Blockchain mining: how it works

In early January, the Chinese government ordered the “army of bitcoin miners” of the country, which generate 3/4 of the entire world cryptocurrency, to stop working. One of the main reasons for this decision was the too high amount of energy consumed by mining farms - now securing Bitcoin blockchain and coin mining takes about 0.2% of all global energy consumption.

Today we’ll talk about why mining consumes such an amount of energy, why it is needed and how it is sold. We will talk about the hashing algorithm (SHA-256) and why miners “ask for help” from the pools. / image Cindy Shebley CC

What is mining for?

Mining is often considered a way to create new bitcoins, but this is not entirely true. The main task of mining is to ensure consensus is reached on which transactions are considered valid in order to prevent one of the network participants from spending coins already used in another transaction.

To do this, miners solve complex mathematical problems on their equipment and consume electricity, and in return receive a reward in the form of bitcoins (and transaction processing fees), which is an incentive to protect the blockchain further (now the network issues 12.5 bitcoins for each block ).

What is the work of miners

Miners are engaged in the fact that they select a hash value that would be suitable for transactions in the block and allow to obtain a secret key. The desired hash is formed on the basis of the hash of the previous block, a random number (nonce) and the sum of transaction hashes over the past 10 minutes. Moreover, it must satisfy the conditions of the system: correspond to the declared mining complexity (Difficulty) and be less than the target complexity (Target) - it determines the number of zero bits at the beginning of the desired hash.

To calculate the complexity of the hash, you can use the algorithm with expansion into a modified Taylor series, which is given on the bitcoinwiki page :

``````#include
#include
inline float fast_log(float val)
{
int * const exp_ptr = reinterpret_cast (&val);
int x = *exp_ptr;
const int log_2 = ((x >> 23) & 255) - 128;
x &= ~(255 << 23);
x += 127 << 23;
*exp_ptr = x;
val = ((-1.0f/3) * val + 2) * val - 2.0f/3;
return ((val + log_2) * 0.69314718f);
}
float difficulty(unsigned int bits)
{
static double max_body = fast_log(0x00ffff), scaland = fast_log(256);
return exp(max_body - fast_log(bits & 0x00ffffff) + scaland * (0x1d - ((bits & 0xff000000) >> 24)));
}
int main()
{
std::cout << difficulty(0x1b0404cb) << std::endl;
return 0;
}
``````

At the time of writing, the complexity of the blockchain network is : 2874674234415.941, however, this parameter is recalculated every 2016 blocks. It increases or decreases to maintain the average block creation speed (approximately 6 pieces per hour).

SHA-256

The SHA-256 algorithm is chosen as a tool for hashing in the bitcoin blockchain. Next, we will look at one of his rounds.

/ Round SHA-256 for eight input words / Wikimedia / kockmeyer / CC

Suppose that eight words are input to the algorithm, denote them A, B, C ... H. The function Ma performs bitwise operations with the words A, B and C - if most received values ​​of zeros, it will also return zero, otherwise - one.

Block Σ0 shifts the word A three times: by 2, 13, and 22 bits, and the generated values ​​are added up bit by bit with the operation xor. Block Σ1 works similarly - shifts are performed on 6, 11 and 25 bits.

Block Ch is a function to select the resulting bit based on the bits in E. If the input value is one, then the corresponding bit of the word F will be output, otherwise, the bit of the word G.

The red squares in the diagram are 32-bit addition blocks that generate new values ​​for A and E. The whole cycle is repeated 64 times, after which the information is securely encrypted.

To illustrate the hash calculation process, here is a Python code that generates a hash of the words “Bl0Ckchain” and “blockchain”:

``````import itertools
from hashlib import sha256
# Представляем входные данные в порядке от младшего к старшему
to_long = lambda x: sum(ord(b) << (8*i) for i, b in enumerate(x))
# На практике обычно используется двоичное представление nonce фиксированной длины;
# строки здесь - для большей наглядности. При использовании строк
# разделитель (":") обязателен, иначе PoW можно использовать
# повторно.
combine = lambda nonce, msg: str(nonce) + ":" + msg
def verify_pow(msg, nonce, difficulty):
h = sha256(combine(nonce, msg)).digest()
def create_pow(msg, difficulty):
for nonce in itertools.count(0):
if verify_pow(msg, nonce, difficulty): return nonce
def print_pow(msg, nonce):
print combine(nonce, msg), sha256(combine(nonce, msg)).hexdigest()
#----------------------------------------------------
msg = "Bl0Ckchain"
nonce = create_pow(msg, 16)
print_pow(msg, nonce)
# 6571:Bl0Ckchain 0000d087d242930aaf6ac5a790ae8d8ece6b502cdb70ba07c1168738b253d279
assert verify_pow(msg, nonce, 16)
msg = "blockchain"
nonce = create_pow(msg, 16)
print_pow(msg, nonce)
# 43952:blockchain 000027b5022f88d2da21bd2802268966050f5a0b031058ce4562939c13727303
assert verify_pow(msg, nonce, 16)
# Количество проделанной работы лишь статически близко к (1 << difficulty),
# для конкретных сообщений возможны отклонения
msg = "Bl0Ckchain"
nonce = create_pow(msg, 16)
print_pow(msg, nonce)
# 6571:Bl0Ckchain 0000d087d242930aaf6ac5a790ae8d8ece6b502cdb70ba07c1168738b253d279
assert verify_pow(msg, nonce, 16)
``````

But checking the created hashes is very fast, even if it took a lot of resources to create them:

``````msg = "blockchain"
nonce = 5263268363
print_pow(msg, nonce)
# 5263268363:blockchain 000000007cf39dfc8fccae534b39b5f362c16891abca02d0e7b1dbd5a129ee17
assert verify_pow(msg, nonce, 32)
``````

The result of applying the SHA-256 function is considered to be irreversible, so the miners select the “target” hash using brute force.

Since the Bitcoin protocol uses double hashing, the task of miners is to find the second inverse image of the hash x '(having the first inverse image x of the hash y, where y = H (x)), which would satisfy the condition y = H (x'). However, in order to simplify the task, miners are only looking for a partial prototype - H (x) / 2 ^ (nk) = 0. Here n is the “size” of the result (n = 256 bits for SHA256), and k is the factor responsible for the number of zeros in the resulting hash. For example, k = 20 will require about one million attempts.

Thus, miners change the nonce parameter in the block header and consider the hash until the complexity conditions are met. When the goal is reached, the block is added to the chain.

Mining - joint efforts of network members

The complexity of the block solution is extremely high. Now, miners in the bitcoin network carry out about 20 million teraheshes per second, and this figure is growing. For comparison, one video card produces about 30 mega-caches per second. Also on his blog, engineer Ken Shirriff tried to solve a block with a pen and paper - his achievement was even more modest (0.67 hashes per day).

/ The number of teraheshes per second, according to blockchain.info

Due to the increased (and constantly growing) complexity, it is difficult for miners to solve blocks alone. Therefore, they are combined in pools, where they share the work of solving the block and the reward. Pools issue tasks to miners and monitor the amount of work done. The greater the contribution the miner made to the decision of the block, the greater the share of the award he will receive.

To assess the percentage of work done, the pool asks the miners to send information on finding partial solutions. For example, if a Bitcoin blockchain requires a block hash to have 15 zeros, the pool may ask you to send it results with 10 zeros as proof of work. This is millions of times easier and the miner will receive such a solution several times per hour.

Special protocols are responsible for organizing the interaction of the pool and miners. For example, the protocol Stratum  (there is still Getwork , Getblocktemplate and others), which is used by most pools. On his blog, Ken Shirrif gives a code sent by the pool when a task is issued, which contains all the necessary information to start working on the block.

When the block is resolved, the pool generates an appropriate transaction for the award, approves the header and verifies the block. If the block was decided by a miner who was outside the pool, the service gives the participants a new task. In this case, miners do not receive a reward for hash selection.

At its core, bitcoin mining resembles a kind of “arms race”. At the very beginning, people mined cryptocurrency using a CPU, then the CPU power became insufficient, and the industry switched to GPU and specialized ASIC equipment .

Note that increasing the complexity of computing, in addition to regulating the number of bitcoins issued, acts as a defense against attacks on the blockchain. If mining using personal computers on a large-scale network is profitable, it will be easier for attackers to find equipment for attack. The need to invest in “iron” is a limiting factor and an additional protective mechanism.

But such a link to technology and the "real world" has its drawbacks. As already noted, mining is a fairly “costly” activity in terms of energy consumption. Today bitcoin blokcheyn consumes 48 terawatts / hour per year, with 30-40% of the energy goes to cool chips.

However, it is believed that the amount of energy consumed will begin to decline gradually after 2020, when the next decrease in the block reward will occur, since mining will become less profitable. In this case, an effective way to motivate miners to continue to protect information on the blockchain is to increase revenue from transaction processing fees.

And for this, it is important to continue to increase public interest in the ecosystem of blockchain technologies. This will allow in the future to use Bitcoin blockchain as a kind of “arbiter” for permissioned blockchains and sidechains , which will create a new generation financial system.

We offer you some more materials about the work of blockchains from our blog: