This unit is Part 8 of the Annotated Princeton Bitcoin Video Course.
Introduction (3 minutes)
A mining puzzle in this context can be any system for selecting a node to create a block. Bitcoin uses SHA-256 proof-of-work, but many other systems have been proposed and tried.
Essential Puzzle Requirements (5 minutes)
To replace proof-of-work, any puzzle needs to maintain three useful properties found in Bitcoin:
- It’s easy to verify the result.
- Difficulty adjusts to changes in network resource commitment.
- The chance of winning is proportional to the value of the asset staked.
ASIC Resistant Puzzles (13 minutes)
The reasons for developing alternative puzzles fall into two related categories:
- To allow individual users to join.
- To discourage the formation of oligopolies.
The video notes the possibility of a mining optimization being kept a trade secret. This happened with covert asicboost.
Proof-of-useful-work (9 minutes)
Two examples are given:
- Primecoin, which links the discovery of prime numbers to proof-of-work. The idea has recently resurfaced with Bitcoin Prime, a proposed hard fork of Bitcoin;
- Permacoin, which requires nodes to supply evidence of data storage (see also “proof-of-space”).
Nonoutsourceable Puzzles (7 minutes)
The idea of enabling sabotage of mining pools through a vigilante attack hasn’t caught on in any meaningful way.
Proof-of-Stake “Virtual Mining” (8 minutes)
Proof-of-stake systems are prone to attacks that aren’t feasible with proof-of-work systems. One of the most studied is the “nothing-at-stake” attack. Most solutions focus on confiscating the staked money of renegade nodes.
For more discussion of proof-of-stake and how it relates to proof-of-work, see: Three Solutions to the Double Spending Problem
The Ethereum team plans to move to full proof-of-stake. Cardano plans a similar move in 2018.
Next Up: Bitcoin as a Platform