Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

Successfully reported this slideshow.

Like this presentation? Why not share!

1,461 views

Published on

Slides to my talk on Bitcamp Antwerp

Published in:
Technology

No Downloads

Total views

1,461

On SlideShare

0

From Embeds

0

Number of Embeds

3

Shares

0

Downloads

21

Comments

0

Likes

3

No embeds

No notes for slide

- 1. MINING CRYPTOCURRENCIES An evolution and outlook on mining practices Filip Maertens // @fmaertens // me@filipmaertens.com
- 2. A BIT ON ME - TU/e MSIT master with major in cryptography - Co-author qualified digital signatures req. (BE) - Author self-healing anonymous DHT network - Founder Argus Labs (AI, Context, Sensors) Love technology and finance
- 3. THE MATH Yes. The boring stuff. Let’s try and make it easy on the ear.
- 4. Inversion problem (1) F(x = remainder digits 5 – 10 after square root) x = 3, SQRT(x) = 1,73205080756887, y = 50807 x = 5, SQRT(x) = 2,23606797749979, y = 67977 x = 9, SQRT(x) = 3,00000000000000, y = 00000 F(y = 00000) -> x x = 1, y = 00000 ≠ F(x = SQRT(x)) x = 2, y = 00000 ≠ F(x = SQRT(x)) … x = 9, y = 00000 = F(x = SQRT(x))
- 5. Basic principle Need a function that requires more time to create than to verify it. Dwork and Naor (1992), square root on thousands of digits long numbers. Impractical. Adam back (1997) hash collisions. Initially finding SHA1(x) == SHA1(y) where x != y ✖ full collision is unfeasible ✔ k-partial collision is doable
- 6. Inversion problem (2) Hashing is an ideal function ! It’s one-way, secure and requires less power to verify than to create. SHA256 (“Pay Filip 1 BTC 00001”) = 57ca9f83daba36d98abd0588627535a4c6f6f09b77a3e63b7d5bdd5b0594e4ff Computational too easy. Let’s make it harder by accepting only results that start with a “0” ! SHA256 (“Pay Filip 1 BTC 00014”) = 01fa6ca07d67d4c59c00c2a3caeea75f94b7e549d40c9566f3eb6158e1154793 Took me 14 trials to get a hash that starts with a “0” and was already a bit harder. I had to do some work to obtain the result.
- 7. Please pay me 1 BTC Ensure replay or tampering attacks cannot happen: - Receiving address - Cryptographic nonce - Timestamp - Hash of previous block header
- 8. Hashcash principle Bitcoin is based on second-preimage attacks. Proof of work mechanism to protect against spam and Denial of Service attacks. For x, find a second preimage x' ≠ x such that h(x) = h(x′) => “Solution” implement the proof-of-work by incrementing a nonce in the block until a value is found that gives the block's hash the required zero bits More zeroes = higher difficulty (0 = 16 fold increase). Today we are at 15 trailing zeroes.
- 9. Difficulty > 30 trillion attempts to find solutions, every second! Individually calculated on timestamp of last solution, and distributed collectively. Calculate timestamp(most recent solution) – timestamp(2016 solutions ago) : - Less than 2 weeks - More than 2 weeks = increase difficulty = decrease difficulty
- 10. OVERVIEW Tired yet ? No ? OK, some more things a miner should know.
- 11. Two flavours Hashcash-sha256 : - SHA-2 based (256 bit) - Costly creation, cheap verification - CPU based (processing cost) Hashcash-scrypt : - PBKDF2 based (1 iteration in 128kb memory) - Cost of creation equals cost of verification - Memory based
- 12. Terminology Proof of work Solution-verification check both the problem and the found solution (CPU or memory) Block Set of recent Bitcoin transactions that have not yet been recorded in any prior blocks Bitcoin = SHA256(SHA256(Block_Header)) Blockchain (Merkle-Tree) Append-only. Each block memorializes what took place immediately before it was created.
- 13. Learnings Difficulty levels can drop (in theory). ASIC miners for hashcash-scrypt won’t disrupt significantly Mining is a cost – value tradeoff (find cheap ways to improve value) Hashcash-scrypt is less resistant to centralization issues than hashcashsha256^2 Hashcash-scrypt verification is more costly than hashcash-sha256^2 SHA3 makes ASIC miners become worthless
- 14. MINING ? Minting coins. Wut ?
- 15. Before we begin Mining is calculating solutions to a difficult mathematical problem (“inversion”) : - 6 solutions, or blocks, found per hour - Currently a block contains 25 BTC - BTC in block reduce by 50% every 210k blocks - Maximum of 21 million (prevents inflation) Single or Pooled Mining : - Cost/reward for solo mining is infeasible - Pooled mining Selfish miner threat : - US$ 1M for 2.6 Ph/s to take over 51% - Ghash.io warning issuance
- 16. • Cryptographic hash functions convert data to alphanumeric string : • Fixed length • Nonces is a random number added to data • The miners work to produce a new hash : • • • • Previous hash value Transaction block Nonce User with correct hash value is rewarded Bitcoin (25 BTC, Dec-2012; 12.5 in Sep 2015)
- 17. SOFTWARE What do you need to mine ?
- 18. Required Operating system - Linux (yay!) - Microsoft Windows Protocol - getwork protocol (deprecated) - Stratum protocol (better pooled mining support) Mining software (my favourites) - cgminer - cpuminer
- 19. HARDWARE Welcome to the big rat-race game
- 20. CPU GPU FGPA ASIC Application Specific Integrated Circuit = ASIC = Purpose-built Can only mine hashcash-sha256^2 – nothing else Yearly increase in nm efficiency (2014 = 14nm, 2019 = 5nm) BFL/Fasthash = 28nm, KnCMiner Neptune = 20nm
- 21. Increasing computational power BFL Feb/13 = 60 Gh/s HASHFAST Sep/13 = 400 Gh/s KNCMINER Oct/13 = 550 Gh/s
- 22. ASIC MANUFACTURERS Preordering is a risky game – Beware of newcomers Always asked time-stamped photographic proof Demand pictures of the wafers at the fabs Founders must have background in IC board design Always take delivery delays into account vs. difficulty rise Might kill the ROI of hardware purchase 6 to 9 month waiting times are common (go figure!) Less nm = more power efficient design = better performance New ASIC equipment pushes out previous generations of miners Outdated hardware cannot be “upgraded” + difficulty level increases (!) theoretically heavy investment and power increase might lead to natural centralization
- 23. ASIC AND BEYOND (theory) Quantum computing D-Wave running at 2.7 kelvin Forming single-atom quantum bits Might destroy Bitcoin security (elliptic curve cryptography becomes broken) Quantum solves factoring problem but also the discrete logarithm problem Balanced ternary computing More efficient complex computing than binary Too costly to produce only for Bitcoin mining purposes Mass-parallel ASIC computing
- 24. AT A TIPPING POINT BitFury’s Ghash.io countermeasures Most powerful mining pool had to ensure it cannot establish a selfish-miner situation ASIC manufacturers need to watch they don’t sell too much to one party Moving from the home/basement to data centers Mining as a service is surfacing (indication of a heavy $$$ CAPEX market) Hobbyists are being flushed out and serious mining operations kick in Speculation is at its core of investment decision making (Winklevoss, Andreesen, …) Direct value is only for manufacturers, not miners Bitcoin mining becomes a lonely place for those with an unfair advantage Fiat/BTC
- 25. THE RAT-RACE GAME Accumulate enough ASIC power before difficulty goes up or die
- 26. ALTERNATIVE VALUE CREATION switching strategies
- 27. MINERS BECOME TRADERS CFD (“Contract For Difference”) Trading Buying BTC using shorted BTC/USD profit proceeds Simple CFD trading (highly volatile, pump and dump, political, etc.) Emerging of trading platforms Kraken 500Trade Mt.Gox (uh-oh)
- 28. MINERS GO SCRYPT Explosive growth of hashcash-scrypt(1) based coins Litecoin (LTC) most popular (often referred to as “silver”) Possible to recycle “old” CPU/GPU mining rigs First ASIC miners are popping up: e.g. Viper Miner (25 Mh/s)

No public clipboards found for this slide

Be the first to comment