Proof of work - lottery approachWhy is POW/POS absolutely necessary to run public distributed ledger?Hashcash proof of work bitcoin sha256Bitcoin Proof of work puzzle inconsistencygroup proof of workWhy have proof of work?The “work” in proof of workDifference between Hashcash proof of work algorithm and Ethash proof of work algorithm?Proof of Work: email versus bitcoinSecurity via Proof - of - WorkHow does proof of work inspire trust when the work is just guessing?

Could the UK amend the European Withdrawal Act and revoke the Article 50 invocation?

Stolen MacBook should I worry about my data?

Group riding etiquette

Recommended Breathing Exercises to Play Woodwinds

view is not fixed completely regardless of vewpoint

A first "Hangman" game in Python

Alternatives to Network Backup

Why didn't Doc believe Marty was from the future?

Talk interpreter

Are (c#) dictionaries an Anti Pattern?

Looking for a plural noun related to ‘fulcrum’ or ‘pivot’ that denotes multiple things as crucial to success

Why did James Cameron decide to give Alita big eyes?

What to do about my 1-month-old boy peeing through diapers?

Half filled water bottle

Can an object tethered to a spaceship be pulled out of event horizon?

Why this brute force attack doesn't reduce all cryptographic hash functions' security bits against collision attacks to N/3?

Why is getting a PhD considered "financially irresponsible" by some people?

What's the simplest way to calibrate a thermistor?

Why did the population of Bhutan drop by 70% between 2007 and 2008?

Can a character use multiple reactions in response to the same trigger?

Is Nikon d500 a good fit for nature and ambient-lighting portraits and occasional other uses?

How to determine algebraically whether an equation has an infinite solutions or not?

Which meaning of "must" does the Slow spell use?

How to pass 2>/dev/null as a variable?



Proof of work - lottery approach


Why is POW/POS absolutely necessary to run public distributed ledger?Hashcash proof of work bitcoin sha256Bitcoin Proof of work puzzle inconsistencygroup proof of workWhy have proof of work?The “work” in proof of workDifference between Hashcash proof of work algorithm and Ethash proof of work algorithm?Proof of Work: email versus bitcoinSecurity via Proof - of - WorkHow does proof of work inspire trust when the work is just guessing?






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








2















I'm sure I am missing something here. But not sure what ...



Proof of work - after all is said and done, when a hash is found (about 10 min), it is said to be like someone hitting the lottery. Anyone that wins the lottery should be able to prove that a cost was incurred. So there are two things:



  1. Include a cost to finding the hash.

  2. The winner is considered "random" because finding the hash is an iterative guessing process.

The result is a huge energy burn and the result "mimics" a random winner.



QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash? For example, if there are 100,000 nodes, the network randomly selects 10% or 10,000 nodes who are allowed to compete to find the hash. Or take it to a smaller number like 1% or 1,000 nodes, etc.



The burning question is: Why can we not mimic the proof of work process and save a ton of energy along the way?



Why not have all the nodes that wish to enter each block lottery pay a small fee. They all currently incur electricity cost so from a financial standpoint, does it matter whether they pay a small lottery fee or pay a small fee to the electric company?



EXAMPLE: for the next block, here is the process:



  1. All 100,000 nodes pay (arbitrary number for now to make point) 1000
    satoshis.

  2. The bitcoin network randomly (maybe this is tricky part)
    selects a subset percentage. Say 10% or 10,000 nodes. These are the nodes that compete for the next block entry.

BENEFITS:



  1. There is still a cost incurred by each participant without the energy usage.

  2. The energy usage is now a fraction of the total network participation for the iterative hash search.

  3. It can allow more node participation by less powerful computers. A laptop will still be at a disadvantage, but is now competing against 9,999 other computers instead of the hashing power of the entire network.

To make sense of this is the fact that the end result of the current process is a "random" winner that can prove a cost has been incurred.



Can the lottery fee approach achieve the same goal without sacrificing security?










share|improve this question



















  • 1





    How would you determine who is a node?

    – JBaczuk
    Mar 27 at 16:39






  • 3





    You're assuming the lottery losers will let their mining hardware sit idle, and only those who won the lottery will hash. But the lottery winners have every incentive to rent as much hash power as possible from the losers, so as to have a better chance of actually mining the block and collecting the reward. So I'd expect that in fact, all the hashing hardware will still run, just on behalf of different miners from one round to the next, and the same amount of energy will be burned.

    – Nate Eldredge
    Mar 27 at 17:11












  • You might be interested in looking at Proof of Stake algorithms. They're still under development, but they were designed from the start to solve these energy issues.

    – Cort Ammon
    Mar 28 at 3:50

















2















I'm sure I am missing something here. But not sure what ...



Proof of work - after all is said and done, when a hash is found (about 10 min), it is said to be like someone hitting the lottery. Anyone that wins the lottery should be able to prove that a cost was incurred. So there are two things:



  1. Include a cost to finding the hash.

  2. The winner is considered "random" because finding the hash is an iterative guessing process.

The result is a huge energy burn and the result "mimics" a random winner.



QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash? For example, if there are 100,000 nodes, the network randomly selects 10% or 10,000 nodes who are allowed to compete to find the hash. Or take it to a smaller number like 1% or 1,000 nodes, etc.



The burning question is: Why can we not mimic the proof of work process and save a ton of energy along the way?



Why not have all the nodes that wish to enter each block lottery pay a small fee. They all currently incur electricity cost so from a financial standpoint, does it matter whether they pay a small lottery fee or pay a small fee to the electric company?



EXAMPLE: for the next block, here is the process:



  1. All 100,000 nodes pay (arbitrary number for now to make point) 1000
    satoshis.

  2. The bitcoin network randomly (maybe this is tricky part)
    selects a subset percentage. Say 10% or 10,000 nodes. These are the nodes that compete for the next block entry.

BENEFITS:



  1. There is still a cost incurred by each participant without the energy usage.

  2. The energy usage is now a fraction of the total network participation for the iterative hash search.

  3. It can allow more node participation by less powerful computers. A laptop will still be at a disadvantage, but is now competing against 9,999 other computers instead of the hashing power of the entire network.

To make sense of this is the fact that the end result of the current process is a "random" winner that can prove a cost has been incurred.



Can the lottery fee approach achieve the same goal without sacrificing security?










share|improve this question



















  • 1





    How would you determine who is a node?

    – JBaczuk
    Mar 27 at 16:39






  • 3





    You're assuming the lottery losers will let their mining hardware sit idle, and only those who won the lottery will hash. But the lottery winners have every incentive to rent as much hash power as possible from the losers, so as to have a better chance of actually mining the block and collecting the reward. So I'd expect that in fact, all the hashing hardware will still run, just on behalf of different miners from one round to the next, and the same amount of energy will be burned.

    – Nate Eldredge
    Mar 27 at 17:11












  • You might be interested in looking at Proof of Stake algorithms. They're still under development, but they were designed from the start to solve these energy issues.

    – Cort Ammon
    Mar 28 at 3:50













2












2








2








I'm sure I am missing something here. But not sure what ...



Proof of work - after all is said and done, when a hash is found (about 10 min), it is said to be like someone hitting the lottery. Anyone that wins the lottery should be able to prove that a cost was incurred. So there are two things:



  1. Include a cost to finding the hash.

  2. The winner is considered "random" because finding the hash is an iterative guessing process.

The result is a huge energy burn and the result "mimics" a random winner.



QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash? For example, if there are 100,000 nodes, the network randomly selects 10% or 10,000 nodes who are allowed to compete to find the hash. Or take it to a smaller number like 1% or 1,000 nodes, etc.



The burning question is: Why can we not mimic the proof of work process and save a ton of energy along the way?



Why not have all the nodes that wish to enter each block lottery pay a small fee. They all currently incur electricity cost so from a financial standpoint, does it matter whether they pay a small lottery fee or pay a small fee to the electric company?



EXAMPLE: for the next block, here is the process:



  1. All 100,000 nodes pay (arbitrary number for now to make point) 1000
    satoshis.

  2. The bitcoin network randomly (maybe this is tricky part)
    selects a subset percentage. Say 10% or 10,000 nodes. These are the nodes that compete for the next block entry.

BENEFITS:



  1. There is still a cost incurred by each participant without the energy usage.

  2. The energy usage is now a fraction of the total network participation for the iterative hash search.

  3. It can allow more node participation by less powerful computers. A laptop will still be at a disadvantage, but is now competing against 9,999 other computers instead of the hashing power of the entire network.

To make sense of this is the fact that the end result of the current process is a "random" winner that can prove a cost has been incurred.



Can the lottery fee approach achieve the same goal without sacrificing security?










share|improve this question














I'm sure I am missing something here. But not sure what ...



Proof of work - after all is said and done, when a hash is found (about 10 min), it is said to be like someone hitting the lottery. Anyone that wins the lottery should be able to prove that a cost was incurred. So there are two things:



  1. Include a cost to finding the hash.

  2. The winner is considered "random" because finding the hash is an iterative guessing process.

The result is a huge energy burn and the result "mimics" a random winner.



QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash? For example, if there are 100,000 nodes, the network randomly selects 10% or 10,000 nodes who are allowed to compete to find the hash. Or take it to a smaller number like 1% or 1,000 nodes, etc.



The burning question is: Why can we not mimic the proof of work process and save a ton of energy along the way?



Why not have all the nodes that wish to enter each block lottery pay a small fee. They all currently incur electricity cost so from a financial standpoint, does it matter whether they pay a small lottery fee or pay a small fee to the electric company?



EXAMPLE: for the next block, here is the process:



  1. All 100,000 nodes pay (arbitrary number for now to make point) 1000
    satoshis.

  2. The bitcoin network randomly (maybe this is tricky part)
    selects a subset percentage. Say 10% or 10,000 nodes. These are the nodes that compete for the next block entry.

BENEFITS:



  1. There is still a cost incurred by each participant without the energy usage.

  2. The energy usage is now a fraction of the total network participation for the iterative hash search.

  3. It can allow more node participation by less powerful computers. A laptop will still be at a disadvantage, but is now competing against 9,999 other computers instead of the hashing power of the entire network.

To make sense of this is the fact that the end result of the current process is a "random" winner that can prove a cost has been incurred.



Can the lottery fee approach achieve the same goal without sacrificing security?







proof-of-work






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Mar 27 at 16:35









nanonerdnanonerd

1224 bronze badges




1224 bronze badges










  • 1





    How would you determine who is a node?

    – JBaczuk
    Mar 27 at 16:39






  • 3





    You're assuming the lottery losers will let their mining hardware sit idle, and only those who won the lottery will hash. But the lottery winners have every incentive to rent as much hash power as possible from the losers, so as to have a better chance of actually mining the block and collecting the reward. So I'd expect that in fact, all the hashing hardware will still run, just on behalf of different miners from one round to the next, and the same amount of energy will be burned.

    – Nate Eldredge
    Mar 27 at 17:11












  • You might be interested in looking at Proof of Stake algorithms. They're still under development, but they were designed from the start to solve these energy issues.

    – Cort Ammon
    Mar 28 at 3:50












  • 1





    How would you determine who is a node?

    – JBaczuk
    Mar 27 at 16:39






  • 3





    You're assuming the lottery losers will let their mining hardware sit idle, and only those who won the lottery will hash. But the lottery winners have every incentive to rent as much hash power as possible from the losers, so as to have a better chance of actually mining the block and collecting the reward. So I'd expect that in fact, all the hashing hardware will still run, just on behalf of different miners from one round to the next, and the same amount of energy will be burned.

    – Nate Eldredge
    Mar 27 at 17:11












  • You might be interested in looking at Proof of Stake algorithms. They're still under development, but they were designed from the start to solve these energy issues.

    – Cort Ammon
    Mar 28 at 3:50







1




1





How would you determine who is a node?

– JBaczuk
Mar 27 at 16:39





How would you determine who is a node?

– JBaczuk
Mar 27 at 16:39




3




3





You're assuming the lottery losers will let their mining hardware sit idle, and only those who won the lottery will hash. But the lottery winners have every incentive to rent as much hash power as possible from the losers, so as to have a better chance of actually mining the block and collecting the reward. So I'd expect that in fact, all the hashing hardware will still run, just on behalf of different miners from one round to the next, and the same amount of energy will be burned.

– Nate Eldredge
Mar 27 at 17:11






You're assuming the lottery losers will let their mining hardware sit idle, and only those who won the lottery will hash. But the lottery winners have every incentive to rent as much hash power as possible from the losers, so as to have a better chance of actually mining the block and collecting the reward. So I'd expect that in fact, all the hashing hardware will still run, just on behalf of different miners from one round to the next, and the same amount of energy will be burned.

– Nate Eldredge
Mar 27 at 17:11














You might be interested in looking at Proof of Stake algorithms. They're still under development, but they were designed from the start to solve these energy issues.

– Cort Ammon
Mar 28 at 3:50





You might be interested in looking at Proof of Stake algorithms. They're still under development, but they were designed from the start to solve these energy issues.

– Cort Ammon
Mar 28 at 3:50










2 Answers
2






active

oldest

votes


















6















There's a lot going, but I'll do my best.




QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash?




Selecting a subset of existing nodes isn't easy as it seems. The vast majority of bitcoin nodes aren't reachable at all, in fact. That's why every website that counts those are different from each other. (The best probably being Luke Dashjr's one).



So you might: "Well, you could make it so that in order to participate you have to public announce your node". But that opens up (from the top of my head) a big attack vector: DDoS's. If every node participating in the consensus is known and reachable then you could hit them once they are selected and cause a network failure.



But that's not even the most important part: This approach would be extremely easy to gamble. Any person could run thousands or millions of nodes (Amazon Web Service has 1 million business customers) and change the odds to their favor.



Proof-of-Work is not a consensus algorithm, but rather an Anti-Sybil protocol. Sybil being the attack that I described in the last paragraph.




Can the lottery fee approach achieve the same goal without sacrificing
security?




Absolutely and 100% no, if you take "without sacrificing security" serious. And (1) I'm not sure if it can be done at all or (2) if it would work, but regardless: no.




The result is a huge energy burn




This is a little off-topic but I feel that might be worth commenting. Bitcoin energy usage is far from "deadly" or something like that. Most researches point to +70% use of renewable energy in the industry, highest than any other.






share|improve this answer

























  • Yeah, I figured my approach was too simplistic and had to have been considered and rejected at some point. My understanding of bitcoin is conceptual without knowing well the granular details. Appreciate your comments, thanks.

    – nanonerd
    Mar 27 at 17:51











  • Sure! The thing that I love about Bitcoin is that everyday I learn something new!

    – Tiago Loriato Simões
    Mar 27 at 17:55


















5
















QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash?




No.



Consider this: if there were a way to fairly and reliably 'select a subset of miners', then why not just select a single miner, and allow them to create the next block without any PoW energy expenditure? Why even have the mining process at all? Well... the answer is that it is very hard to randomly elect a peer in a distributed network, in a provably 'fair' way that is not game-able. And so we have slightly contrived solutions, like Bitcoin's PoW process.




First of all, there is the problem of how to randomly select a subset of nodes, in a way that isn't game-able. Whats to stop me from just running/spoofing 1 million nodes? Stopping sybil attacks is not trivial in a network like this.



Further, what is the definition of a 'selected node'? Is it a mining pool? An actual network node? An individual? A single ASIC mining rig? Even if you decide on a definition, how on earth would you enforce it? Having some sort of registry is antithetical to Bitcoin's design. Some of the above definitions may also create a trend towards miner centralization, which is bad for maintaining censorship resistance.



But lets just imagine that there is a technical solution, that allows a perfectly fair selection process that maps nodes 1:1 to 'actual miners'. In that case, if my node weren't selected for a mining round, then I would still have a few options: rent my hashing power out to a node that was selected (as @Nate Eldridge suggested), or just continue mining, and if I find a valid block, I sell it to a node that was selected, so that they can publish it to the network. In both examples, the network's energy usage hasn't diminished, but rather it has likely increased, due to the increased friction of participation.




BENEFITS:
There is still a cost incurred by each participant without the energy usage.




Downside: this doesn't actually solve the issue of a Sybil attack, it just makes a sybil attack more expensive to pull off, and generally we want to avoid any game theoretical situations that favour one user over another for extrinsic economic reasons.




The energy usage is now a fraction of the total network participation for the iterative hash search.




This is false, as mentioned we should expect rational miners to rent their hashpower out to one another, etc.




It can allow more node participation by less powerful computers. A laptop will still be at a disadvantage, but is now competing against 9,999 other computers instead of the hashing power of the entire network.




This is false, a laptop would still be useless, especially considering the ability of miners to rent out hashpower, etc.




This question seems to stem from the narrative that "Bitcoin mining uses energy and that is bad!", but this narrative ignores the fact that the benefits of Bitcoin are perhaps worth the costs of running the system. Security cannot be faked, and PoW offers what is perhaps the most efficient and transparent method of creating security for a decentralized network in this regard.






share|improve this answer



























  • Your last sentence is missing the word "decentralized". A central authority would be far more efficient at creating security.

    – Mark
    Mar 27 at 23:35











  • @Mark true, the sentence was written in the context of the rest of the answer, but I think that’s a worthy edit. I’ll add it in.

    – chytrik
    Mar 28 at 0:43













Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "308"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f85667%2fproof-of-work-lottery-approach%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























2 Answers
2






active

oldest

votes








2 Answers
2






active

oldest

votes









active

oldest

votes






active

oldest

votes









6















There's a lot going, but I'll do my best.




QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash?




Selecting a subset of existing nodes isn't easy as it seems. The vast majority of bitcoin nodes aren't reachable at all, in fact. That's why every website that counts those are different from each other. (The best probably being Luke Dashjr's one).



So you might: "Well, you could make it so that in order to participate you have to public announce your node". But that opens up (from the top of my head) a big attack vector: DDoS's. If every node participating in the consensus is known and reachable then you could hit them once they are selected and cause a network failure.



But that's not even the most important part: This approach would be extremely easy to gamble. Any person could run thousands or millions of nodes (Amazon Web Service has 1 million business customers) and change the odds to their favor.



Proof-of-Work is not a consensus algorithm, but rather an Anti-Sybil protocol. Sybil being the attack that I described in the last paragraph.




Can the lottery fee approach achieve the same goal without sacrificing
security?




Absolutely and 100% no, if you take "without sacrificing security" serious. And (1) I'm not sure if it can be done at all or (2) if it would work, but regardless: no.




The result is a huge energy burn




This is a little off-topic but I feel that might be worth commenting. Bitcoin energy usage is far from "deadly" or something like that. Most researches point to +70% use of renewable energy in the industry, highest than any other.






share|improve this answer

























  • Yeah, I figured my approach was too simplistic and had to have been considered and rejected at some point. My understanding of bitcoin is conceptual without knowing well the granular details. Appreciate your comments, thanks.

    – nanonerd
    Mar 27 at 17:51











  • Sure! The thing that I love about Bitcoin is that everyday I learn something new!

    – Tiago Loriato Simões
    Mar 27 at 17:55















6















There's a lot going, but I'll do my best.




QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash?




Selecting a subset of existing nodes isn't easy as it seems. The vast majority of bitcoin nodes aren't reachable at all, in fact. That's why every website that counts those are different from each other. (The best probably being Luke Dashjr's one).



So you might: "Well, you could make it so that in order to participate you have to public announce your node". But that opens up (from the top of my head) a big attack vector: DDoS's. If every node participating in the consensus is known and reachable then you could hit them once they are selected and cause a network failure.



But that's not even the most important part: This approach would be extremely easy to gamble. Any person could run thousands or millions of nodes (Amazon Web Service has 1 million business customers) and change the odds to their favor.



Proof-of-Work is not a consensus algorithm, but rather an Anti-Sybil protocol. Sybil being the attack that I described in the last paragraph.




Can the lottery fee approach achieve the same goal without sacrificing
security?




Absolutely and 100% no, if you take "without sacrificing security" serious. And (1) I'm not sure if it can be done at all or (2) if it would work, but regardless: no.




The result is a huge energy burn




This is a little off-topic but I feel that might be worth commenting. Bitcoin energy usage is far from "deadly" or something like that. Most researches point to +70% use of renewable energy in the industry, highest than any other.






share|improve this answer

























  • Yeah, I figured my approach was too simplistic and had to have been considered and rejected at some point. My understanding of bitcoin is conceptual without knowing well the granular details. Appreciate your comments, thanks.

    – nanonerd
    Mar 27 at 17:51











  • Sure! The thing that I love about Bitcoin is that everyday I learn something new!

    – Tiago Loriato Simões
    Mar 27 at 17:55













6














6










6









There's a lot going, but I'll do my best.




QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash?




Selecting a subset of existing nodes isn't easy as it seems. The vast majority of bitcoin nodes aren't reachable at all, in fact. That's why every website that counts those are different from each other. (The best probably being Luke Dashjr's one).



So you might: "Well, you could make it so that in order to participate you have to public announce your node". But that opens up (from the top of my head) a big attack vector: DDoS's. If every node participating in the consensus is known and reachable then you could hit them once they are selected and cause a network failure.



But that's not even the most important part: This approach would be extremely easy to gamble. Any person could run thousands or millions of nodes (Amazon Web Service has 1 million business customers) and change the odds to their favor.



Proof-of-Work is not a consensus algorithm, but rather an Anti-Sybil protocol. Sybil being the attack that I described in the last paragraph.




Can the lottery fee approach achieve the same goal without sacrificing
security?




Absolutely and 100% no, if you take "without sacrificing security" serious. And (1) I'm not sure if it can be done at all or (2) if it would work, but regardless: no.




The result is a huge energy burn




This is a little off-topic but I feel that might be worth commenting. Bitcoin energy usage is far from "deadly" or something like that. Most researches point to +70% use of renewable energy in the industry, highest than any other.






share|improve this answer













There's a lot going, but I'll do my best.




QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash?




Selecting a subset of existing nodes isn't easy as it seems. The vast majority of bitcoin nodes aren't reachable at all, in fact. That's why every website that counts those are different from each other. (The best probably being Luke Dashjr's one).



So you might: "Well, you could make it so that in order to participate you have to public announce your node". But that opens up (from the top of my head) a big attack vector: DDoS's. If every node participating in the consensus is known and reachable then you could hit them once they are selected and cause a network failure.



But that's not even the most important part: This approach would be extremely easy to gamble. Any person could run thousands or millions of nodes (Amazon Web Service has 1 million business customers) and change the odds to their favor.



Proof-of-Work is not a consensus algorithm, but rather an Anti-Sybil protocol. Sybil being the attack that I described in the last paragraph.




Can the lottery fee approach achieve the same goal without sacrificing
security?




Absolutely and 100% no, if you take "without sacrificing security" serious. And (1) I'm not sure if it can be done at all or (2) if it would work, but regardless: no.




The result is a huge energy burn




This is a little off-topic but I feel that might be worth commenting. Bitcoin energy usage is far from "deadly" or something like that. Most researches point to +70% use of renewable energy in the industry, highest than any other.







share|improve this answer












share|improve this answer



share|improve this answer










answered Mar 27 at 17:19









Tiago Loriato SimõesTiago Loriato Simões

1116 bronze badges




1116 bronze badges















  • Yeah, I figured my approach was too simplistic and had to have been considered and rejected at some point. My understanding of bitcoin is conceptual without knowing well the granular details. Appreciate your comments, thanks.

    – nanonerd
    Mar 27 at 17:51











  • Sure! The thing that I love about Bitcoin is that everyday I learn something new!

    – Tiago Loriato Simões
    Mar 27 at 17:55

















  • Yeah, I figured my approach was too simplistic and had to have been considered and rejected at some point. My understanding of bitcoin is conceptual without knowing well the granular details. Appreciate your comments, thanks.

    – nanonerd
    Mar 27 at 17:51











  • Sure! The thing that I love about Bitcoin is that everyday I learn something new!

    – Tiago Loriato Simões
    Mar 27 at 17:55
















Yeah, I figured my approach was too simplistic and had to have been considered and rejected at some point. My understanding of bitcoin is conceptual without knowing well the granular details. Appreciate your comments, thanks.

– nanonerd
Mar 27 at 17:51





Yeah, I figured my approach was too simplistic and had to have been considered and rejected at some point. My understanding of bitcoin is conceptual without knowing well the granular details. Appreciate your comments, thanks.

– nanonerd
Mar 27 at 17:51













Sure! The thing that I love about Bitcoin is that everyday I learn something new!

– Tiago Loriato Simões
Mar 27 at 17:55





Sure! The thing that I love about Bitcoin is that everyday I learn something new!

– Tiago Loriato Simões
Mar 27 at 17:55













5
















QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash?




No.



Consider this: if there were a way to fairly and reliably 'select a subset of miners', then why not just select a single miner, and allow them to create the next block without any PoW energy expenditure? Why even have the mining process at all? Well... the answer is that it is very hard to randomly elect a peer in a distributed network, in a provably 'fair' way that is not game-able. And so we have slightly contrived solutions, like Bitcoin's PoW process.




First of all, there is the problem of how to randomly select a subset of nodes, in a way that isn't game-able. Whats to stop me from just running/spoofing 1 million nodes? Stopping sybil attacks is not trivial in a network like this.



Further, what is the definition of a 'selected node'? Is it a mining pool? An actual network node? An individual? A single ASIC mining rig? Even if you decide on a definition, how on earth would you enforce it? Having some sort of registry is antithetical to Bitcoin's design. Some of the above definitions may also create a trend towards miner centralization, which is bad for maintaining censorship resistance.



But lets just imagine that there is a technical solution, that allows a perfectly fair selection process that maps nodes 1:1 to 'actual miners'. In that case, if my node weren't selected for a mining round, then I would still have a few options: rent my hashing power out to a node that was selected (as @Nate Eldridge suggested), or just continue mining, and if I find a valid block, I sell it to a node that was selected, so that they can publish it to the network. In both examples, the network's energy usage hasn't diminished, but rather it has likely increased, due to the increased friction of participation.




BENEFITS:
There is still a cost incurred by each participant without the energy usage.




Downside: this doesn't actually solve the issue of a Sybil attack, it just makes a sybil attack more expensive to pull off, and generally we want to avoid any game theoretical situations that favour one user over another for extrinsic economic reasons.




The energy usage is now a fraction of the total network participation for the iterative hash search.




This is false, as mentioned we should expect rational miners to rent their hashpower out to one another, etc.




It can allow more node participation by less powerful computers. A laptop will still be at a disadvantage, but is now competing against 9,999 other computers instead of the hashing power of the entire network.




This is false, a laptop would still be useless, especially considering the ability of miners to rent out hashpower, etc.




This question seems to stem from the narrative that "Bitcoin mining uses energy and that is bad!", but this narrative ignores the fact that the benefits of Bitcoin are perhaps worth the costs of running the system. Security cannot be faked, and PoW offers what is perhaps the most efficient and transparent method of creating security for a decentralized network in this regard.






share|improve this answer



























  • Your last sentence is missing the word "decentralized". A central authority would be far more efficient at creating security.

    – Mark
    Mar 27 at 23:35











  • @Mark true, the sentence was written in the context of the rest of the answer, but I think that’s a worthy edit. I’ll add it in.

    – chytrik
    Mar 28 at 0:43















5
















QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash?




No.



Consider this: if there were a way to fairly and reliably 'select a subset of miners', then why not just select a single miner, and allow them to create the next block without any PoW energy expenditure? Why even have the mining process at all? Well... the answer is that it is very hard to randomly elect a peer in a distributed network, in a provably 'fair' way that is not game-able. And so we have slightly contrived solutions, like Bitcoin's PoW process.




First of all, there is the problem of how to randomly select a subset of nodes, in a way that isn't game-able. Whats to stop me from just running/spoofing 1 million nodes? Stopping sybil attacks is not trivial in a network like this.



Further, what is the definition of a 'selected node'? Is it a mining pool? An actual network node? An individual? A single ASIC mining rig? Even if you decide on a definition, how on earth would you enforce it? Having some sort of registry is antithetical to Bitcoin's design. Some of the above definitions may also create a trend towards miner centralization, which is bad for maintaining censorship resistance.



But lets just imagine that there is a technical solution, that allows a perfectly fair selection process that maps nodes 1:1 to 'actual miners'. In that case, if my node weren't selected for a mining round, then I would still have a few options: rent my hashing power out to a node that was selected (as @Nate Eldridge suggested), or just continue mining, and if I find a valid block, I sell it to a node that was selected, so that they can publish it to the network. In both examples, the network's energy usage hasn't diminished, but rather it has likely increased, due to the increased friction of participation.




BENEFITS:
There is still a cost incurred by each participant without the energy usage.




Downside: this doesn't actually solve the issue of a Sybil attack, it just makes a sybil attack more expensive to pull off, and generally we want to avoid any game theoretical situations that favour one user over another for extrinsic economic reasons.




The energy usage is now a fraction of the total network participation for the iterative hash search.




This is false, as mentioned we should expect rational miners to rent their hashpower out to one another, etc.




It can allow more node participation by less powerful computers. A laptop will still be at a disadvantage, but is now competing against 9,999 other computers instead of the hashing power of the entire network.




This is false, a laptop would still be useless, especially considering the ability of miners to rent out hashpower, etc.




This question seems to stem from the narrative that "Bitcoin mining uses energy and that is bad!", but this narrative ignores the fact that the benefits of Bitcoin are perhaps worth the costs of running the system. Security cannot be faked, and PoW offers what is perhaps the most efficient and transparent method of creating security for a decentralized network in this regard.






share|improve this answer



























  • Your last sentence is missing the word "decentralized". A central authority would be far more efficient at creating security.

    – Mark
    Mar 27 at 23:35











  • @Mark true, the sentence was written in the context of the rest of the answer, but I think that’s a worthy edit. I’ll add it in.

    – chytrik
    Mar 28 at 0:43













5














5










5










QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash?




No.



Consider this: if there were a way to fairly and reliably 'select a subset of miners', then why not just select a single miner, and allow them to create the next block without any PoW energy expenditure? Why even have the mining process at all? Well... the answer is that it is very hard to randomly elect a peer in a distributed network, in a provably 'fair' way that is not game-able. And so we have slightly contrived solutions, like Bitcoin's PoW process.




First of all, there is the problem of how to randomly select a subset of nodes, in a way that isn't game-able. Whats to stop me from just running/spoofing 1 million nodes? Stopping sybil attacks is not trivial in a network like this.



Further, what is the definition of a 'selected node'? Is it a mining pool? An actual network node? An individual? A single ASIC mining rig? Even if you decide on a definition, how on earth would you enforce it? Having some sort of registry is antithetical to Bitcoin's design. Some of the above definitions may also create a trend towards miner centralization, which is bad for maintaining censorship resistance.



But lets just imagine that there is a technical solution, that allows a perfectly fair selection process that maps nodes 1:1 to 'actual miners'. In that case, if my node weren't selected for a mining round, then I would still have a few options: rent my hashing power out to a node that was selected (as @Nate Eldridge suggested), or just continue mining, and if I find a valid block, I sell it to a node that was selected, so that they can publish it to the network. In both examples, the network's energy usage hasn't diminished, but rather it has likely increased, due to the increased friction of participation.




BENEFITS:
There is still a cost incurred by each participant without the energy usage.




Downside: this doesn't actually solve the issue of a Sybil attack, it just makes a sybil attack more expensive to pull off, and generally we want to avoid any game theoretical situations that favour one user over another for extrinsic economic reasons.




The energy usage is now a fraction of the total network participation for the iterative hash search.




This is false, as mentioned we should expect rational miners to rent their hashpower out to one another, etc.




It can allow more node participation by less powerful computers. A laptop will still be at a disadvantage, but is now competing against 9,999 other computers instead of the hashing power of the entire network.




This is false, a laptop would still be useless, especially considering the ability of miners to rent out hashpower, etc.




This question seems to stem from the narrative that "Bitcoin mining uses energy and that is bad!", but this narrative ignores the fact that the benefits of Bitcoin are perhaps worth the costs of running the system. Security cannot be faked, and PoW offers what is perhaps the most efficient and transparent method of creating security for a decentralized network in this regard.






share|improve this answer
















QUESTION: Can the bitcoin network randomly select a subset of the existing nodes, for each block, who then compete to solve the hash?




No.



Consider this: if there were a way to fairly and reliably 'select a subset of miners', then why not just select a single miner, and allow them to create the next block without any PoW energy expenditure? Why even have the mining process at all? Well... the answer is that it is very hard to randomly elect a peer in a distributed network, in a provably 'fair' way that is not game-able. And so we have slightly contrived solutions, like Bitcoin's PoW process.




First of all, there is the problem of how to randomly select a subset of nodes, in a way that isn't game-able. Whats to stop me from just running/spoofing 1 million nodes? Stopping sybil attacks is not trivial in a network like this.



Further, what is the definition of a 'selected node'? Is it a mining pool? An actual network node? An individual? A single ASIC mining rig? Even if you decide on a definition, how on earth would you enforce it? Having some sort of registry is antithetical to Bitcoin's design. Some of the above definitions may also create a trend towards miner centralization, which is bad for maintaining censorship resistance.



But lets just imagine that there is a technical solution, that allows a perfectly fair selection process that maps nodes 1:1 to 'actual miners'. In that case, if my node weren't selected for a mining round, then I would still have a few options: rent my hashing power out to a node that was selected (as @Nate Eldridge suggested), or just continue mining, and if I find a valid block, I sell it to a node that was selected, so that they can publish it to the network. In both examples, the network's energy usage hasn't diminished, but rather it has likely increased, due to the increased friction of participation.




BENEFITS:
There is still a cost incurred by each participant without the energy usage.




Downside: this doesn't actually solve the issue of a Sybil attack, it just makes a sybil attack more expensive to pull off, and generally we want to avoid any game theoretical situations that favour one user over another for extrinsic economic reasons.




The energy usage is now a fraction of the total network participation for the iterative hash search.




This is false, as mentioned we should expect rational miners to rent their hashpower out to one another, etc.




It can allow more node participation by less powerful computers. A laptop will still be at a disadvantage, but is now competing against 9,999 other computers instead of the hashing power of the entire network.




This is false, a laptop would still be useless, especially considering the ability of miners to rent out hashpower, etc.




This question seems to stem from the narrative that "Bitcoin mining uses energy and that is bad!", but this narrative ignores the fact that the benefits of Bitcoin are perhaps worth the costs of running the system. Security cannot be faked, and PoW offers what is perhaps the most efficient and transparent method of creating security for a decentralized network in this regard.







share|improve this answer














share|improve this answer



share|improve this answer








edited Mar 28 at 0:43

























answered Mar 27 at 17:53









chytrikchytrik

9,1043 gold badges6 silver badges32 bronze badges




9,1043 gold badges6 silver badges32 bronze badges















  • Your last sentence is missing the word "decentralized". A central authority would be far more efficient at creating security.

    – Mark
    Mar 27 at 23:35











  • @Mark true, the sentence was written in the context of the rest of the answer, but I think that’s a worthy edit. I’ll add it in.

    – chytrik
    Mar 28 at 0:43

















  • Your last sentence is missing the word "decentralized". A central authority would be far more efficient at creating security.

    – Mark
    Mar 27 at 23:35











  • @Mark true, the sentence was written in the context of the rest of the answer, but I think that’s a worthy edit. I’ll add it in.

    – chytrik
    Mar 28 at 0:43
















Your last sentence is missing the word "decentralized". A central authority would be far more efficient at creating security.

– Mark
Mar 27 at 23:35





Your last sentence is missing the word "decentralized". A central authority would be far more efficient at creating security.

– Mark
Mar 27 at 23:35













@Mark true, the sentence was written in the context of the rest of the answer, but I think that’s a worthy edit. I’ll add it in.

– chytrik
Mar 28 at 0:43





@Mark true, the sentence was written in the context of the rest of the answer, but I think that’s a worthy edit. I’ll add it in.

– chytrik
Mar 28 at 0:43

















draft saved

draft discarded
















































Thanks for contributing an answer to Bitcoin Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f85667%2fproof-of-work-lottery-approach%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Kamusi Yaliyomo Aina za kamusi | Muundo wa kamusi | Faida za kamusi | Dhima ya picha katika kamusi | Marejeo | Tazama pia | Viungo vya nje | UrambazajiKuhusu kamusiGo-SwahiliWiki-KamusiKamusi ya Kiswahili na Kiingerezakuihariri na kuongeza habari

SQL error code 1064 with creating Laravel foreign keysForeign key constraints: When to use ON UPDATE and ON DELETEDropping column with foreign key Laravel error: General error: 1025 Error on renameLaravel SQL Can't create tableLaravel Migration foreign key errorLaravel php artisan migrate:refresh giving a syntax errorSQLSTATE[42S01]: Base table or view already exists or Base table or view already exists: 1050 Tableerror in migrating laravel file to xampp serverSyntax error or access violation: 1064:syntax to use near 'unsigned not null, modelName varchar(191) not null, title varchar(191) not nLaravel cannot create new table field in mysqlLaravel 5.7:Last migration creates table but is not registered in the migration table

은진 송씨 목차 역사 본관 분파 인물 조선 왕실과의 인척 관계 집성촌 항렬자 인구 같이 보기 각주 둘러보기 메뉴은진 송씨세종실록 149권, 지리지 충청도 공주목 은진현