Professional Documents
Culture Documents
https://docs.blockcollider.org/docs/the-genesis-block
Process to find a new valid block
• Recall that there are two hash-based data structures:
– Blockchain: each block header points to the previous block
header.
– Merkle tree: inside every block there are transactions
organized within this binary hash tree
Process to find a valid block
(Miners need to…)
• Assemble some new transactions heard from the network in a Merkle Tree
• Create a block with the right header pointing to the last valid block
inserted
• Start searching over the nonce field and try to find a block header with a
hash that starts with the required number of zeros.
• The miners try to change this 32-bit nonce every time to obtain hashes
that don't satisfy the desired condition. If a miner tries every possible 32-
bit nonce doesn't obtain an hash with the required format, he can try to
modify the extra-nonce. This corresponds to the output index of the
coinbase transaction.
• Since this transaction creates new coins, doesn't refer to an output of a
previous transaction. When this parameter is changed, the hash of the
entire Merkle Tree changes, too. So, changing the extra-nonce is more
computationally expensive than changing the nonce itself.
• Eventually, the miner is able to find the correct nonce before the others
competitors, and can broadcast the block on the network.
Block hashing algorithm…
• Bitcoin mining uses the hashcash proof of work function
• Hashcash algorithm requires a service string, a nonce, and a counter.
• In bitcoin the service string is encoded in the block header data structure,
and includes a version field, the hash of the previous block, the root hash
of the merkle tree of all transactions in the block, the current time, and
the difficulty.
• Bitcoin stores the nonce in the extraNonce field which is part of the
coinbase transaction, which is stored as the left most leaf node in the
merkle tree.
• The counter parameter is small at 32-bits so each time it wraps the
extraNonce field must be incremented (or otherwise changed) to avoid
repeating work.
• When mining bitcoin, the hashcash algorithm repeatedly hashes the
block header while incrementing the counter & extraNonce fields.
• Incrementing the extraNonce field entails recomputing the merkle tree,
as the coinbase transaction is the left most leaf node.
• The block is also occasionally updated as you are working on it.
Process to find a valid block
Extra nonce
Process to find a valid block
Extra nonce
Difficulty
• Difficulty depends on the number of zeros that the hash must begin with
to be considered valid.
• E.g., the 256-hash must begin with at least 64 bits of zeros.
• Current difficulty is equal to 266.2, which is an incredibly higher number.
• Difficulty is changed every two weeks based on how efficient the miners
were over the previous two weeks.
• To compute the new difficulty simply compute the ratio between two
weeks and the amount of time that it took the miners to find the previous
2016 blocks.
• Then the ratio is multiplied by the previous difficulty.
Difficulty
• This is a scaling to keep valid a constant property. The constant property is
the amount of time needed to find a new block, which is 10 minutes.
• Over time the mining difficulty keeps increasing. It's not a steady linear
increase or an exponential increase.
• How many new miners are getting into the game, which may be affected
by the current exchange rate of Bitcoin.
• But generally more and more hash power comes online.
• More people are hashing, blocks are found faster, and the difficulty is
adjusted up, so that it again takes ten minutes to find blocks.
Difficulty
A step function of difficulty over two months
Mining hardware
• Hash function details: Hash function used for Bitcoin
is SHA-256:
– it's a general purpose cryptographic hash function, part of
a bigger family of functions that was standardized in 2001
– it was designed by the NSA
– it's a fairly strong hash function.
– It's not broken cryptographically, although there are some
theoretical weaknesses that are starting to show up.
– As a result, the SHA-3 family it's the new standard, but was
not available when Bitcoin was designed.
SHA-256
• A high level overview of SHA-256 to understand the problem that needs to
be solved by the miners.
– 256-bit state is split up in eight 32-bit words
– In each round some of these words are taken.
– There are four different tweaks applied on them at bit-level that
correspond to logic operations (bit shift, permutation, addition, ...).
– Then a number of words in the state are taken and added together
mod 32.
– The result of all these additions is wired over to the first word of the
state and the entire state shifts over
– The steps 1-4 correspond to one round of SHA-256, the operation is
repeated for 80 iterations.
– In each iteration slightly different constants are applied, so that every
reiteration isn't exactly the same as the previous ones.
SHA-256
Mining hardware in the early days
• Task of miners is to compute specific SHA-256 function as fast
as possible.
• Able to deal with 32-bits words, 32-bit addition and some
bitwise logic.
• Hardware used for mining has changed over the years:
– First generation of mining - CPU
– Second generation of mining - GPU
Mining hardware
• CPU:
– When Bitcoin was proposed, general purpose computers
where used.
– With a high-end desktop PC, it is possible to compute
around 224 hashes per second (139,461 years), which
correspond to around 20 MegaHertz.
– With the actual difficulty it would take over a hundred
thousand years to find a block.
– Miners simply searched over nonces in a linear fashion,
computed SHA 256 in software and checked if the result
was a valid block.
Mining hardware in the early days
• CPU mining pseudocode.
TARGET = (65535 << 208) / DIFFICULTY;
coinbase_nonce = 0;
while (1) {
header = makeBlockHeader(transactions, coinbase_nonce);
for (header_nonce = 0; header_nonce < (1 << 32); header_nonce++){
if (SHA256(SHA256(makeBlock(header, header_nonce))) <
TARGET)
break; //block found!
}
coinbase_nonce++;
}
• Notice in the code that as we mentioned, SHA‐256 is applied twice.
Mining hardware
• How fast will this run on a general purpose computer?
– On a high‐end desktop PC you might expect to compute about 20
million hashes per second (MH/s).
– At that speed, it would take you several hundred thousand years on
average at the early‐2015 difficulty level (267 ) to find a valid block.
– We weren’t kidding when we said mining was going to be a difficult
slog!
– If you're mining on a general purpose PC today, CPU mining is no
longer profitable with the current difficulty.
– For the last few years, anyone trying to mine on a CPU probably
doesn’t understand how Bitcoin works and was probably pretty
disappointed that they never made any money doing it.
Mining hardware (GPU)
• Every modern PC has a GPU built‐in to support high performance graphics.
• Designed to have high throughput and also high parallelism.
• Bitcoin mining can be parallelized by computing multiple hashes at the same time
with different nonces.
• In 2010, a language called Open Computing Language(OpenCL) was released.
• OpenCL (2010) is a general purpose language, paved the way for mining on GPUs.
• It's a high level‐language and over time people have used it to run many types of
computation more quickly on graphics cards.
• Mining with graphics cards had several attractive properties at the time.
• Most accessible high‐end hardware available to the general public.
• They have some properties that make them specifically good for Bitcoin mining.
• Designed for parallelism so they have many Arithmetic Logic Units (ALUs) that can
be used for simultaneous SHA‐256 computations.
• Some GPUs also have specific instructions to do bitwise operations that are quite
useful for SHA‐256.
Mining hardware in the early days
• Most graphics cards can also be overclocked – can run them faster than they're
actually designed for if one might want to take on the risk that they might
overheat or malfunction, a property gamers have demanded for years.
• With Bitcoin mining, it might be profitable to run the chip much faster than it was
designed for even if you induce a few errors by doing so.
• E.g., one can run a graphics card 50 percent faster but doing so will cause errors in
the SHA‐256 computation to 30 percent of the time.
• If an invalid solution is erroneously declared valid by the graphics card —
something that would happen rarely — always double‐check it on your CPU.
• Speed increase from overclocking can overcome the decrease in output due to
errors.
• In the above example, the throughput is 1.5x compared to not overclocking,
whereas the success rate is 0.7x.
• The product is 1.05, which means overclocking increases your expected profits by
5%.
• People have spent considerable time optimizing exactly how much they should
overclock a given chip to maximize profits.
Advanced mining hardware
• After 2011, miners started to use more specific and advanced
hardware: FPGA (Field Programmable Gate Arrays)
– FPGA have hardware like performances, but let the owner of the
card customize it.
– So they are faster than GPU and it's easier to set up FPGA racks
since less cooling is necessary.
– But Bitcoin mining requires to make FPGAs work harder than
what they were designed for.
– So there was a lot of malfunctioning and they were less
accessible for common people.
– Best solutions using FPGA let the miners reach 1 GigaHertz.
– With today difficulty, it would still take around 25 years to find a
new block.
Advanced mining hardware
• ASIC (Application Specific Integrated Circuits): Chips designed and build
from scratch to do nothing except mining Bitcoins.
• In the last few years many companies started to produce ASICs and there
are a lot of choices when a miner decides to buy one.
• There are models with different cost, computing power, energy
consumption and shipping times.
• An ASIC as the one below is able to compute 2 TeraHash per second.
• So it's 1000 times faster than an hypothetical array of 100 really good
FPGA. It now costs around 3000$.
• Even with this incredible performances are still necessary 14 months to
find a new block.
• Due to the cost and the dynamics to buy them, it is very difficult for a
small miner to go online in a profitable way.
Today : Professional mining
• Today mining has mostly moved away from individuals and
toward professional mining centers.
• Exact details about how these centers operate are not very
well known because companies want to protect their setups
to maintain a competitive advantage.
• Presumably, these operations maintain profitability by buying
slightly newer and more efficient ASICs than are available for
general sale at a bulk discount.
• Next slide, we see a picture of a professional mining center in
the Republic of Georgia.
BitFury mining center - a professional
mining center in the republic of Georgia
Future???
• So a couple of questions for the future are:
– Are small miners out of BitCoin mining forever?
– Is there any way to start as a small miner in this game?
– Does the existence of these ASICs and these large mining
centers go against the original vision of Satoshi Nakamoto,
which was to have every individual in the network being a
miner running on their own computer?