Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
MINING CRYPTOCURRENCIES
An evolution and outlook on mining practices
Filip Maertens // @fmaertens // me@filipmaertens.com
A BIT ON ME
- TU/e MSIT master with major in cryptography
- Co-author qualified digital signatures req. (BE)
- Author self...
THE MATH
Yes. The boring stuff. Let’s try and make it easy on the ear.
Inversion problem (1)
F(x = remainder digits 5 – 10 after square root)
x = 3, SQRT(x) = 1,73205080756887, y =
50807
x = 5,...
Basic principle
Need a function that requires more time to
create than to verify it.
Dwork and Naor (1992), square root on...
Inversion problem (2)
Hashing is an ideal function ! It’s one-way,
secure and requires less power to verify than to
create...
Please pay me 1 BTC

Ensure replay or tampering attacks cannot
happen:
- Receiving address
- Cryptographic nonce
- Timesta...
Hashcash principle
Bitcoin is based on second-preimage attacks.
Proof of work mechanism to protect against
spam and Denial...
Difficulty
> 30 trillion attempts to find solutions, every
second!
Individually calculated on timestamp of last
solution, ...
OVERVIEW
Tired yet ? No ? OK, some more things a miner should know.
Two flavours
Hashcash-sha256 :
- SHA-2 based (256 bit)
- Costly creation, cheap verification
- CPU based (processing cost)...
Terminology
Proof of work
Solution-verification  check both the problem
and the found solution (CPU or memory)
Block
Set ...
Learnings
Difficulty levels can drop (in theory).
ASIC miners for hashcash-scrypt won’t
disrupt significantly
Mining is a ...
MINING ?
Minting coins. Wut ?
Before we begin
Mining is calculating solutions to a difficult
mathematical problem (“inversion”) :
- 6 solutions, or bloc...
•

Cryptographic hash functions convert
data to alphanumeric string :
•

Fixed length

•

Nonces is a random number added ...
SOFTWARE
What do you need to mine ?
Required
Operating system
- Linux (yay!)
- Microsoft Windows
Protocol
- getwork protocol (deprecated)
- Stratum protocol (...
HARDWARE
Welcome to the big rat-race game
CPU GPU FGPA ASIC
Application Specific Integrated Circuit = ASIC = Purpose-built
Can only mine hashcash-sha256^2 – nothing...
Increasing computational power

BFL
Feb/13 = 60 Gh/s

HASHFAST
Sep/13 = 400 Gh/s

KNCMINER
Oct/13 = 550 Gh/s
ASIC MANUFACTURERS
Preordering is a risky game – Beware of newcomers
Always asked time-stamped photographic proof
Demand p...
ASIC AND BEYOND (theory)
Quantum computing
D-Wave running at 2.7 kelvin
Forming single-atom quantum bits
Might destroy Bit...
AT A TIPPING POINT
BitFury’s Ghash.io countermeasures
Most powerful mining pool had to ensure it cannot establish a selfis...
THE RAT-RACE GAME
Accumulate enough ASIC power before difficulty goes up or die
ALTERNATIVE VALUE CREATION
switching strategies
MINERS BECOME TRADERS
CFD (“Contract For Difference”) Trading
Buying BTC using shorted BTC/USD profit proceeds
Simple CFD ...
MINERS GO SCRYPT
Explosive growth of hashcash-scrypt(1) based coins
Litecoin (LTC) most popular (often referred to as “sil...
Upcoming SlideShare
Loading in …5
×

On Mining Bitcoins - Fundamentals & Outlooks

1,461 views

Published on

Slides to my talk on Bitcamp Antwerp

Published in: Technology
  • Be the first to comment

On Mining Bitcoins - Fundamentals & Outlooks

  1. 1. MINING CRYPTOCURRENCIES An evolution and outlook on mining practices Filip Maertens // @fmaertens // me@filipmaertens.com
  2. 2. A BIT ON ME - TU/e MSIT master with major in cryptography - Co-author qualified digital signatures req. (BE) - Author self-healing anonymous DHT network - Founder Argus Labs (AI, Context, Sensors)  Love technology and finance
  3. 3. THE MATH Yes. The boring stuff. Let’s try and make it easy on the ear.
  4. 4. Inversion problem (1) F(x = remainder digits 5 – 10 after square root) x = 3, SQRT(x) = 1,73205080756887, y = 50807 x = 5, SQRT(x) = 2,23606797749979, y = 67977 x = 9, SQRT(x) = 3,00000000000000, y = 00000 F(y = 00000) -> x x = 1, y = 00000 ≠ F(x = SQRT(x)) x = 2, y = 00000 ≠ F(x = SQRT(x)) … x = 9, y = 00000 = F(x = SQRT(x))
  5. 5. Basic principle Need a function that requires more time to create than to verify it. Dwork and Naor (1992), square root on thousands of digits long numbers. Impractical. Adam back (1997) hash collisions. Initially finding SHA1(x) == SHA1(y) where x != y ✖ full collision is unfeasible ✔ k-partial collision is doable
  6. 6. Inversion problem (2) Hashing is an ideal function ! It’s one-way, secure and requires less power to verify than to create. SHA256 (“Pay Filip 1 BTC 00001”) = 57ca9f83daba36d98abd0588627535a4c6f6f09b77a3e63b7d5bdd5b0594e4ff Computational too easy. Let’s make it harder by accepting only results that start with a “0” ! SHA256 (“Pay Filip 1 BTC 00014”) = 01fa6ca07d67d4c59c00c2a3caeea75f94b7e549d40c9566f3eb6158e1154793 Took me 14 trials to get a hash that starts with a “0” and was already a bit harder. I had to do some work to obtain the result.
  7. 7. Please pay me 1 BTC Ensure replay or tampering attacks cannot happen: - Receiving address - Cryptographic nonce - Timestamp - Hash of previous block header
  8. 8. Hashcash principle Bitcoin is based on second-preimage attacks. Proof of work mechanism to protect against spam and Denial of Service attacks. For x, find a second preimage x' ≠ x such that h(x) = h(x′) => “Solution” implement the proof-of-work by incrementing a nonce in the block until a value is found that gives the block's hash the required zero bits More zeroes = higher difficulty (0 = 16 fold increase). Today we are at 15 trailing zeroes.
  9. 9. Difficulty > 30 trillion attempts to find solutions, every second! Individually calculated on timestamp of last solution, and distributed collectively. Calculate timestamp(most recent solution) – timestamp(2016 solutions ago) : - Less than 2 weeks - More than 2 weeks = increase difficulty = decrease difficulty
  10. 10. OVERVIEW Tired yet ? No ? OK, some more things a miner should know.
  11. 11. Two flavours Hashcash-sha256 : - SHA-2 based (256 bit) - Costly creation, cheap verification - CPU based (processing cost) Hashcash-scrypt : - PBKDF2 based (1 iteration in 128kb memory) - Cost of creation equals cost of verification - Memory based
  12. 12. Terminology Proof of work Solution-verification  check both the problem and the found solution (CPU or memory) Block Set of recent Bitcoin transactions that have not yet been recorded in any prior blocks Bitcoin = SHA256(SHA256(Block_Header)) Blockchain (Merkle-Tree) Append-only. Each block memorializes what took place immediately before it was created.
  13. 13. Learnings Difficulty levels can drop (in theory). ASIC miners for hashcash-scrypt won’t disrupt significantly Mining is a cost – value tradeoff (find cheap ways to improve value) Hashcash-scrypt is less resistant to centralization issues than hashcashsha256^2 Hashcash-scrypt verification is more costly than hashcash-sha256^2 SHA3 makes ASIC miners become worthless
  14. 14. MINING ? Minting coins. Wut ?
  15. 15. Before we begin Mining is calculating solutions to a difficult mathematical problem (“inversion”) : - 6 solutions, or blocks, found per hour - Currently a block contains 25 BTC - BTC in block reduce by 50% every 210k blocks - Maximum of 21 million (prevents inflation) Single or Pooled Mining : - Cost/reward for solo mining is infeasible - Pooled mining Selfish miner threat : - US$ 1M for 2.6 Ph/s to take over 51% - Ghash.io warning issuance
  16. 16. • Cryptographic hash functions convert data to alphanumeric string : • Fixed length • Nonces is a random number added to data • The miners work to produce a new hash : • • • • Previous hash value Transaction block Nonce User with correct hash value is rewarded Bitcoin (25 BTC, Dec-2012; 12.5 in Sep 2015)
  17. 17. SOFTWARE What do you need to mine ?
  18. 18. Required Operating system - Linux (yay!) - Microsoft Windows Protocol - getwork protocol (deprecated) - Stratum protocol (better pooled mining support) Mining software (my favourites) - cgminer - cpuminer
  19. 19. HARDWARE Welcome to the big rat-race game
  20. 20. CPU GPU FGPA ASIC Application Specific Integrated Circuit = ASIC = Purpose-built Can only mine hashcash-sha256^2 – nothing else Yearly increase in nm efficiency (2014 = 14nm, 2019 = 5nm) BFL/Fasthash = 28nm, KnCMiner Neptune = 20nm
  21. 21. Increasing computational power BFL Feb/13 = 60 Gh/s HASHFAST Sep/13 = 400 Gh/s KNCMINER Oct/13 = 550 Gh/s
  22. 22. ASIC MANUFACTURERS Preordering is a risky game – Beware of newcomers Always asked time-stamped photographic proof Demand pictures of the wafers at the fabs Founders must have background in IC board design Always take delivery delays into account vs. difficulty rise Might kill the ROI of hardware purchase 6 to 9 month waiting times are common (go figure!) Less nm = more power efficient design = better performance New ASIC equipment pushes out previous generations of miners Outdated hardware cannot be “upgraded” + difficulty level increases (!) theoretically heavy investment and power increase might lead to natural centralization
  23. 23. ASIC AND BEYOND (theory) Quantum computing D-Wave running at 2.7 kelvin Forming single-atom quantum bits Might destroy Bitcoin security (elliptic curve cryptography becomes broken) Quantum solves factoring problem but also the discrete logarithm problem Balanced ternary computing More efficient complex computing than binary Too costly to produce only for Bitcoin mining purposes Mass-parallel ASIC computing
  24. 24. AT A TIPPING POINT BitFury’s Ghash.io countermeasures Most powerful mining pool had to ensure it cannot establish a selfish-miner situation ASIC manufacturers need to watch they don’t sell too much to one party Moving from the home/basement to data centers Mining as a service is surfacing (indication of a heavy $$$ CAPEX market) Hobbyists are being flushed out and serious mining operations kick in Speculation is at its core of investment decision making (Winklevoss, Andreesen, …) Direct value is only for manufacturers, not miners Bitcoin mining becomes a lonely place for those with an unfair advantage  Fiat/BTC
  25. 25. THE RAT-RACE GAME Accumulate enough ASIC power before difficulty goes up or die
  26. 26. ALTERNATIVE VALUE CREATION switching strategies
  27. 27. MINERS BECOME TRADERS CFD (“Contract For Difference”) Trading Buying BTC using shorted BTC/USD profit proceeds Simple CFD trading (highly volatile, pump and dump, political, etc.) Emerging of trading platforms Kraken 500Trade Mt.Gox (uh-oh)
  28. 28. MINERS GO SCRYPT Explosive growth of hashcash-scrypt(1) based coins Litecoin (LTC) most popular (often referred to as “silver”) Possible to recycle “old” CPU/GPU mining rigs First ASIC miners are popping up: e.g. Viper Miner (25 Mh/s)

×