Proof-of-Work & Bitcoin

Similar documents
What is Proof of Work?

Smalltalk 3/30/15. The Mathematics of Bitcoin Brian Heinold

Computer Security. 14. Blockchain & Bitcoin. Paul Krzyzanowski. Rutgers University. Spring 2019

P2P BitCoin: Technical details

Problem: Equivocation!

Bitcoin Mining. A high-level technical introduction. Konstantinos Karasavvas

Ergo platform: from prototypes to a survivable cryptocurrency

Blockchain. CS 240: Computing Systems and Concurrency Lecture 20. Marco Canini

Burstcoin Technical information about mining and block forging

Bitcoin (and why it uses SO much energy)

ENEE 457: E-Cash and Bitcoin

Bitcoin. CS6450: Distributed Systems Lecture 20 Ryan Stutsman

Bitcoin (Part I) Ken Calvert Keeping Current Seminar 22 January Keeping Current 1

Bitcoin and Blockchain

Introduction to Bitcoin I

Bitcoin, a decentralized and trustless protocol

Ergo platform. Dmitry Meshkov

CS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University

Biomedical and Healthcare Applications for Blockchain. Tiffany J. Callahan Computational Bioscience Program Hunter/Kahn Labs

Ergo platform overview

As a 3rd generation currency, not only are transactions secured, private and fast, you actually get paid for holding DigitalPrice coins.

ICS 421 & ICS 690. Bitcoin & Blockchain. Assoc. Prof. Lipyeow Lim Information & Computer Sciences Department University of Hawai`i at Mānoa

Consensus & Blockchain

Chapter 13. Digital Cash. Information Security/System Security p. 570/626

The Blockchain. Josh Vorick

How Bitcoin achieves Decentralization. How Bitcoin achieves Decentralization

University of Duisburg-Essen Bismarckstr Duisburg Germany HOW BITCOIN WORKS. Matthäus Wander. June 29, 2011

Security Analysis of Bitcoin. Dibyojyoti Mukherjee Jaswant Katragadda Yashwant Gazula

Security (and finale) Dan Ports, CSEP 552

EECS 498 Introduction to Distributed Systems

Bitcoin, Security for Cloud & Big Data

About cryptocurrencies and blockchains part 1. Jyväskylä 17th of April 2018 Henri Heinonen

Bitcoin/Namecoin/*coin: On Bitcoin like protocols and their relation to other IT-Security issues

A Gentle Introduction To Bitcoin Mining

CS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University

Introduction to Cryptocurrency Ecosystem. By Raj Thimmiah

Biomedical Security. Cipher Block Chaining and Applications

Who wants to be a millionaire? A class in creating your own cryptocurrency

Bruno Pujos. January 14, 2015

Technical White Paper of. MOAC Mother of All Chains. June 8 th, 2017

SpaceMint Overcoming Bitcoin s waste of energy

Hacking Deterministic Bitcoin Addresses. Michael McKinnon

Introduction to Cryptoeconomics

Matt Howard and Ajay Patel CIS 556: Cryptography University of Pennsylvania Fall DriveCoin: A Proof of Space Cryptocurrency

Ensimag - 4MMSR Network Security Student Seminar. Bitcoin: A peer-to-peer Electronic Cash System Satoshi Nakamoto

Biomedical Security. Some Security News 10/5/2018. Erwin M. Bakker

Brown University. Yana Hrytsenko. Final Project: Blockchain for PKI: Using Blockchain data structure for Public Key. Infrastructure.

Jan Møller Co-founder, CTO Chainalysis

An (Almost) Constant-Effort Solution-Verification. Proof-of-Work Protocol based on Merkle Trees. Fabien Coelho

A HASH-CASH BASED MUSIC STREAMING PAYMENT SYSTEM. Timothy Chen San Jose State University Fall 2014

Crypto tricks: Proof of work, Hash chaining

A Lightweight Blockchain Consensus Protocol

Adapting Blockchain Technology for Scientific Computing. Wei Li

Adapting Blockchain Technology for Scientific Computing. Wei Li

Darkcoin: Peer to Peer Crypto Currency with Anonymous Blockchain Transactions and an Improved Proof of Work System

Blockchain Bitcoin & Ethereum

ILCOIN White Paper. In ILCOIN We Trust ILCOIN

GENESIS VISION NETWORK

CONSENSUS PROTOCOLS & BLOCKCHAINS. Techruption Lecture March 16 th, 2017 Maarten Everts (TNO & University of Twente)

Ethereum. Campbell R. Harvey* Duke University and NBER. Ashwin Ramachandran Duke University. Brent Xu ConsenSys. Innovation and Cryptoventures

Let's build a blockchain!

Applied cryptography

Proof-of-Stake Protocol v3.0

The game If you listen very carefully during the first 4 cards (or use the cheat sheet) you will get an advantage on the last 5 cards

Introduce A mobile and decentral Proof-of-Transaction crypto coin

Cube Chain Technical White Paper

TOPPERCASH TOPPERCASH WHITEPAPER REFORM THE BEST OF BLOCKCHAIN

Fruitchains: A Fair Blockchain?

Whitepaper Rcoin Global

EVALUATION OF PROOF OF WORK (POW) BLOCKCHAINS SECURITY NETWORK ON SELFISH MINING

Blockchain as cryptanalytic tool

Anupam Datta CMU. Fall 2015

Bitcoin Transaction Fee Estimation Using Mempool State and Linear Perceptron Machine Learning Algorithm

Digital Currencies: Algorithms and Protocols

SCP: A Computationally Scalable Byzantine Consensus Protocol for Blockchains

Key Security Issues for implementation of Digital Currency, including ITU-T SG17 activities

The nuts and bolts of blockchain technology

Technical White Paper. Cube Engine Version 1.0

SmartPool: practical decentralized pool mining. Loi Luu, Yaron Velner, Jason Teutsch, and Prateek Saxena August 18, 2017

ASIC Clouds: Specializing the Datacenter

BLOCKCHAIN Blockchains and Transactions Part II A Deeper Dive

BITCOIN PROTOCOL & CONSENSUS: A HIGH LEVEL OVERVIEW

BYZANTINE CONSENSUS THROUGH BITCOIN S PROOF- OF-WORK

Peer-to-Peer Systems and Distributed Hash Tables

CS 251: Bitcoin and Crypto Currencies Fall 2015

BITCOIN MINING IN A SAT FRAMEWORK

This tutorial is aimed to give you a crisp understanding of the process of building your own blockchain.

Bitcoin a Peer-to-Peer payment solution

QUADCORECHAIN. White Paper ver.1

Bitcoin. Arni Par ov. December 17, 2013

Blockchains & Cryptocurrencies

BITCOIN MECHANICS AND OPTIMIZATIONS. Max Fang Philip Hayes

TZC MINING - STAKING & WALLET CONFIGURATION. PoW & PoS basics

Hyperledger fabric: towards scalable blockchain for business

CRUDE COINS.

Proof-of-Work Proves Not To Work

Bitcoin. Tom Anderson

DEV. Deviant Coin, Innovative Anonymity. A PoS/Masternode cr yptocurrency developed with POS proof of stake.

STELLITE A MODERN, SECURE AND DECENTRALIZED CRYPTOCURRENCY. JAN 2018 WHITE PAPER STELLITE WHITE PAPER 1

Blockchain Certification Protocol (BCP)

Transcription:

CS 220: Introduction to Parallel Computing Proof-of-Work & Bitcoin Lecture 19

Bitcoin: Mining for Heat https://qz.com/1117836/bitcoin-mining-heatshomes-for-free-in-siberia/ 4/25/18 CS 220: Parallel Computing 2

Today s Agenda Proof-of-work Bitcoin Project 3 tips 4/25/18 CS 220: Parallel Computing 3

Today s Agenda Proof-of-work Bitcoin Project 3 tips 4/25/18 CS 220: Parallel Computing 4

Proof-of-Work Proof-of-work (POW) systems help prevent DDoS attacks and other types of spamming Also useful in cryptocurrencies Give up some of your time (or computational power) to legitimize an action/object 4/25/18 CS 220: Parallel Computing 5

Shell Money Sea shells were used for thousands of years as legal tender It takes time to collect shells, carve them, etc. In some cases, the shells were woven into fabric/leather The currency itself reflected the time it took to be made, and therefore determined its value Different groups used different shells/designs Only carry value because we say so 4/25/18 CS 220: Parallel Computing 6

CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart CAPTCHAs are basically proof-of-work systems for humans So in other words, POW is an annoying, time consuming task for your computer to do just in the interest of proving it s not spamming/ddosing Luckily computers don t get annoyed as easily as we do 4/25/18 CS 220: Parallel Computing 7

Pricing Functions POW systems use pricing functions to give the computer a workout A pricing function f has the following requirements: f is moderately easy to compute f has a consistent computational cost given x and y, it is easy to determine if y = f(x) (Much easier than computing f(x)) Dwork C., Naor M. Pricing via Processing or Combatting Junk Mail. 4/25/18 CS 220: Parallel Computing 8

Hash Inversions (1/2) A common pricing function is having the computer perform hash inversions What was the input that produced this hash code? A hash function takes data of any size and maps it to a fixed size: Hello world! à ed076287532e86365e841e92bfc50d8c Blah blah blah blah blah blah à cd647e323da9f2fc2dac4800a37661f1 4/25/18 CS 220: Parallel Computing 9

Hash Inversions (2/2) So, a hash inversion is trying to get a specific output from the hash function Hash inversions are tough to compute (assuming a cryptographic hash function) After all, they re designed to be one way functions But any time we map an infinite set of inputs to a finite set of numbers (hash space), this is feasible 4/25/18 CS 220: Parallel Computing 10

HashCash: Preventing Spam The core technology behind BitCoin was developed as an anti-spam technique You ll spend some time performing hash inversions to prove you re not a spammer No big deal for us regular users, but spammers trying to send billions of messages will be slowed down! The result of your computation is included in an email header and verified on the receiving end 4/25/18 CS 220: Parallel Computing 11

An Example (1/2) Let s send an email and prove we re not a spammer. Our mission is to find a hash with four leading zeros Start out with what we want to send: Hello World! We also need to append a nonce Number used only once We increase this with each hash attempt This will change our output hash each iteration 4/25/18 CS 220: Parallel Computing 12

An Example (2/2) This approach allows us to eventually find our matching hash, but has a weakness We can precompute the hashes and re-use them later We also need some type of identifier for this particular transaction Maybe a centralized service hands out transaction IDs We could use the current time, as long as we can assume clocks are reasonably synced up 4/25/18 CS 220: Parallel Computing 13

Pseudocode Pricing Function while True: nonce = nonce + 1 string = message + str(nonce) hash = sha1(string) if prefix(hash) == '0000': # Send message with hash break 4/25/18 CS 220: Parallel Computing 14

Pseudocode - Verification if sha1(msg.payload) == msg.hash: # Valid Whew! That was tough! # (You could also verify the # transaction id or timestamp here) 4/25/18 CS 220: Parallel Computing 15

Varying the Difficulty To change the difficulty, we ll just adjust the number of zeros we want Note: the difficulty won t increase linearly Approaches: Perform a bitwise comparison rather than string (allows more precision) Have the sender perform multiple inversions (maybe message1 + another nonce) 4/25/18 CS 220: Parallel Computing 16

Why Hashcash Works Even heavy email users only send a few hundred emails per day Spammers want to send millions/billions This is going to cost a lot of CPU time Additionally, sending an email with no header or an incorrect header will incur steep penalties Too many incorrect headers? Ban the IP Best of all, we don t have to start paying for email 4/25/18 CS 220: Parallel Computing 17

Why it Doesn t Work (1/2) Back in 1992 when Hashcash was invented, we didn t have such a huge variety of computing hardware Smartphones, tablets, refrigerators, etc. This makes coming up with the right difficulty for the challenge difficult. The power of computing hardware isn t distributed uniformly across the Earth Hash inversions are amenable to parallelism and custom hardware 4/25/18 CS 220: Parallel Computing 18

Why it Doesn t Work (2/2) Spammers could adopt similar hardware to that of Bitcoin miners GPUs, ASICs Depends on cost vs. benefit Related: cloud instances. Computing is so cheap! Since email is decentralized, you can t force everyone to use this new standard Would actually be easier nowadays (get Google and Microsoft on board, and you re just about done) 4/25/18 CS 220: Parallel Computing 19

Today s Agenda Proof-of-work Bitcoin Project 3 tips 4/25/18 CS 220: Parallel Computing 20

Bitcoin Value: Last Semester 4/25/18 CS 220: Parallel Computing 21

Bitcoin Value: Now 4/25/18 CS 220: Parallel Computing 22

As of Now 1 BTC = 8911.89 USD Gone up $3000 since last semester! 215,980 transactions per day ~17m bitcoins in circulation See: http://blockchain.info 4/25/18 CS 220: Parallel Computing 23

Blockchain The Bitcoin blockchain is a decentralized database of Bitcoin transactions Each block in the chain includes the hash of the previous block Starts with the genesis block When a transaction occurs, it is added to the current block and will be verified by miners 4/25/18 CS 220: Parallel Computing 24

Blocks A block is a list of transactions with some metadata Magic number (4 bytes) = 0xD9B4BEF9 Block size (4 bytes) Block header Transaction counter Transaction data 4/25/18 CS 220: Parallel Computing 25

Block Headers Version Hash of the previous block This makes tampering with the chain difficult Current hash of the transactions in the block Timestamp (last update) Difficulty Nonce 4/25/18 CS 220: Parallel Computing 26

Mining Bitcoin Bitcoin uses the Hashcash algorithm for a different purpose: mining coins Mining means verifying a block of transactions Finding the nonce (aka solution) Miners, who are the basis of transaction verification, are paid in new bitcoins and transaction fees The reward of new bitcoins is halved every 210,000 blocks (~4 years) Monetary supply limited to 21m bitcoins 4/25/18 CS 220: Parallel Computing 27

Verification In bitcoin, the difficulty of the challenge is varied to keep the network chugging along Once all 21m bitcoins are created, miners will be rewarded for verification via transaction fees only What is the cost vs. benefit of mining these coins? Electricity vs. the size of the reward Lots of companies now build power-efficient hardware specifically for mining 4/25/18 CS 220: Parallel Computing 28

Pooled Mining As difficulty goes up, the chances of a single miner verifying a block goes down To combat this, pools of miners formed Pools divide up the work (nonces) among participants Rewarded with a share of new bitcoins based on how much work was done Less wasted effort, but less reward 4/25/18 CS 220: Parallel Computing 29

Moral Issues We are consuming massive amounts of fossil fuels to produce fake money Production is only hard because we make it so Mining hardware gets bought up and then discarded once we move to harder hash inversions Some Useful Proof-of-Work systems try to do beneficial work Finding prime numbers (Primecoin) Protein folding (Curecoin) 4/25/18 CS 220: Parallel Computing 30

Today s Agenda Proof-of-work Bitcoin Project 3 tips 4/25/18 CS 220: Parallel Computing 31

Project 3 In this assignment, we ll look at the mining aspect of bitcoin Given a block of data (in our case, just a string), we ll find the nonce that satisfies a given difficulty Number of zeros at the front of the hash string We ll implement a parallel mining approach with the producer-consumer paradigm 4/25/18 CS 220: Parallel Computing 32

Producer-Consumer We ll distinguish between two types of threads in this assignment: Producer main thread Consumers worker threads The main thread generates tasks Arrays of nonces to append to the block data & hash Each array of tasks will be placed in a staging area (called task_pointer) The size of these arrays is something you will experiment with The consumers pick up a task and perform the hash inversions, checking the number of zeros at the start of the hash 4/25/18 CS 220: Parallel Computing 33

What You ll Implement The mining function is given to you already, as well as a working sha1 hash function You will: 1. Implement variable difficulty (the user can specify how many zeros they want to find) 2. Use condition variables instead of simply busy waiting for tasks 3. When a solution is found, tell other threads to stop 4. Print out timing info / statistics 4/25/18 CS 220: Parallel Computing 34

Setting Specific Bits Let s say I asked you to set the 3 rd bit in a bit field How would you accomplish this? bit_field = bit_field (0x1 << 3) 4/25/18 CS 220: Parallel Computing 35

Setting Difficulty We can extend this approach to adjust the difficulty of our bitcoin miner We ll just need to find out how many bits we need to to set to 1 Then, loop until all the bits are set 4/25/18 CS 220: Parallel Computing 36

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback