forward secrecy works by mutating the key material in
time.  This scheme is fine if you never need to decrypt old messages
(as is typically the case for data transferred via HTTPS, say), but
doesn't work at all for data at rest: if you want to decrypt some data
a week later, nevermind 10 years later, then you won't be able to if
you've destroyed the private key material needed to decrypt it!

https://gnupg.org/ftp/people/neal/an-advanced-introduction-to-gnupg/openpgp/openpgp.org
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
April 16, 2018, 05:30:24 AM
#12
In the Blockchain, all transactions are publicly announced to all nodes, as there is no central authority who validate transactions. The validation system is called Proof of Work.

This paragraph is somewhat misleading. The POW isn't used for validation, it's there to prevent double spending and modification of the chain. Validation of transactions in the block is done via cryptographic signatures and has nothing to do with POW. I would emphasize this more, as it's abit unclear from your post what is the purpose of POW in Bitcoin.

Yeah, I just learned about that reading some posts on some other threads. I will review this text soon. Thank you for your observation.

Can you explain about 6 confirmations needed for a transaction to be finalized?
It doesn't need 6 confirmations to be finalized.
Bust many exchanges and websites will wait for 6 confirmations before accepting it, as a transaction is only considered irreversible with 6 confirmations.
newbie
Activity: 60
Merit: 0
April 16, 2018, 05:15:19 AM
#11
Can you explain about 6 confirmations needed for a transaction to be finalized?
full member
Activity: 121
Merit: 123
April 16, 2018, 02:11:24 AM
#10
In the Blockchain, all transactions are publicly announced to all nodes, as there is no central authority who validate transactions. The validation system is called Proof of Work.

This paragraph is somewhat misleading. The POW isn't used for validation, it's there to prevent double spending and modification of the chain. Validation of transactions in the block is done via cryptographic signatures and has nothing to do with POW. I would emphasize this more, as it's abit unclear from your post what is the purpose of POW in Bitcoin.
legendary
Activity: 1624
Merit: 2481
April 16, 2018, 01:56:22 AM
#9
..or change the PoW to PoS, which theoretically fishish with the high centralization..

I don't think a switch to PoS would decrease the centralization.

This would only 'move' the centralization from people (with lots of money) who buy miner and electricity to people (with also tons of money) who stake their coins.
It might have a small influence on who is mining 'more' blocks. But overall this is not a 'solution' to the 'centralization problem'.



legendary
Activity: 2898
Merit: 1823
April 16, 2018, 12:55:13 AM
#8
Quote from: satoshi
The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power.  

So basically, the longest chain is whatever Jihan is pointing his machines at? this is how I see it at the moment, unfortunately. We need more competition in mining, im looking forward to the next decade to see what others have to offer. Right now im with Luke when it comes to paying attention to hashrate distribution, it's a problem... but changing the PoW would be a disaster and kicking the can down the road. We either need proper game changing approach to PoW or simply we need more competition for Jihan's monopoly. Again, I think things will look different during the next decade, im not too pessimistic.

Cobra has the same concerns. I believe some "Bitcoin oracles" were overreacting when they said that he was compromised when he tweeted about buying some Bitcoin Cash.

I personally believe that Bitcoin Cash is good for those people who want to have bigger blocks. But what they should not be doing is claiming that it's the real Bitcoin.

Plus there are some interesting proposals in Bitcoin Cash that should be considered by Bitcoin Core in my opinion, like implementing more Opcodes to add more functionality.
sr. member
Activity: 476
Merit: 314
April 15, 2018, 08:16:35 PM
#7
So basically, the longest chain is whatever Jihan is pointing his machines at? this is how I see it at the moment, unfortunately. We need more competition in mining, im looking forward to the next decade to see what others have to offer. Right now im with Luke when it comes to paying attention to hashrate distribution, it's a problem... but changing the PoW would be a disaster and kicking the can down the road. We either need proper game changing approach to PoW or simply we need more competition for Jihan's monopoly. Again, I think things will look different during the next decade, im not too pessimistic.

Yes, the PoW could generate a seriously problem of centralization in the future, but this still  is not a valid reason to change/update the PoW, we still need a consensus of what type of the algorithm will work better, an example of this is to change the SHA2 to ShA3, invalidating all of the asics, or change the PoW to PoS, which theoretically fishish with the high centralization. But all of these examples has their problem and nobody has certainty if these changes can really improve the bitcoin.
legendary
Activity: 990
Merit: 1108
April 15, 2018, 04:29:43 PM
#6
Proof of Work is an algorithm that rewards participants who solve a cryptographic puzzle...
This puzzle consists in scanning for a value (called Nonce) that when hashed, the hash begins with a number of zeros.

What you describe here is a specific Proof of Work algorithm known as Hashcash.
There are many alternative Proof of Work algorithms not based on hashing, as explained in this article

http://cryptorials.io/beyond-hashcash-proof-work-theres-mining-hashing/
legendary
Activity: 1372
Merit: 1252
April 15, 2018, 01:36:21 PM
#5
Quote from: satoshi
The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power.  

