more memory intensive algorithm, Percival's "scrypt" password based key derivation function1. Many
implementations set the scrypt arguments to low memory requirements, defeating much ofthe purpose of
the key derivation algorithm. While changing to a new algorithm, coupled with the relative obscurity of the
various scryptbased cryptocurrencies allowed for a delay, scrypt optimized ASICs are now available.
Similar attempts at variations or multiple heterogeneous hash functions can at best only delay ASIC
implementations.
“ASIC抗性”的初始尝试包括改变比特币的sha256算法,用不一样的,更多的内存密集型算法,Percival's "scrypt" password based key derivation function。许多实现都将脚本参数设置为低内存要求,这大大破坏了密钥派生算法的目的。在改用新算法的同时,再加上各类以scrypt为基础的加密货币的相对朦胧可能致使延迟,并且scrypt优化的ASIC如今已经上市。相似的变化尝试或多个异构散列函数最多只能延迟ASIC实现。
Leveraging shared data sets to create I/O bound proofs
利用共享数据集建立I / O限制证实
"A supercomputer is a device for turning compute-bound problems into I/O-bound problems."
-Ken Batcher
“超级计算机是将计算受限问题转化为I / O约束问题的一种设备。”
Ken Batcher
Instead, an algorithm will have little room to be sped up by new hardware if it acts in a way that commodity computer systems are already optimized for.
相反,若是一种算法以商品计算机系统已经优化的方式运行,那么算法将没有多少空间能够被新硬件加速。
Since I/O bounds are what decades ofcomputing research has gone towards solving, it's unlikely that the relatively small motivation ofmining a few coins would be able to advance the state ofthe art in cache hierarchies. In the case that advances are made, they will be likely to impact the entire industry of computer hardware.
因为I / O界限是几十年来计算研究已经解决的问题,挖掘一些加密货币的相对较小的动机将不可能提升缓存层次结构的艺术水平。 在取得进展的状况下,可能会影响整个计算机硬件产业。
Fortuitously, all nodes participating in current implementations ofcryptocurrency have a large set of mutually agreed upon data; indeed this “blockchain” is the foundation ofthe currency. Using this large data set can both limit the advantage ofspecialized hardware, and require working nodes to have the entire data set.
幸运的是,参与当前加密货币实施的全部节点都有大量相互赞成的数据;实际上,“区块链”是货币的基础。 使用这个大数据集既能够限制专用硬件的优势,又可让工做节点拥有整个数据集。
Hashimoto is based offBitcoin’s proofofwork2. In Bitcoin’s case, as in Hashimoto, a successful
proofsatisfies the following inequality:
Hashimoto是基于比特币的工做量证实。 在比特币的状况下,和Hashimoto同样,一个成功的证实知足如下不等式:
hash_output < target
For bitcoin, the hash_output is determined by
在比特币中, hash_output是由下面决定的。
hash_output = sha256(prev_hash, merkle_root, nonce)
where prev_hash is the previous block’s hash and cannot be changed. The merkle_root is based on the transactions included in the block, and will be different for each individual node. The nonce is rapidly incremented as hash_outputs are calculated and do not satisfy the inequality. Thus the bottleneck of the proofis the sha256 function, and increasing the speed ofsha256 or parallelizing it is something ASICs can do very effectively.
prev_hash是前一个区块的hash值,并且不能更改。merkle_root是基于区块中的交易生成的,而且对于每一个单独的节点将是不一样的。咱们经过修改nonce的值来让上面的不等式成立。这样整个工做量证实的瓶颈在于sha256方法,并且经过ASIC能够极大增长sha256的计算速度,或者并行的运行它。
Hashimoto uses this hash output as a starting point, which is used to generated inputs for a second hash function. We call the original hash hash_output_A, and the final result of the prooffinal_output.
Hashimoto使用这个hash_output做为一个起点,用来生成第二个hash函数的输入。咱们称原始的hash为hash_output_A, 最终的结果为 prooffinal_output.
Hash_output_A can be used to select many transactions from the shared blockchain, which are then used as inputs to the second hash. Instead of organizing transactions into blocks, for this purpose it is simpler to organize all transactions sequentially. For example, the 47th transaction of the 815th block might be termed transaction 141,918. We will use 64 transactions, though higher and lower numbers could work, with different access properties. We define the following functions:
hash_output_a可用于从共享区块链中选择多个事务,而后将其用做第二个散列的输入。 而不是组织交易成块,为此目的是顺序组织全部交易更简单。 例如,第815个区块的第47个交易可能被称为交易141,918。 咱们将使用64个交易,尽管更高和更低的数字能够工做,具备不一样的访问属性。 咱们定义如下功能:
- nonce 64bits. A new nonce is created for each attempt.
- get_txid(T) return the txid (a hash ofa transaction) of transaction number T from block B.
- block_height the current height ofthe block chain, which increases at each new block
- nonce 64bits. 每次尝试会生成一个新的nonce值.
- get_txid(T) 从block B中经过交易序号来获取交易id
- block_height 当前的区块高度
Hashimoto chooses transactions by doing the following:
Hashimoto 经过下面的算法来挑选交易:
hash_output_A = sha256(prev_hash, merkle_root, nonce)
for i = 0 to 63 do
shifted_A = hash_output_A >> i
transaction = shifted_A mod total_transactions
txid[i] = get_txid(transaction) << i
end for
txid_mix = txid[0] ⊕ txid[1] … ⊕ txid[63]
final_output = txid_mix ⊕ (nonce << 192)
The target is then compared with final_output, and smaller values are accepted as proofs.
若是 final_output 比 target小,那么就会被接受。node