Bitcoin Q&A: Iterating Nonces and the Block Reward

Подписаться 335 тыс.

Просмотров 11 тыс.

50% 1

What is the nonce? Is it possible guess it on the first try? How is the nonce found in mining pools? When a miner wins the block reward, how does the block know which address to pay? When does a miner transmit a block to the network?
CORRECTION: At 18:03, I said that the chances of rolling dice below nine is the same as rolling below five. This is incorrect. It is easier to roll below nine because there are more possible outcomes.
Chapters
0:00 What is the nonce?
8:44 Do the miners know the amount of zeros required for the next block? Difficulty target
12:14 Is it possible to guess the nonce on the first try?
14:08 How does a pool work with a lower difficulty level for its nodes to solve? If my node finds a nonce that produces a hash that is lower than the expected difficulty set by the pool, how does that relate to the difficulty set on the Bitcoin network?
19:11 If I have an ASIC miner and I win the block reward, how will it be technically linked to a wallet of mine?
These questions are from the third session of MOOC 11, which took place on February 14th 2019. If you want early-access to talks and a chance to participate in the monthly live Q&As with Andreas, become a patron: / aantonop
RELATED:
Consensus Algorithms, Blockchain Technology, and Bitcoin - • Consensus Algorithms, ...
Advanced Bitcoin Scripting Part 1: Transactions and Multisig - • Advanced Bitcoin Scrip...
Advanced Bitcoin Scripting Part 2: SegWit, Consensus, and Trustware - • Advanced Bitcoin Scrip...
What is Consensus: Rules without Rulers - • What is Consensus: Rul...
Forkology: A Study of Forks for Newbies - • Forkology: A Study of ...
Bitcoin: Where the Laws of Mathematics Prevail - • Bitcoin: Where the Law...
Software distribution security - • Bitcoin Q&A: Software ...
What is mining? - • Bitcoin Q&A: What is M...
The mining process - • Bitcoin Q&A: The Minin...
Nonces, mining, and quantum computing - • Bitcoin Q&A: Nonces, M...
Miners, pools, and consensus - • Bitcoin Q&A: Miners, P...
What is difficulty targeting? - • Bitcoin Q&A: What is D...
Genesis block and coinbase transactions - • Bitcoin Q&A: Genesis B...
Cryptographic primitives - • Bitcoin Q&A: Cryptogra...
The rules of Bitcoin (part 1) - • Bitcoin Q&A: The Rules...
The rules of Bitcoin (part 2) - • Bitcoin Q&A: The Rules...
Rules versus rulers - • Bitcoin Q&A: Rules ver...
The value of proof-of-work - • Bitcoin Q&A: The Value...
Migrating to post-quantum cryptography - • Bitcoin Q&A: Migrating...
Could a state-sponsored 51% attack work? - • Bitcoin Q&A: Could a S...
Honest nodes and consensus - • Bitcoin Q&A: Honest No...
Spam transactions and Child Pays For Parent (CPFP) - • Bitcoin Q&A: Spam Tran...
Is Bitcoin a democracy? - • Bitcoin Q&A: Is Bitcoi...
Decentralized power, leaderless governance - • Bitcoin Q&A: Decentral...
Scaling, trust, and trade-offs - • Bitcoin Q&A: Scaling, ...
What is the role of nodes? - • Bitcoin Q&A: What is t...
Why running a node is important - • Bitcoin Q&A: Why Runni...
Lightning, full nodes, and miners - • Bitcoin Q&A: Lightning...
Running nodes and payment channels - • Bitcoin Q&A: Running N...
What happens during a fork? - • Bitcoin Q&A: What Happ...
Spam transactions and Child Pays For Parent (CPFP) - • Bitcoin Q&A: Spam Tran...
Energy consumption - • Bitcoin Q&A: Energy Co...
Solar energy and mining in space - • Bitcoin Q&A: Solar Ene...
Andreas M. Antonopoulos is a technologist and serial entrepreneur who has become one of the most well-known and respected figures in bitcoin.
Follow on Twitter: @aantonop / aantonop
Website: antonopoulos.com/
He is the author of two books: “Mastering Bitcoin,” published by O’Reilly Media and considered the best technical guide to bitcoin; “The Internet of Money,” a book about why bitcoin matters.
Subscribe to the channel to learn more about Bitcoin & open blockchains; click on the red bell to enable notifications about new videos!
MASTERING BITCOIN, 2nd Edition: amzn.to/2xcdsY9
Translations of MASTERING BITCOIN: bitcoinbook.info/translations...
THE INTERNET OF MONEY, v1: amzn.to/2ykmXFs
THE INTERNET OF MONEY, v2: amzn.to/2IIG5BJ
Translations of THE INTERNET OF MONEY:
Spanish, 'Internet del Dinero' (v1) - amzn.to/2yoaTTq
French, 'L'internet de l'argent' (v1) - www.amazon.fr/Linternet-large...
Russian, 'Интернет денег' (v1) - www.olbuss.ru/catalog/ekonomi...
Vietnamese, 'Internet Của Tiền Tệ' (v1) - alphabooks.vn/khi-tien-len-mang
MASTERING ETHEREUM (Q4): amzn.to/2xdxmlK
Music: "Unbounded" by Orfan ( / orfan )
Outro Graphics: Phneep (www.phneep.com/)
Outro Art: Rock Barcellos (www.rockincomics.com.br/)
Join the aantonop Channel: aantonop.io/joinaantonopyt

Наука

Опубликовано:

3 авг 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 39

@adrian14752 2 года назад

I was reading the mastering bitcoin book and got confused about the missing nonce section. Didn't realize the author was also a youtuber!

@westra4 Год назад

Nik says this is important to understand and that he learned it from you

@henrichsury98 3 года назад

i dont get how you understand all of this so perfectly. I would like to understand it like you

@alexvertigo8027 3 года назад

this is the best video ive seen explaining these, thank you

@aantonop 3 года назад

Glad it was helpful!

@pedrovelazquez138 2 года назад

Your book is a master piece. Thank you. Greetings from Paraguay.

@prula 3 года назад

First it made nonce ense to me. Now I get it! Thank You!!

@aantonop 3 года назад

jajajajaja - nice pun!

@erizonmacani3195 5 лет назад

Thanks for clearing things up!

@JonathanCr0ss 5 лет назад

Some watching this might wonder: When mining as part of a pool, if a participant finds a nonce that meets the difficulty target, why not just keep the whole reward themselves? This is is not possible because the block was constructed by the pool itself and has the pool's address in the (payout) coinbase transaction. By the time a miner finds a nonce, it is too late to change the coinbase transaction as that would change the hashed data and make the nonce invalid. Nice, eh?

@berargumen2390 3 года назад

This answer everything

@fsmoura 5 лет назад

Seems like Andres is a highly prolific blinker, like Gad Saad. Very high BPM count. :3

@huihuihuihuihuihui1 5 лет назад

Smashed the like.

@crazyloco846 5 лет назад

muchas gracioas por la infomacion

@mickhick95 5 лет назад

That was very well done. I learned a lot! I can't wait to tell my friends.

@neolynxer 5 лет назад

Okay, my comment is wired but: i used to listen to hours of your MOOCs and other lectrues when they just started and (re)play Morrowind while at it. I've listened to you talking about nonces, hashes and other topics a million times, but in these vids i see you sitting in a room with a very Morrowind-esque art and interior design behind you, which MY GOSH feels so spot on!

@gsargen1 5 лет назад

Excellent explanations as always -- Its great to hear such a straightforward discussion on these details. Thanks Andreas

@gregoriousmcburgendy463 5 лет назад

Thank you. Great explanation!

@henrygberg 5 лет назад

18:06 The chances, for a single throw of the dice, of throwing below 9 are NOT the same as the chances of throwing below 5. That is the whole point of having a pool difficulty lower than the network difficulty. Andreas clearly knows this and just misspoke, but it might confuse people. Part of the genius, possibly unintended, of proof of work is this ability to create a mining pool that does not trust any of its workers to tell the truth. If a miner is mining in a pool, when the miner finds a nonce that produces a hash below the pool target, the miner submits that nonce to the pool. The pool verifies that in fact that nonce produces a hash below the pool target when used in the candidate block header, and credits the miner accordingly. Essentially, the miners are producing "proof of pool work" that they submit to the pool, and eventually one of those "proof of pool work" submissions is also good enough to be a "proof of work" for the larger network. I think this was incredibly important in terms of helping bitcoin become established, and it is a critical reason why mining is not as centralized as many think.

@carcass09 5 лет назад

Thanks for this explanation. I had assumed that pool rewards were just split according to hash attempts / basically in the ratio of GPU power and never considered the implementation details. Upon consideration, it's infeasible to operate a mining pool without a pool target: how can you allocate pool rewards in proportion to work contributed? Even if you trust every member to report the specs of their hardware at t=0, hardware performance isn't fixed over time. If pool members just submit _all_ of their own failed nonces, then do we have to implement a centralized server to check that the member is contributing _distinct_ nonces? 10 billion per second per GPU, impossible! An adversary pool member could just submit nonces without ever computing the hashes, as probability is on his side that he won't accidentally submit a winning hash.

@karich21 2 года назад

If a miner "writes his own check" as payment, what prevents the miner from rewarding himself a very high reward for mining a block?

@notrevvz 2 года назад

In order for the miner to "write their own check", they need to run something called a Bitcoin "node". This allows them to be a part of, and interact with, the network. Pools run a node on their behalf, so you don't have to. If you're solo mining, you'll have to do this. Once your node submits the transaction for, let's say, 1000BTC to your own address from someone else (or from yourself), more than 50% of the nodes have to agree that it's valid (at least 50.000001...%). If they do, then the transaction goes through, even though it's not technically valid. This is called "double spend" and you are essentially creating coins in the network that should not exist. Ideally, the hashrate is so big and so decentralized that you realistically are unable to find a block that confirms your transaction against everyone else. If, for some reason, you have enough hashrate to take over the network and do double spending, then you can basically do whatever you want. This is called a 51% attack, stemming from owning 51% or more of the network hashrate. This does not exclude pools due to the way they operate. They pool shares from users and to the network the pool looks like one miner, so if you find a block, the pool gets the payment and then they give you a portion of it through a separate transaction. There is nothing stopping the pool from abusing the hashrate they get from their users and using it to hijack the network and double spend. However, it can, and has happened before to Ethereum Classic relatively recently. It can, in theory, happen to Bitcoin as well. It's all about how much hashrate you own and your power over the network. Other cryptocurrencies might have master nodes that are another form of fail safe, while also reducing load on the network, but that's a whole other story.

@jonnupe1645 3 года назад

Boop

@phoenixeyes7160 5 лет назад

Im korean guy...thank you...anto...i like ypu and John mcafee...thamk you.

@dieterhenrichs 4 года назад

The Nonce, "the number only used once" is only used once for each miner, is this correct? so multiple miners could randomly choose the same nonce?

@alexp-ru 4 года назад

Sure, but the block header would be different for each miner because: 1. Block time will be different slightly, which would affect the hash fingerprint 2. Each transaction time (and more importantly order) would also be different for each miner, which would also affect the hash fingerprint 3. Since merkle tree contains the hash of all transactions in the block, it would also be different for different miners Each miner's block is different, but the the miner that solves the cryptographic "puzzle" first and broadcasts it to the network, becomes the new OFFICIAL block.

@Yash-Gaikwad 5 лет назад

Isn't this proof of work system highly inefficient.

@ruslan124 5 лет назад

It is and very much so. I believe this is at least one of the drivers behind the idea of proof of stake as an alternative.

@ritteradam 5 лет назад

Both adding numbers and shifting/shuffling bits are linear operations, without enough non-linear substitution ciphers it would be trivial to do cryptanalysis on the function (just look at Iota :) ) and be able to reverse it.