So basically, the longest chain is whatever Jihan is pointing his machines at? this is how I see it at the moment, unfortunately. We need more competition in mining, im looking forward to the next decade to see what others have to offer. Right now im with Luke when it comes to paying attention to hashrate distribution, it's a problem... but changing the PoW would be a disaster and kicking the can down the road. We either need proper game changing approach to PoW or simply we need more competition for Jihan's monopoly. Again, I think things will look different during the next decade, im not too pessimistic.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
April 15, 2018, 09:46:52 AM
#4
When that block is full of transactions, it is hashed.
This is not necessarily true. The block can be hashed even when empty or nearly empty.
Miners immediately start to search for a valid hash, even before the block has any transactions. (I guess, the incentive to mine a new block is much larger than to collect the transaction fees!!)
This was puzzling me too, but then I understood somewhat more, thanks to @DannyHamilton.



Thank you butka. You showed me a very good post.
I will review my explanation later. This is more complicated than I thought.
copper member
Activity: 54
Merit: 0
April 15, 2018, 06:54:11 AM
#3
Thank you for taking the time to explain this process. I found your explanation to be help. You could have jumped straight into the proof of work definition but leading it with simple explanation of how the blockchain plays into it adds much needed clarity.
full member
Activity: 434
Merit: 246
April 15, 2018, 06:29:40 AM
#2
When that block is full of transactions, it is hashed.
This is not necessarily true. The block can be hashed even when empty or nearly empty.
Miners immediately start to search for a valid hash, even before the block has any transactions. (I guess, the incentive to mine a new block is much larger than to collect the transaction fees!!)
This was puzzling me too, but then I understood somewhat more, thanks to @DannyHamilton.

legendary
Activity: 2352
Merit: 6089
bitcoindata.science
April 13, 2018, 06:09:08 PM
#1
In this post, I will explain the basic about Bitcoin Blockchain and Proof of Work, an algorithm that validate transactions and create new blocks (mining), as detailed in Bitcoin whitepaper, by Satoshi Nakamoto. This apply also for Ethereum and other similar blockchains that use Proof of Work (PoW).

Please feel free to point out any mistakes, as I had some technical and English doubts while writing it

First, we need to understand the concept of hashing, only then we can analyze how blockchain works.

What is a Hash?

A hash is a cryptographic function that receive an input of any length and generate an output of a fixed length , an alphanumerical sequence. Simply put, it is a bunch of random numbers and letters.
This is a great website, it shows how hashing and mining works. You can enter some text there to see how it works.
https://anders.com/blockchain/hash.html
It is important to note that a hash has a fixed size, no matter how big or small the input is. Any small change in one letter in the input will generate a completely different hash (output). This is important if you have a big data, because all this data can be converted to a small hash, which will work as a fingerprint of that data.

Blockchain

The idea proposed by Satoshi is to register transactions on a block. When the proof of work solution for that block is found, it is hashed. Each block includes the previous block’s hash, forming a chain of blocks (blockchain), and each additional block reinforcing the ones before it.



Because of that process, if any transaction in a past block is changed the output hash will be different.
When you make a Bitcoin transaction and you see that you have 5 confirmations, that means that 5 blocks were mined after that transaction. A transaction with 6 confirmations is considered irreversible.

Proof of Work

In the Blockchain, all transactions are publicly announced to all nodes, as there is no central authority who validate transactions.

Proof of Work is an algorithm that rewards participants who solve a cryptographic puzzle in order to validate transactions and create new blocks (this process in known as mining).
This puzzle consists in scanning for a value (called Nonce) that when hashed together with thr block data, the hash begins with a number of zeros.



In this website you can see how this process works. You can try to find a Nonce that when hashed generates a hash that start with 0000 on your own. You will see that it is hard, unless you are very lucky. And you are going to be lucky twice in row, if you do go to a casino or something like that lol.

The difficult in finding that nonce increases exponentially as more zeros are required by the block. Difficult is adjusted every 2016 blocks, based on the average hashrate of those past 2016 blocks, so that 2016 blocks are mined every two weeks. (So a block is mined every 10 minutes)

Miners only get their reward if they are mining the longest chain, as it has the greatest processing power invested. If the honest nodes control the majority processing power, the honest chain will always be the longest and will outpace attacker’s chain.

To modify a past transaction the attacker would have to redo the PoW of the block and all subsequent blocks, and outpace the honest chain. For this to happen, the attacker’s would need more processing power than the honest chain, also known as 51% attack.

Quote from: Satoshi in Bitcoin whipepaper
The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power.  


Source: bitcoin whitepaper. Images from: https://nakamotoinstitute.org/bitcoin/

Topic also available in Portuguese (short version) and Arabic (by Zwei)
Pages:
Jump to: