|
valiron (OP)
|
 |
May 02, 2015, 09:10:14 PM
Last edit: May 04, 2015, 09:54:11 AM by valiron |
|
FWIW, I think Valiron is engaging in misconduct here. At first there is an "innocent" observational question and then after people point out that the observation is expected (because of hardware that only uses a limited set of nonces, and because of the block soft-target maximum) he had adopted a position of "secret knowing" that substantiates his position and yet he will not explain it.
I suspect as much as well, but to give Valiron the benefit of the doubt and for other lurkers to potentially learn something I will try explaining it as simply as possible. Can you explain the mathematical reason why nounces produced by ASICs are not uniform? The references you provide obviously do not explain that (nice paper by the way).
The papers do explain biases towards certain numbers and why certain sets of numbers appear more often than other numbers and how these probabilistic biases can mislead you into drawing erroneous conclusions. Based upon the quickness of your reply you obviously didn't read the papers so I will provide a video for you to understand this principle- https://www.youtube.com/watch?v=4UgZ5FqdYIQIn the video the bias is created because the sampled numbers are not random but selected based upon our bias to start at 0 or 1 and work in a linear manner as humans. The reason why the nonces produced aren't randomly uniform is because ASIC's search through random numbers in a linear and non random manner within certain ranges. There are many potential nonces that that could satisfy the block to hash given a specific difficulty but since asics search for these nonces in a linear fashion within a given range it greatly increases the probability that similar(contrasted to the potential range of possibilities of potential numbers) nonces will be found for each block. This is further emphasized by the fact that there are now very large mining pools running most of the same exact hardware for most of their hashrate which has the exact same characteristics on how it searches for valid nonces. Still this doesn't provide a mathematical explanation of the clustering around 2^31. I didn't read in detail the MAA paper, but I know exactly what you mean by refering to it. I also know that it doesn't explain the above clustering. If I get the time I will parse the blockchain and do some statistics on the nounces to determine their distribution. |
|
|
|
|
|
|
|
|
|
|
|
The forum strives to allow free discussion of any ideas. All policies are built around this principle. This doesn't mean you can post garbage, though: posts should actually contain ideas, and these ideas should be argued reasonably.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
cakir
Legendary
 Offline
Activity: 1274
Merit: 1000
★ BitClave ICO: 15/09/17 ★
|
|
May 02, 2015, 09:12:34 PM |
|
I've spotted same things before. https://bitcointalk.org/index.php?topic=1031953.msg11136641#msg11136641What's really happening, I really wanna know. |
|
|
|
|
|
|
,'#██+:
,█████████████'
+██████████████████
;██████████████████████
███████: .███████`
██████ ;█████'
`█████ #████#
████+ `████+
████: ████,
████: .# █ ████
;███+ ██ ███ ████
████ ███' ███. '███,
+███ #████ ,████ ████
████ █████ .+██████: █████+ `███.
,███ ███████████████████████ ████
████ ███████████████████████' :███
███: +████████████████████████ ███`
███ █████████████████████████` ███+
,███ ██████████████████████████ #███
'███ '██████████████████████████ ;███
#███ ███████████████████████████ ,███
████ ███████████████████████████. .███
████ ███████████████████████████' .███
+███ ███████████████████████████+ :███
:███ ███████████████████████████' +███
███ ███████████████████████████. ███#
███. #██████████████████████████ ███,
████ █████████████████████████+ `███
'███ '████████████████████████ ████
███; ███████████████████████ ███;
████ #████████████████████ ████
███# .██████████████████ `███+
████` ;██████████████ ████
████ '███████#. ████.
.████ █████
'████ █████
#████' █████
+█████` ██████
,██████: `███████
████████#;,..:+████████.
,███████████████████+
.███████████████;
`+███████#,
| |
|
|
|
|
inBitweTrust
|
|
May 02, 2015, 09:32:32 PM |
|
OK, judging from the clear lack of interest (he keeps denying the evidence yet doesn't even bother to digest the material) or refute the specific reasons why the evidence or reasons we provide are fallacious I am now more or less convinced he is disingenuous. I understand that some people are interested in hidding the procedure, but I think I will explain and expose how you can partially premine...It is something that I did notice long time ago, and surely other have noticed as well.
It is clear that someone found a trick for fast mining. I kind of happen to know what might be...
It is premining at some extend. Won't disclose more for the moment.
Bitcoin is an open source project where we openly discuss and share ideas. What you are doing by demanding explanations and evidence from us and than not reciprocating on what you claim to understand. This is rude at minimum and at worst an act of setting up a "secret" for some sort of investment scam. I don't mind discussing this openly, or if you prefer we can discuss it in a separate thread, but I don't think it is material to be exposed through posts in a forum. It would be better to discuss it in detail after a research paper is published. I am only interested in discussing the mathematical/computational aspects.
valiron if you don't mind discussing this openly than just do so, If you are concerned about the security of bitcoin than email one of the core developers your secrets. If you won't do either , reframe from hinting at it in the first place. Read this thread , it clearly goes over all the reasons you saw that behavior in your linked thread. |
|
|
|
|
valiron (OP)
|
|
May 02, 2015, 09:34:41 PM |
|
Can you explain the mathematical reason why nounces produced by ASICs are not uniform? The references you provide obviously do not explain that.
Because mining ASIC use "sea of hashers", they take one midstate work unit and broadcast it to hundreds (or even thousands) of SHA256 engines, each one tries a different nonce for the same work. You only have a finite number of engines so only a subset of nonces will get used, also some engines will fail (sometimes the same engine on every chip of a particular make) adding additional gaps. The allocation schemes differ from device to device (e.g. some hardware only produces even nonces or multiple of 64 nonces, some hardware only produces nonces in a range 0-1024, etc.) There is also an optimization you can do where you actually hardwire the engines for given nonces and grind the first half, though I don't know if anyone bothers with it. This makes sense, although I understand that nounces are exhausted pretty kickly. I see no reason why they should restrict nounces. It requires more computation to change extranounces for example. Obviously I can accept that this is an implementation improvement of mining for which we do not have the precise details. Anyway, the fact that all 4 blocks have a nounce close to 2^31 is more evidence that they were mined by the same miner.
Same miner or similar hardware, perhaps-- sure? and so what? Its not uncommon for a large miner (or a hardware type with a large share of the hashrate) to find four blocks consecutively; there is effectively a calculator for that in the bitcoin whitepaper. I also observe that the last 3 blocks are by anonymous miners. Thus if it is the same miner he is trying to conceal his identity, so we should assume that it is the same hardware. It is curious that suddenly the same hardware solves the block in such a short timeframe. It is of course possible. Just inspecting mined blocks there is a high clustering of anonymous miners. It will be interesting to do a statistic on this also. |
|
|
|
|
|
valiron (OP)
|
|
May 02, 2015, 09:42:15 PM |
|
valiron if you don't mind discussing this openly than just do so, If you are concerned about the security of bitcoin than email one of the core developer your secrets.
I just did that (sending a message to a developer), and as posted before I am willing to erase my posts here. It is not about direct security of bitcoin. It is about boosting the mining algorithm. I don't think it is a direct threat to bitcoin security. Were the first GPU miners a threat to bitcoin security? As for discussing this openly I prefer to wait for the answer of the developer. I don't want to be accused of spreading FUD or whatever. |
|
|
|
|
|
inBitweTrust
|
|
May 02, 2015, 09:43:49 PM |
|
I also observe that the last 3 blocks are by anonymous miners. Thus if it is the same miner he is trying to conceal his identity, so we should assume that it is the same hardware.
~20% of the network hashing power is done by unknown miners. Why would you assume they are using all the same hardware? A complete non sequitur. |
|
|
|
|
valiron (OP)
|
|
May 02, 2015, 09:44:38 PM |
|
OK, judging from the clear lack of interest (he keeps denying the evidence yet doesn't even bother to digest the material) or refute the specific reasons why the evidence or reasons we provide are fallacious I am now more or less convinced he is disingenuous.
I will be grateful if you avoid unnecessary ad hominem. So far, you have only contributed by linking to a nice elementary number theoretical paper that has little to do with what we discuss. |
|
|
|
|
|
valiron (OP)
|
|
May 02, 2015, 09:46:00 PM |
|
I also observe that the last 3 blocks are by anonymous miners. Thus if it is the same miner he is trying to conceal his identity, so we should assume that it is the same hardware.
~20% of the network hashing power is done by unknown miners. Why would you assume they are using all the same hardware? A complete non sequitur. It was the observation of gmaxwell because of the clustering of the nounces that seems to indicated similar miner or hardware. Ask him. Since the first block ins mined by AntPool and the others are anonymous, I assume that they use the same hardware. Otherwise we need to ask AntPool why they are anonymizing the next blocks if they are the miners. It is also well known that a miner that mines a block has a higher probability of mining the next one since he can start mining in the time his block is propagating. Also there is a well known advantage in concealing mined blocks and releasing them altogether. This could indicate same miner. |
|
|
|
|
|
inBitweTrust
|
|
May 02, 2015, 09:55:38 PM |
|
I also observe that the last 3 blocks are by anonymous miners. Thus if it is the same miner he is trying to conceal his identity, so we should assume that it is the same hardware.
~20% of the network hashing power is done by unknown miners. Why would you assume they are using all the same hardware? A complete non sequitur. It was the observation of gmaxwell because of the clustering of the nounces that seems to indicated similar hardware. Ask him. Gmaxwell never made that claim, all he did was suggest that is one possibility. Different ASICs also have similar or exactly the same parameters as well for the ranges and order in which nonces are searched for which makes your suggestion that we should assume the same hardware especially incorrect. One should not assume the same miner or the same hardware like you claim. Look at the IP addresses, If anything the default assumption should be that they are 3 different miners. (Sure it might be possible it is one miner using multiple VPNs but that shouldn't be your default assumption) |
|
|
|
|
|
|
valiron (OP)
|
|
May 02, 2015, 10:16:22 PM |
|
We already discussed that in previous posts. Timestamps in the blocks are malleable. Seems that block explorers are taking timestamps from the blocks. It is not the timestamp of the reception time of the blockexplorer since this would be incompatible with having the timestamp of block 354643 earlier than that of 354642. Just read above. |
|
|
|
|
|
valiron (OP)
|
|
May 02, 2015, 10:17:59 PM |
|
I also observe that the last 3 blocks are by anonymous miners. Thus if it is the same miner he is trying to conceal his identity, so we should assume that it is the same hardware.
~20% of the network hashing power is done by unknown miners. Why would you assume they are using all the same hardware? A complete non sequitur. It was the observation of gmaxwell because of the clustering of the nounces that seems to indicated similar hardware. Ask him. Gmaxwell never made that claim, all he did was suggest that is one possibility. Different ASICs also have similar or exactly the same parameters as well for the ranges and order in which nonces are searched for which makes your suggestion that we should assume the same hardware especially incorrect. One should not assume the same miner or the same hardware like you claim. Look at the IP addresses, If anything the default assumption should be that they are 3 different miners. (Sure it might be possible it is one miner using multiple VPNs but that shouldn't be your default assumption) "seems to indicate" is the same as "suggests the possibility" in my poor english. |
|
|
|
|
|
inBitweTrust
|
|
May 02, 2015, 10:27:46 PM |
|
"seems to indicate" is the same as "suggests the possibility" in my poor english.
It isn't a problem with translation. "seems to indicate" and "suggests the possibility" are both completely different statements than: so we should assume that it is the same hardware.
We are dealing with probabilities here. You should never make such assumptions. We already discussed that in previous posts. Timestamps in the blocks are malleable. Seems that block explorers are taking timestamps from the blocks. It is not the timestamp of the reception time of the blockexplorer since this would be incompatible with having the timestamp of block 354643 earlier than that of 354642. Just read above.
One should not assume that all three have malleable timestamps and than assume that they are grouped within 1 minute . So than all your original concerns have been explained except a similar grouping on nonces , which we have also explained but you refuse to accept our answers without giving specific detailed refutations. |
|
|
|
gmaxwell
Moderator
Legendary
Offline
Activity: 4172
Merit: 8419
|
|
May 02, 2015, 11:52:51 PM |
|
I just did that (sending a message to a developer), and as posted before I am willing to erase my posts here.
[....]
As for discussing this openly I prefer to wait for the answer of the developer. I don't want to be accused of spreading FUD or whatever.
Are you referring to your message to me 45 minutes ago? You provided no information that wasn't in the thread; and I responded asking you to provide information (either privately or publicly, though I encouraged you to provide it in public.). Still this doesn't provide a mathematical explanation of the clustering around 2^31.
I and multiple others have explained to you multiple times now that various mining devices consider only subsets of nonces for completely boring reasons--; what isn't explained is why you keep alleging that something with a boring explanation which has been provided multiple times hasn't been explained. A few week ago you were making posts that demonstrated that you had no idea how mining worked at all and were not willing or able to do even the most basic research on the subject. Your posts here continue to show a remarkable lack of basic research, yet you expect people to believe that you know something that hasn't been discussed in the hundreds of past threads about low level mining optimizations by experts in the field (including people like the inventor of hashcash; the general scheme used). Moreover, you started this by deceptively asking a question you later claimed to "know the answer to"; so I hope you can understand why people are skeptical here. You're making serious claims that would be concerns for the security of Bitcoin if true; such claims demand serious substantiation... doubly so when they coming form a source which seems to have been clearly deceptive in this very thread and is obviously not very familiar with the subject. In any case, you need do nothing more to defend your reputation than to simply explain what you're thinking. If your ideas are wrong, they'll be corrected; if they're right but not news, old threads will be referenced, if they're new and concerning the issues will be addressed if possible, etc. Right now, though, you're basically trying to convince us of something for which you'll give none of the information which could be used to support your claim. The only content in this thread will be people attacking your methods and motivations as a result, since you are intentionally refusing to provide the only information which could be used to analyze your claim directly. |
|
|
|
|
cr1776
Legendary
Offline
Activity: 4032
Merit: 1301
|
|
May 03, 2015, 12:22:35 AM |
|
valiron if you don't mind discussing this openly than just do so, If you are concerned about the security of bitcoin than email one of the core developer your secrets.
I just did that (sending a message to a developer), and as posted before I am willing to erase my posts here. It is not about direct security of bitcoin. It is about boosting the mining algorithm. I don't think it is a direct threat to bitcoin security. Were the first GPU miners a threat to bitcoin security?
As for discussing this openly I prefer to wait for the answer of the developer. I don't want to be accused of spreading FUD or whatever. Even if there was some way to boost the mining algorithm by some large percentage, at most if would provide a temporary advantage to someone or some group. Difficulty would quickly adjust, and others would discover this "secret." This has been discussed previously too. ;-) You are correct that the switch from CPU to GPU was not a threat to security. Particularly since GPUs were widely available and could be switched relatively quickly. Satoshi attempted to encourage people (with a "gentleman's agreement") to stick with CPUs for as long as possible to encourage the ease of adoption by more people. It was easier to get mining on a CPU than a GPU. During that time at various points there would be people doing some GPU mining, and eventually everyone had to switch to remain in the mining game, but it didn't impact security significantly. Hiding what this temporary advantage is - if you think that is what is going on here - is only helping this party who knows of this purported boost to the mining algorithm. I say "purported" because significant claims require significant proof. |
|
|
|
|
|
valiron (OP)
|
|
May 03, 2015, 12:40:18 AM |
|
I just did that (sending a message to a developer), and as posted before I am willing to erase my posts here.
[....]
As for discussing this openly I prefer to wait for the answer of the developer. I don't want to be accused of spreading FUD or whatever.
Are you referring to your message to me 45 minutes ago? You provided no information that wasn't in the thread; and I responded asking you to provide information (either privately or publicly, though I encouraged you to provide it in public.). Still this doesn't provide a mathematical explanation of the clustering around 2^31.
I and multiple others have explained to you multiple times now that various mining devices consider only subsets of nonces for completely boring reasons--; what isn't explained is why you keep alleging that something with a boring explanation which has been provided multiple times hasn't been explained. A few week ago you were making posts that demonstrated that you had no idea how mining worked at all and were not willing or able to do even the most basic research on the subject. Your posts here continue to show a remarkable lack of basic research, yet you expect people to believe that you know something that hasn't been discussed in the hundreds of past threads about low level mining optimizations by experts in the field (including people like the inventor of hashcash; the general scheme used). Moreover, you started this by deceptively asking a question you later claimed to "know the answer to"; so I hope you can understand why people are skeptical here. You're making serious claims that would be concerns for the security of Bitcoin if true; such claims demand serious substantiation... doubly so when they coming form a source which seems to have been clearly deceptive in this very thread and is obviously not very familiar with the subject. In any case, you need do nothing more to defend your reputation than to simply explain what you're thinking. If your ideas are wrong, they'll be corrected; if they're right but not news, old threads will be referenced, if they're new and concerning the issues will be addressed if possible, etc. Right now, though, you're basically trying to convince us of something for which you'll give none of the information which could be used to support your claim. The only content in this thread will be people attacking your methods and motivations as a result, since you are intentionally refusing to provide the only information which could be used to analyze your claim directly. Dear gmaxwell, You are right, I have no idea of what specific algorithms are using ASICs and that is what I was asking in that previous posts. I don't work on hardware. I guess you had to search through my post in lack of other arguments. This doesn't mean that I can't have some idea of how bitcoin mining works and what classical improvements can be made due to the particular structure of the block headers. You are making up that I am making claims about the security of bitcoin. That's untrue. First of all in order to raise concerns about bitcoin security, you will agree that you would need to boost the performance of the mining algorithm by several orders of magnitude. I never made such a claim. On the other hand it would be worrysome if a number of people had access to a better mining algorithm that is used extensively and kept secret, and only for that reason it is worth analyzing unusual block validations. I have no reputation to defend while I am being accused without grounds of being a scamer. My reputation is well, thank you for your concern. I withdraw any claim that I may have made. So I am not trying to convince you about anything. I stand my claim that I see some unusual statistics on these blocks. Of course this doesn't prove anything and your explanations are most probably correct, so you can continue to sleep well. Be in peace. If you happen to find better explanations I, and others, would be glad to hear about them. I already retracted everything, so I wait you to remove your negative rating and scam accusations : https://bitcointalk.org/index.php?action=trust;u=11425Appears to be dishonestly spreading fud on technical matters.
At first Valiron posts an ignorant but innocent sounding question about why a run of blocks have similar sizes and nonces.
People responded pointing out that there is a default soft-maximum block target size, and that size is common and expected. People also pointed out that nonces are not uniformly searched and similar nonces are expected.
Valiron then changed from his position of ignorance and began responding to his own questions with claims of knowledge which he will not disclose: "It is premining at some extend. Won't disclose more for the moment.", and "Proof of work with double hash as designed is weak. Same problem with blocks with only one transaction. " and more bad statistics.
