Topic: [XPM] [ANN] Primecoin Prerelease Announcement - Introducing Prime Proof-of-Work - page 17. (Read 71629 times)
July 03, 2013, 06:02:26 PM
Can we use CGMIner for this coin?? And what version.. The CPU only or the GPU??
July 03, 2013, 03:02:37 PM
Finally something that will actually have real value.
I wouldn't go that far.I know not yet. But I would like to see a proof of work linked to something like finding new primes and this project is the closest I've seen.
July 03, 2013, 01:57:33 PM
for a POW algorithm to be useful for blockchain verification it must be
- hard to derive (for transaction verifiers)
- controllable difficulty (so as more nodes are added, the difficulty can rise)
- easy to prove (for relaying nodes)
hash algorithms are good here. An algorithm with primes sounds like it would be based around the factorising problem (e.g. as used in RSA) - but the question is how Sunny has designed it to be variable - perhaps the difficulty is set by the length of required prime in bits, and the POW is two primes and a factor that meet the difficulty. This would be very very ASICable compared with scrypt, but I don't think any off the shelf ASIC cores would exist (unlike with SHA256)
Interested to see what Sunny has come up with here.
Will
- hard to derive (for transaction verifiers)
- controllable difficulty (so as more nodes are added, the difficulty can rise)
- easy to prove (for relaying nodes)
hash algorithms are good here. An algorithm with primes sounds like it would be based around the factorising problem (e.g. as used in RSA) - but the question is how Sunny has designed it to be variable - perhaps the difficulty is set by the length of required prime in bits, and the POW is two primes and a factor that meet the difficulty. This would be very very ASICable compared with scrypt, but I don't think any off the shelf ASIC cores would exist (unlike with SHA256)
Interested to see what Sunny has come up with here.
Will
Here is something which might work. It is based on Pratt certificates (see http://en.wikipedia.org/wiki/Pratt_certificate).
Mining process
The miner attempts to find a large prime n which has the following properties:
- The most significant 256 bits are equal to the merkle root
- The prime is large enough to meet the difficulty target
Proof of work
To generate the proof of work, the miner generates a Pratt certificate for their large prime n. Generation of a Pratt certificate is very hard; it requires the factorisation of n - 1, which is requires exponential time in the size of n. Yet it is easy to verify a Pratt certificate; verification is polynomial time in the size of n. For example, factorisation of a 1024 bit integer is about 7 million times as difficult as a 512 bit integer (according to http://en.wikipedia.org/wiki/General_number_field_sieve), yet it is only 16 times as difficult to verify.
This meets the criteria for a useful proof-of-work: hard to generate, easy to verify, adjustable difficulty and incorporates the merkle root.
Mining pools are more complicated to implement, since integer factorisation is not as trivially parallellisable as hashcash. This might explain why the initial client is solo-mine only.
It also has the property of being sensitive to improvements in factorisation algorithms. This makes it somewhat resistant to ASICs, since algorithm improvements may invalidate ASIC designs, so ASIC developers may not wish to take on the risk.
(Edit: linear -> polynomial)
I'm very excited about this coin. Finally something that will actually have real value.
July 03, 2013, 11:53:04 AM
for a POW algorithm to be useful for blockchain verification it must be
- hard to derive (for transaction verifiers)
- controllable difficulty (so as more nodes are added, the difficulty can rise)
- easy to prove (for relaying nodes)
hash algorithms are good here. An algorithm with primes sounds like it would be based around the factorising problem (e.g. as used in RSA) - but the question is how Sunny has designed it to be variable - perhaps the difficulty is set by the length of required prime in bits, and the POW is two primes and a factor that meet the difficulty. This would be very very ASICable compared with scrypt, but I don't think any off the shelf ASIC cores would exist (unlike with SHA256)
Interested to see what Sunny has come up with here.
Will
- hard to derive (for transaction verifiers)
- controllable difficulty (so as more nodes are added, the difficulty can rise)
- easy to prove (for relaying nodes)
hash algorithms are good here. An algorithm with primes sounds like it would be based around the factorising problem (e.g. as used in RSA) - but the question is how Sunny has designed it to be variable - perhaps the difficulty is set by the length of required prime in bits, and the POW is two primes and a factor that meet the difficulty. This would be very very ASICable compared with scrypt, but I don't think any off the shelf ASIC cores would exist (unlike with SHA256)
Interested to see what Sunny has come up with here.
Will
Here is something which might work. It is based on Pratt certificates (see http://en.wikipedia.org/wiki/Pratt_certificate).
Mining process
The miner attempts to find a large prime n which has the following properties:
- The most significant 256 bits are equal to the merkle root
- The prime is large enough to meet the difficulty target
Proof of work
To generate the proof of work, the miner generates a Pratt certificate for their large prime n. Generation of a Pratt certificate is very hard; it requires the factorisation of n - 1, which is requires exponential time in the size of n. Yet it is easy to verify a Pratt certificate; verification is polynomial time in the size of n. For example, factorisation of a 1024 bit integer is about 7 million times as difficult as a 512 bit integer (according to http://en.wikipedia.org/wiki/General_number_field_sieve), yet it is only 16 times as difficult to verify.
This meets the criteria for a useful proof-of-work: hard to generate, easy to verify, adjustable difficulty and incorporates the merkle root.
Mining pools are more complicated to implement, since integer factorisation is not as trivially parallellisable as hashcash. This might explain why the initial client is solo-mine only.
It also has the property of being sensitive to improvements in factorisation algorithms. This makes it somewhat resistant to ASICs, since algorithm improvements may invalidate ASIC designs, so ASIC developers may not wish to take on the risk.
(Edit: linear -> polynomial)
July 03, 2013, 10:46:37 AM
It would be great if we can integrate into the Mersenne prime search, which requires a lot computing powers. This way the miners will do something useful...
http://www.mersenne.org/
http://www.mersenne.org/
It can't use mersenne primes, unless you want only a block per year.
This is not true, one mersenne computation is broken down to many smaller pieces, can be perfectly integrated
July 03, 2013, 10:25:31 AM
Botnets can be used to mine with CPU as much as they can used to mine with GPUs.
Botnets are on computers of non-tech-savvy users, i.e. usually no or crappy GPU.Most "silent miners" offer GPU mining too nowadays.
July 03, 2013, 10:14:29 AM
Hard to get excited about a CPU proof of work coin. How will you defend against botnets ?
Botnets can be used to mine with CPU as much as they can used to mine with GPUs. July 03, 2013, 10:03:53 AM
Hard to get excited about a CPU proof of work coin. How will you defend against botnets ?
July 03, 2013, 09:55:39 AM
I am curious as to why the innovative POW in Primecoin couldn't have been engineered into the the next version of PPcoin. I feel that the chain is still young enough to allow for such major paradigm shifts even if there had to be some massive POS transaction into the new PP(Prime)Coin version.
July 03, 2013, 09:34:51 AM
- Pure proof-of-work, no proof-of-stake (unlike ppcoin), not energy efficient, but with additional potential scientific value derived from proof-of-work energy consumption (energy multiuse)
What kind of scientific value?
I believe he is referring to finding high number prime numbers. Which actually can be quite difficult. Since the spacing of each prime number increases exponentially.
FTFY
July 03, 2013, 09:21:18 AM
- Pure proof-of-work, no proof-of-stake (unlike ppcoin), not energy efficient, but with additional potential scientific value derived from proof-of-work energy consumption (energy multiuse)
What kind of scientific value?
I believe he is referring to finding high number prime numbers. Which actually can be quite difficult. Since the spacing of each prime number increases exponentially.
July 03, 2013, 09:16:38 AM
A alt coin by a respected developer and with a totally unique proof of work scheme, this is going to be huge!
Cause we just neeeeeed more altcoins. Since, there just aren't enough...
We need more innovative alt coins. There have been none since ppc/ nmc in my opinion
Sorry I forgot how innovative DGC and FTC are
How cute, an FTC swipe. You do realize Sunny contributed a little code on the FTC hard fork right? Anyway, back to Primecoin.
I deeply respect Sunny's work and commitment to the community. If more people spent time contributing and less time swiping, we'd be in a far different place. This project is exciting, I'm interested to see what where the community takes this project. +1
July 03, 2013, 08:41:19 AM
It would be great if we can integrate into the Mersenne prime search, which requires a lot computing powers. This way the miners will do something useful...
http://www.mersenne.org/
http://www.mersenne.org/
It can't use mersenne primes, unless you want only a block per year.
July 02, 2013, 08:29:15 PM
Sounds great,most innovative coin the year!
July 02, 2013, 08:17:01 PM
great idea, I like prime numbers, this is the prime number I found: 2232007*2^1490605 - 1, 448724 digits, lol
It would be great if we can integrate into the Mersenne prime search, which requires a lot computing powers. This way the miners will do something useful...http://www.mersenne.org/
July 02, 2013, 08:13:55 PM
great idea, I like prime numbers, this is the prime number I found: 2232007*2^1490605 - 1, 448724 digits, lol
July 02, 2013, 03:24:39 PM
this math is a bit above my head, but maybe this HOL is the way to create proof of work? it looks like it breaks the process of finding primes into smaller "proofs of work"? or is this just a way to find primes faster? maybe the steps leading to finding the prime can be used as pow if each step is recorded.
https://code.google.com/p/hol-light/
https://en.wikipedia.org/wiki/HOL_Light
Still the first thing that comes to mind is rainbow tables(or even a dictionary type attack but with primes instead of passwords). Even if the proof of work gets hashed by the by value of block headers, something like a rainbow table would be a likely exploit. rainbow tables are used to crack wpa2 and probably other encryption too. A rainbow table for primes should work the same way. then the "miner" armed with the rainbow table would not even have to look for primes unless the prime number target to find a block increased to a prime so large it is unkown. difficulty of a prime can only be changed by looking for a larger unknown prime number. adding difficulty through any other method in the blockchain would just encourage a rainbow table type hack.
One way this would "work" and be unhackable / uncheatable is if the blocks are only rewarded upon finding a completely new and unknown prime. This would make the coin VERY scarce, and the difficulty would be absolutely insane, but that would be pretty damn cool though too. Every coin/block awarded would be a breakthrough in prime number math. with the amount of hashing power the btc community has i would not doubt that we could find a large amount of new primes.
If the object was to only find unknown primes, then any advancement that someone makes that would seem like a cheat would actually be a break though in prime number math. Same thing would have applied to folding if there were more incentive. The software that does the research always has room for improvement. Making sure that improvement is legitimate is the real trick.
still , all pokes to the theory aside, i think this coin should be launched. i dont see any harm of it as long as people dont get too crazy about the new coin and use their life saving to buy a bunch of them. ( which probably happens to some poor dude trying to make a dollar every time a new alt comes out). After a first launch of the coin we can just kick back and watch and see if the exploits surface. If they do, well, then you have more knowledge for improving primecoin v2.0.
https://code.google.com/p/hol-light/
https://en.wikipedia.org/wiki/HOL_Light
Still the first thing that comes to mind is rainbow tables(or even a dictionary type attack but with primes instead of passwords). Even if the proof of work gets hashed by the by value of block headers, something like a rainbow table would be a likely exploit. rainbow tables are used to crack wpa2 and probably other encryption too. A rainbow table for primes should work the same way. then the "miner" armed with the rainbow table would not even have to look for primes unless the prime number target to find a block increased to a prime so large it is unkown. difficulty of a prime can only be changed by looking for a larger unknown prime number. adding difficulty through any other method in the blockchain would just encourage a rainbow table type hack.
One way this would "work" and be unhackable / uncheatable is if the blocks are only rewarded upon finding a completely new and unknown prime. This would make the coin VERY scarce, and the difficulty would be absolutely insane, but that would be pretty damn cool though too. Every coin/block awarded would be a breakthrough in prime number math. with the amount of hashing power the btc community has i would not doubt that we could find a large amount of new primes.
If the object was to only find unknown primes, then any advancement that someone makes that would seem like a cheat would actually be a break though in prime number math. Same thing would have applied to folding if there were more incentive. The software that does the research always has room for improvement. Making sure that improvement is legitimate is the real trick.
still , all pokes to the theory aside, i think this coin should be launched. i dont see any harm of it as long as people dont get too crazy about the new coin and use their life saving to buy a bunch of them. ( which probably happens to some poor dude trying to make a dollar every time a new alt comes out). After a first launch of the coin we can just kick back and watch and see if the exploits surface. If they do, well, then you have more knowledge for improving primecoin v2.0.
July 02, 2013, 02:25:25 PM
This sounds great! I'm looking forward to this Optimus Primecoin. Just beware of the Decepticoins.
July 02, 2013, 01:31:19 PM
Does Primecoin PoW fairness assume that the distribution of Prime numbers is random? Hopefully not, because it's not really true: https://en.wikipedia.org/wiki/Prime_number_theorem
July 02, 2013, 10:06:08 AM
untill there is a proven working concept - it is all just a hype. make it happen and then announce how awesome it is.
thank you!
thank you!
Jump to: