From: John Hardy <john@seebitcoin.com>
To: "bitcoin-dev@lists.linuxfoundation.org"
<bitcoin-dev@lists.linuxfoundation.org>
Subject: [bitcoin-dev] Proof of Nodework (PoNW) - a method to trustlessly reward nodes for storing and verifying the blockchain
Date: Tue, 7 Feb 2017 11:27:55 +0000 [thread overview]
Message-ID: <BL2PR03MB435AA04A0AB8AC0E7781CA7EE430@BL2PR03MB435.namprd03.prod.outlook.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 5045 bytes --]
Proof of Nodework (PoNW) is a way to reward individual nodes for keeping a full copy of and verifying the blockchain.
Hopefully they also do useful ‘traditional’ node activities too like relay transactions and blocks, but there isn’t really any way I can think of to trustlessly verify this also.
PoNW would require a new separate area of block space, a nodeblock, purely concerned with administering the system. A nodeblock is committed to a block as with SegWit. A recent history of nodeblocks needs to be stored by nodes, however the data eventually becomes obsolete and so does not need to be retained forever.
In order to prevent Sybil, a node must register an Bitcoin address by submitting an addNode transaction - along with a security deposit to prevent cheating.
This transaction will be stored in the nodeblock. Once a node can see that its addNode transaction has been added it can begin the PoNW process. The node’s registered address will be hashed with the block header of the block it wants to work on. This will determine exactly where within the blockchain to begin the PoNW.
The PoNW method could be as simple as creating a Merkle tree from the randomly generated point on the blockchain, though a method that is CPU/Memory heavy and less likely to be replaced by dedicated hardware like ASICs would be better. This process could not begin until the most recent block has been fully verified, and while being carried out should still enable normal relay activities to proceed as normal, since it shouldn’t tie up network at all. The data processed should also be mixed with data from the latest block so that it cannot be computed in advance.
A node can do as much PoNW for a block as it likes. Once finished it will then create a nodeWorkComplete transaction for that block with its final proof value, add how much ‘work’ it did - and create a couple of assertions about what it processed (such as there were x number of pieces of data matching a particular value during calculating). These assertions can be accurate or inaccurate.
The system will run in epochs. During each epoch of say 2016 blocks, there will be an extended window for PoNW transactions to be added to nodeblocks to limit minor censorship.
The random hash generated from a node’s address and blockhash will also be used to determine nodeWorkComplete transactions from a previous block that the node must also verify, and correctly calculate whether the assertions it made were true or false. The average PoNW that a node performed in its previous x nodeblocks will be used to determine the target PoNW for the node to verify - and this will randomly be a large number of smaller PoNW transactions, or a smaller number of large PoNW. This process will be deterministic based on that block and address hash. All the data will be put together in a transaction and then signed by the node addresses private key.
If a nodeWorkComplete transaction contains any incorrect information in an attempt to cheat the validation process a challenge transaction can be created. This begins a refereeing process where other nodes check the challenge and vote whether it is to be upheld or not. The losing node is punished by losing their accrued PoNW for that epoch and a percentage of their security deposit.
Nodes will also be punished if they broadcast more than one signed transaction per block.
In order to prevent nodes from having multiple keys registered - which would enable them choose to perform PoNW on a subset of the data that they hold - the share of reward that the node gets will be multiplied based on the number of blocks within an epoch that the node performs PoNW on. The share of reward is limited based on how much security deposit has been staked. The higher the PoNW the higher the deposit needed in order to claim their full allocation of any reward.
At the end of an epoch, with a wait period for any delayed or censored transactions or challenges to be included and settled up, the process of calculating the reward each node is due can begin. This will then be then paid in a regular block, and means for all the data involved in PoNW, the only permanent mark it makes on the main blockchain is for a transaction that pays all addresses their share of the reward at the end of epoch. Any miner who creates a block without correctly calculating and paying the due reward will have mined an invalid block and be orphaned.
The question of where and how much the reward comes from is a different one. It could come from the existing miner reward, or a special new tx donation fee for nodes. If there was some way for users to ‘donate’ to the reward pool for nodes this would increase the incentive for additional nodes to participate on the network in the event of centralisation.
This is a relatively effective way to create a reward for all nodes participating on a network. I’d be keen to field any questions or critiques.
Thanks,
John Hardy
john@seebitcoin.com
[-- Attachment #2: Type: text/html, Size: 8971 bytes --]
next reply other threads:[~2017-02-07 11:27 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-07 11:27 John Hardy [this message]
2017-02-12 20:22 ` [bitcoin-dev] Proof of Nodework (PoNW) - a method to trustlessly reward nodes for storing and verifying the blockchain Sergio Demian Lerner
2017-02-13 11:58 ` John Hardy
2017-02-13 14:48 ` Sergio Demian Lerner
2017-02-14 18:44 ` Aymeric Vitte
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BL2PR03MB435AA04A0AB8AC0E7781CA7EE430@BL2PR03MB435.namprd03.prod.outlook.com \
--to=john@seebitcoin.com \
--cc=bitcoin-dev@lists.linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox