Task of Bitcoin Mining

Task of Bitcoin Miners

• We already know that Bitcoin relies crucially on
mining.
• But who are the miners?
• How did they get into this?
• How do they operate?
• What's the business model like for miners?
• What impact do they have on the environment?
 Task of Bitcoin Miners
• Until now we have seen that Bitcoin depends on
miners to:
– store and broadcast the blockchain
– validate the transactions
– depending on their hash power they will be able to insert
new blocks and earn some reward
 Task of the Bitcoin miners
• Steps necessary to become a miner:
1. join the network, listen for Bitcoin transactions and validate the correct ones
2. listen for new blocks, maintain the blockchain. When a new block is
proposed, validate it.
3. start assembling new valid blocks with new transactions.
4. Find a nonce suitable to win the mathematical competition against other
miners. It is necessary to work really hard to find a nonce that will make the
block valid. This is the step which is more difficult from the computational
point of view.
5. Hope that the new block is accepted by the other miners. It is necessary that
the following blocks are attached to the new one in order to be considered
valid.
6. Get profit! If the block is accepted the profit will correspond to the Bitcoin
released during block creation and the transaction fees
• So, miners useful activity is to validate the transactions and blocks. The
race for block creation and the consequent reward are just an incentive
for miners to do this validation.
 Bitcoin Block Construction
• Add high priority transactions:
– Every transaction transmitted in the Bitcoin network is sent to as many
nodes as possible.
– The nodes validate each transaction and add it to a transaction pool.
– Each transaction is then prioritized depending on the size of the
transaction(in kb), its age (the amount of time a transaction has not
been picked up by any block) and the value of the input (in simple
terms it is the amount of bitcoins as input).
– The first 50 kb (out of a total 1 MB) are reserved for high priority
transactions.
– This ensures that eventually every transaction is picked up by the
network and is part of a block.
– Transactions do not have a time-out and hence eventually the
transaction is ‘old-enough’ that it becomes part of a valid block.
 An Example for Proof of Work
• Need to find out the hash value such that it starts with one ‘0’ and our
data is the string ‘Make America Great Again’.
• Apply an incremental approach of adding nonce by the value 1.
• We start by initializing the nonce to 1.
• The SHA-256 ( nonce + input string) = SHA-256 (1Make America Great
Again) does not start with zero.
• So increment the nonce by 1. Finally, 20th attempt we find the hash value
such that it starts with zero.
• The SHA-256 input is ‘20Make America Great Again’.
• The number of zeroes that the output has to start with is known as the
‘Difficulty’.
• Now the goal is readjusted such that it is to find hash starting with 2
leading zeros.
 An Example for Proof of Work
• It is achieved when nonce is 120.
• By adding one unit of difficulty (i.e one additional zero) the
time taken is increased exponentially.
• If the goal is to have 4 leading zeros then the first such
occurrence is only when nonce = 69817.
• This is called as the Proof of Work.
• Once the solution is found out then the node immediately
sends the information (data + nonce) to all nodes and each
can immediately verify and in a distributed consensus agree
that it was the winning node and hence award it with the
newly created Bitcoins.
An Example for Proof of Work
An Example for Proof of Work
 Proof of Work — Steps
• Collect transactions from the transaction pool and build a complete block
such that its size does not exceed 1 MB.
• Calculate the hash by applying SHA-256 twice to the Block header
(Version + Previous Block Hash + Merkle Root + Timestamp + Difficulty
Bits + Nonce)
• Compare the result of Step # 2 with the expected number of zeros. If not
matched then increment the nonce by 1 and go back to Step # 1.
• Technically speaking the hash value is compared with a target.
• The target is a very large number and known to every bitcoin client. For
the block to be accepted, the hash value has to be less than the target.
• Keep comparing the result such that the hash is less than target i.e. the
hash has the expected number of leading zeros.
 Proof of Work — Steps
• Once miner finds a winning block then send it to all participating nodes.
• Once all agree then the node which calculated the winning block is
rewarded with newly created Bitcoins.
• Winning block is first checked by each node individually for a long
checklist of items.
• If a miner is adding, 10,000 bitcoins in coinbase transaction, immediately
rejected by all.
• As time progresses, more high computational nodes join (or may even
drop out of) the network.
• Puzzle can be solved much faster and block creation time is reduced.
• Block creation time is set to 10 minutes and this can never change.
• After a fixed time approximately 2 weeks or exactly 2016 blocks the
difficulty is re-adjusted.
• Increase in difficulty means target decreases.
• If nodes receive 2 blocks at the same time then the one for which more
computation power was used (i.e. had higher difficulty) is selected.
 Proof of Work — Steps
• Ever since the difficulty has been increasing, the current difficulty of
the Bitcoin network can be found here.
• The hash of the genesis block (Block height = 0) has 10 leading
zeros, the block with height = 32,000 has 9 and it further reduces to
8 leading zeros for block with height = 32,256.
• However these were the initial days with very few users.
• Since last 3 years, the difficulty has been increasing constantly and
dip in difficulty is very minor.
• The current difficulty is between 17 to 19 zeros.
• It takes a huge computing power to calculate the nonce.
• If nodes receive 2 blocks at the same time then the one for which
more computation power was used (i.e had higher difficulty) is
selected.
 Genesis Block
Number Of Transactions 1
Output Total 50 BTC
Estimated Transaction Volume 0 BTC
Transaction Fees 0 BTC
Height 0 (Main Chain)

The very first block is Timestamp 2009-01-03 18:15:05

called as genesis block Received Time 2009-01-03 18:15:05

and its contents are Relayed By Unknown

always hardcoded. Difficulty 1

Bits 486604799
Size 0.285 kB
Weight 0.896 kWU
Version 1
Nonce 2083236893
Block Reward 50 BTC

https://docs.blockcollider.org/docs/the-genesis-block
 Process to find a new valid block
• Recall that there are two hash-based data structures:
– Blockchain: each block header points to the previous block
header.
– Merkle tree: inside every block there are transactions
organized within this binary hash tree
 Process to find a valid block
(Miners need to…)
• Assemble some new transactions heard from the network in a Merkle Tree
• Create a block with the right header pointing to the last valid block
inserted
• Start searching over the nonce field and try to find a block header with a
hash that starts with the required number of zeros.
• The miners try to change this 32-bit nonce every time to obtain hashes
that don't satisfy the desired condition. If a miner tries every possible 32-
bit nonce doesn't obtain an hash with the required format, he can try to
modify the extra-nonce. This corresponds to the output index of the
coinbase transaction.
• Since this transaction creates new coins, doesn't refer to an output of a
previous transaction. When this parameter is changed, the hash of the
entire Merkle Tree changes, too. So, changing the extra-nonce is more
computationally expensive than changing the nonce itself.
• Eventually, the miner is able to find the correct nonce before the others
competitors, and can broadcast the block on the network.
 Block hashing algorithm…
• Bitcoin mining uses the hashcash proof of work function
• Hashcash algorithm requires a service string, a nonce, and a counter.
• In bitcoin the service string is encoded in the block header data structure,
and includes a version field, the hash of the previous block, the root hash
of the merkle tree of all transactions in the block, the current time, and
the difficulty.
• Bitcoin stores the nonce in the extraNonce field which is part of the
coinbase transaction, which is stored as the left most leaf node in the
merkle tree.
• The counter parameter is small at 32-bits so each time it wraps the
extraNonce field must be incremented (or otherwise changed) to avoid
repeating work.
• When mining bitcoin, the hashcash algorithm repeatedly hashes the
block header while incrementing the counter & extraNonce fields.
• Incrementing the extraNonce field entails recomputing the merkle tree,
as the coinbase transaction is the left most leaf node.
• The block is also occasionally updated as you are working on it.
Process to find a valid block

Extra nonce
Process to find a valid block

Extra nonce
 Difficulty
• Difficulty depends on the number of zeros that the hash must begin with
to be considered valid.
• E.g., the 256-hash must begin with at least 64 bits of zeros.
• Current difficulty is equal to 266.2, which is an incredibly higher number.

• Difficulty is changed every two weeks based on how efficient the miners
were over the previous two weeks.
• To compute the new difficulty simply compute the ratio between two
weeks and the amount of time that it took the miners to find the previous
2016 blocks.
• Then the ratio is multiplied by the previous difficulty.
 Difficulty
• This is a scaling to keep valid a constant property. The constant property is
the amount of time needed to find a new block, which is 10 minutes.

• Over time the mining difficulty keeps increasing. It's not a steady linear
increase or an exponential increase.
• How many new miners are getting into the game, which may be affected
by the current exchange rate of Bitcoin.
• But generally more and more hash power comes online.
• More people are hashing, blocks are found faster, and the difficulty is
adjusted up, so that it again takes ten minutes to find blocks.
 Difficulty
A step function of difficulty over two months
 Mining hardware
• Hash function details: Hash function used for Bitcoin
is SHA-256:
– it's a general purpose cryptographic hash function, part of
a bigger family of functions that was standardized in 2001
– it was designed by the NSA
– it's a fairly strong hash function.
– It's not broken cryptographically, although there are some
theoretical weaknesses that are starting to show up.
– As a result, the SHA-3 family it's the new standard, but was
not available when Bitcoin was designed.
 SHA-256
• A high level overview of SHA-256 to understand the problem that needs to
be solved by the miners.
– 256-bit state is split up in eight 32-bit words
– In each round some of these words are taken.
– There are four different tweaks applied on them at bit-level that
correspond to logic operations (bit shift, permutation, addition, ...).
– Then a number of words in the state are taken and added together
mod 32.
– The result of all these additions is wired over to the first word of the
state and the entire state shifts over
– The steps 1-4 correspond to one round of SHA-256, the operation is
repeated for 80 iterations.
– In each iteration slightly different constants are applied, so that every
reiteration isn't exactly the same as the previous ones.
SHA-256
 Mining hardware in the early days
• Task of miners is to compute specific SHA-256 function as fast
as possible.
• Able to deal with 32-bits words, 32-bit addition and some
bitwise logic.
• Hardware used for mining has changed over the years:
– First generation of mining - CPU
– Second generation of mining - GPU
 Mining hardware
• CPU:
– When Bitcoin was proposed, general purpose computers
where used.
– With a high-end desktop PC, it is possible to compute
around 224 hashes per second (139,461 years), which
correspond to around 20 MegaHertz.
– With the actual difficulty it would take over a hundred
thousand years to find a block.
– Miners simply searched over nonces in a linear fashion,
computed SHA 256 in software and checked if the result
was a valid block.
 Mining hardware in the early days
• CPU mining pseudocode.
TARGET = (65535 << 208) / DIFFICULTY;
coinbase_nonce = 0;
while (1) {
header = makeBlockHeader(transactions, coinbase_nonce);
for (header_nonce = 0; header_nonce < (1 << 32); header_nonce++){
if (SHA256(SHA256(makeBlock(header, header_nonce))) <
TARGET)
break; //block found!
}
coinbase_nonce++;
}
• Notice in the code that as we mentioned, SHA‐256 is applied twice.
Mining hardware
• How fast will this run on a general purpose computer?
– On a high‐end desktop PC you might expect to compute about 20
million hashes per second (MH/s).
– At that speed, it would take you several hundred thousand years on
average at the early‐2015 difficulty level (267 ) to find a valid block.
– We weren’t kidding when we said mining was going to be a difficult
slog!
– If you're mining on a general purpose PC today, CPU mining is no
longer profitable with the current difficulty.
– For the last few years, anyone trying to mine on a CPU probably
doesn’t understand how Bitcoin works and was probably pretty
disappointed that they never made any money doing it.
 Mining hardware (GPU)
• Every modern PC has a GPU built‐in to support high performance graphics.
• Designed to have high throughput and also high parallelism.
• Bitcoin mining can be parallelized by computing multiple hashes at the same time
with different nonces.
• In 2010, a language called Open Computing Language(OpenCL) was released.
• OpenCL (2010) is a general purpose language, paved the way for mining on GPUs.
• It's a high level‐language and over time people have used it to run many types of
computation more quickly on graphics cards.
• Mining with graphics cards had several attractive properties at the time.
• Most accessible high‐end hardware available to the general public.
• They have some properties that make them specifically good for Bitcoin mining.
• Designed for parallelism so they have many Arithmetic Logic Units (ALUs) that can
be used for simultaneous SHA‐256 computations.
• Some GPUs also have specific instructions to do bitwise operations that are quite
useful for SHA‐256.
 Mining hardware in the early days
• Most graphics cards can also be overclocked – can run them faster than they're
actually designed for if one might want to take on the risk that they might
overheat or malfunction, a property gamers have demanded for years.
• With Bitcoin mining, it might be profitable to run the chip much faster than it was
designed for even if you induce a few errors by doing so.
• E.g., one can run a graphics card 50 percent faster but doing so will cause errors in
the SHA‐256 computation to 30 percent of the time.
• If an invalid solution is erroneously declared valid by the graphics card —
something that would happen rarely — always double‐check it on your CPU.
• Speed increase from overclocking can overcome the decrease in output due to
errors.
• In the above example, the throughput is 1.5x compared to not overclocking,
whereas the success rate is 0.7x.
• The product is 1.05, which means overclocking increases your expected profits by
5%.
• People have spent considerable time optimizing exactly how much they should
overclock a given chip to maximize profits.
 Advanced mining hardware
• After 2011, miners started to use more specific and advanced
hardware: FPGA (Field Programmable Gate Arrays)
– FPGA have hardware like performances, but let the owner of the
card customize it.
– So they are faster than GPU and it's easier to set up FPGA racks
since less cooling is necessary.
– But Bitcoin mining requires to make FPGAs work harder than
what they were designed for.
– So there was a lot of malfunctioning and they were less
accessible for common people.
– Best solutions using FPGA let the miners reach 1 GigaHertz.
– With today difficulty, it would still take around 25 years to find a
new block.
 Advanced mining hardware
• ASIC (Application Specific Integrated Circuits): Chips designed and build
from scratch to do nothing except mining Bitcoins.
• In the last few years many companies started to produce ASICs and there
are a lot of choices when a miner decides to buy one.
• There are models with different cost, computing power, energy
consumption and shipping times.
• An ASIC as the one below is able to compute 2 TeraHash per second.
• So it's 1000 times faster than an hypothetical array of 100 really good
FPGA. It now costs around 3000$.
• Even with this incredible performances are still necessary 14 months to
find a new block.
• Due to the cost and the dynamics to buy them, it is very difficult for a
small miner to go online in a profitable way.
 Today : Professional mining
• Today mining has mostly moved away from individuals and
toward professional mining centers.
• Exact details about how these centers operate are not very
well known because companies want to protect their setups
to maintain a competitive advantage.
• Presumably, these operations maintain profitability by buying
slightly newer and more efficient ASICs than are available for
general sale at a bulk discount.
• Next slide, we see a picture of a professional mining center in
the Republic of Georgia.
BitFury mining center - a professional
mining center in the republic of Georgia
 Future???
• So a couple of questions for the future are:
– Are small miners out of BitCoin mining forever?
– Is there any way to start as a small miner in this game?
– Does the existence of these ASICs and these large mining
centers go against the original vision of Satoshi Nakamoto,
which was to have every individual in the network being a
miner running on their own computer?