From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1UiTqZ-0001tr-4T for bitcoin-development@lists.sourceforge.net; Fri, 31 May 2013 18:14:39 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com designates 74.125.82.53 as permitted sender) client-ip=74.125.82.53; envelope-from=adam.back@gmail.com; helo=mail-wg0-f53.google.com; Received: from mail-wg0-f53.google.com ([74.125.82.53]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1UiTqV-0003BH-95 for bitcoin-development@lists.sourceforge.net; Fri, 31 May 2013 18:14:39 +0000 Received: by mail-wg0-f53.google.com with SMTP id m15so1474832wgh.8 for ; Fri, 31 May 2013 11:14:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent:x-hashcash :x-hashcash:x-hashcash; bh=3XpMKOfnkKxZpDKeWQoSNobZGkaqq73slrYOFqpBxe0=; b=Fh4SyjpiPjXiZ/ppFNdzlEaOth+v5W0assGHJ4cpMKJ54aZQoY6/3jU/FpIHz2Boy0 wINKXHxyvHLvecUMymblmk1GpDRMUwIROrYyptLqIYaHUJkBYP5iaBjOIvY263s8C3f4 JLX2ELA3qVoEvgeRjmNUBtkcOGP80Tiuq8S00PUUkQrwyNhkAZgaAuFcpHi7zTBAxF9h EbHyq9OGtAEcqeRuNIIiv0CnFEDS6YKEmDWm80d0JzoawXVi6fRiakKJqvgqvcYuaXss GLIKAc6eFryO5LJavJrDBifT8zTaixuaum/f/a1k4EdbXwkC6Ph9R88XCm3e3xtEJ7Ak 1xQw== X-Received: by 10.194.157.165 with SMTP id wn5mr10638584wjb.15.1370024069010; Fri, 31 May 2013 11:14:29 -0700 (PDT) Received: from netbook (88-105-4-7.dynamic.dsl.as9105.com. [88.105.4.7]) by mx.google.com with ESMTPSA id h8sm5604635wiz.9.2013.05.31.11.14.27 for (version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 31 May 2013 11:14:28 -0700 (PDT) Received: by netbook (Postfix, from userid 1000) id 2148F2E0725; Fri, 31 May 2013 20:14:26 +0200 (CEST) Received: by flare (hashcash-sendmail, from uid 1000); Fri, 31 May 2013 20:14:24 +0200 Date: Fri, 31 May 2013 20:14:23 +0200 From: Adam Back To: Peter Todd Message-ID: <20130531181423.GA30165@netbook.cypherspace.org> References: <20130527111149.GB8955@tilt> <20130531165445.GA29104@petertodd.org> <20130531165758.GA29135@petertodd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <20130531165758.GA29135@petertodd.org> User-Agent: Mutt/1.5.21 (2010-09-15) X-Hashcash: 1:20:130531:pete@petertodd.org::gk6kQYewOyOWW8De:0000000000000000000 0000000000000000000000000wa+ X-Hashcash: 1:20:130531:bitcoin-development@lists.sourceforge.net::d8uwmkn/+4SUW i0D:000000000000000000002mcJ X-Hashcash: 1:20:130531:adam@cypherspace.org::y6ik3TJ0o3flq8IN:00000000000000000 000000000000000000000000AEm3 X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (adam.back[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1UiTqV-0003BH-95 Cc: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] Decentralizing mining X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 May 2013 18:14:39 -0000 I like this idea a lot. To add: I think it is a bug and security risk if pooled-solo or (current pooled miners) do not add randomness to their extraNonce2 (like 128-bits of it). For privacy and to avoid various hostile-pre-mining attacks it should be done this way. Lack of the self-chosen challenge field is the reason Satoshi's first year mining is marked (plus forgetting to reset the counter). (Bitcoind I believe considered the direct miners key as defense enough as a stand in for self-chosen challenge, which has a few problems). The base counter I think is only 32-bits, the extranonce2 itself being random can be incremented while still looking random. But incrementing extranonce directy while initializing it to 0 is not good (per previous mining extranone marked coins bug - is that even fixed?) (You dont want to reveal the miners power in his pool shares, if the full counter is revealed with no randomness it also reveals how many iterations he can do since the block start). Adam On Fri, May 31, 2013 at 12:57:58PM -0400, Peter Todd wrote: >I just posted the following to bitcointalk. > >https://bitcointalk.org/index.php?topic=221164.0 > > >Right now between two to four running the largest pools control Bitcoin >in the short term. That's a lot of hashing power in the hands of very, >very few people. In addition pools have little incentive to run secure >operations, and many pools have been hacked with their funds stolen. >Those hacks could just have easily been used to attack the network >itself. > >This needs to change. > >Pooled-solo mining is a concept Gregory Maxwell, Luke Dashjr and I were >discussing at the conference two weeks ago. (credit goes to Greg and >Luke; I was mostly just listening) Basically the idea is that miners >with mining equipment run a local Bitcoin node and use that node to >construct the blocks they mine - the same as if they were solo mining. >The pools job is then to only track shares and organize payouts. > >If the pool gets hacked the worst that can happen is miners are ripped >off, rather than Bitcoin itself being attacked. With pooled-solo mining >even a pool with a majority of hashing power wouldn't be able to do much >harm to Bitcoin. (depending on the implementation they may be able to >blacklist specific transactions - the pool needs to know what >transactions are in the share to credit fees properly) > >Tech-wise Luke created getblocktemplate last year as a means to audit >mining pools. I'm sure Greg and Luke can explain the nitty gritty >details better than I can, but essentially the plan is to take >getblocktemplate and extend it as required for pooled-solo mining. This >will include pool and miner software initially, and later improvements >to GUIs and what not to make the whole process easier. > > >With the success of my recent video project I also want to make this >Keep Bitcoin Free's next project, specifically funding a developer >(likely Luke) to make this happen. Additionally once software is written >and easily usable a good follow-up would be a video and other media to >promote the idea to miners. No guarantees we'll be able to come up with >commercially competitive remuneration, but we can at least come up with >a "Thank you" tip. But first lets discuss the technical requirements to >get an idea of what the scope is. > > >Finally, for the record, a big part of the reason why myself and other >Keep Bitcoin Free supporters are interested in doing this is very much >to take power over the direction of the network from big pools and put >it into the hands of thousands of individual miners. It's much easier to >convince people that changes to Bitcoin, like increasing the blocksize, >are directly impacting decentralization when individual miners are >seeing that happen to themselves. > >-- >'peter'[:-1]@petertodd.org >00000000000000c14fa7031b2431ab32785efdf1e5aaecc83555ee52a2fc550b >------------------------------------------------------------------------------ >Get 100% visibility into Java/.NET code with AppDynamics Lite >It's a free troubleshooting tool designed for production >Get down to code-level detail for bottlenecks, with <2% overhead. >Download for free and get started troubleshooting in minutes. >http://p.sf.net/sfu/appdyn_d2d_ap2 >_______________________________________________ >Bitcoin-development mailing list >Bitcoin-development@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/bitcoin-development