I suspect Valiron is either trying to scam someone out of paying for his "knowledge" or that he is attempting to manipulate the market price of Bitcoin;
... it's possible that he has just innocently reinvented one of the many known-for-many-years optimizations (e.g. pre-computing the midstate; or hardwiring the initial part of the second compression function run)... or even a more fundamental misunderstanding like not realizing the hashing the block content is intentionally not inside the mining algorithm inner loop. But if so there is no reason to be mysterious here; if he says what he's thinking people will explain how it does or doesn't matter and where it has been discussed in the past.
Accordingly; I'll remove this negative rating (or downgrade it to neutral) when Valiron either retracts or substantiates his position. Best regards. |
|
|
|
|
|
valiron (OP)
|
|
May 03, 2015, 12:45:44 AM |
|
valiron if you don't mind discussing this openly than just do so, If you are concerned about the security of bitcoin than email one of the core developer your secrets.
I just did that (sending a message to a developer), and as posted before I am willing to erase my posts here. It is not about direct security of bitcoin. It is about boosting the mining algorithm. I don't think it is a direct threat to bitcoin security. Were the first GPU miners a threat to bitcoin security?
As for discussing this openly I prefer to wait for the answer of the developer. I don't want to be accused of spreading FUD or whatever. Even if there was some way to boost the mining algorithm by some large percentage, at most if would provide a temporary advantage to someone or some group. Difficulty would quickly adjust, and others would discover this "secret." This has been discussed previously too. ;-) You are correct that the switch from CPU to GPU was not a threat to security. Particularly since GPUs were widely available and could be switched relatively quickly. Satoshi attempted to encourage people (with a "gentleman's agreement") to stick with CPUs for as long as possible to encourage the ease of adoption by more people. It was easier to get mining on a CPU than a GPU. During that time at various points there would be people doing some GPU mining, and eventually everyone had to switch to remain in the mining game, but it didn't impact security significantly. Hiding what this temporary advantage is - if you think that is what is going on here - is only helping this party who knows of this purported boost to the mining algorithm. I say "purported" because significant claims require significant proof. I think you made my point very clear. AS you explained, I don't see any direct threat to bitcoin security. As I said I withdraw any claims and if I have something relevant to say on this mater it will be in a public research paper. I am not trying to scam anyone, to scare anyone, nor to sell anything. On the other hand I don't either play the game of "having to defend my reputation" because Mr gmaxwell decides so. |
|
|
|
|
|
valiron (OP)
|
|
May 03, 2015, 12:53:52 AM |
|
All 4 nounces very close by.
Not close at all. A difference 300,000 is about one thirteenth of the maximum range, which means consecutive nonces will be this close together over 10 times a day. 4Byte nounce is between 1 and 2^32-1=4.294.967.295 right? Where is your 300.000 being 1/13th coming from? I meant 300,000,000 (that's the closeness we're talking about right?), but I misplaced a few zeros somewhere around the second glass of absinthe. This is why you shouldn't drink and derive.  Be careful with absynthe... Let's look closer at nounces: We assume that nounces are uniformly distributed (not exactly true since if we start increasingly with nounce 0 they follow a Poisson law, but taking into account that nounce cycles many times before finding the solution it is well approximated by the uniform distribution). We look at distance mod 2^32. |nounce(354641)-nounce(354640)| = 19.452.599 probability 19.452.599/(2^32-1)*2 = 1.8% |nounce(354642)-nounce(354641)| = 5.394.922 probability 5.394.922/(2^32-1)*2 = 0.12% |nounce(354642)-nounce(354641)| = 313.864.936 probability 313.864.936/(2^32-1)*2 =7.2% Combined probability 0.000155% that is 1 in 64.5 million of times. Are you trolling? 0.000155% is 1 in 645161 And this is nonsense. Just some made up data |nounce(1)-nounce(0)| = 5% |nounce(2)-nounce(1)| = 20% |nounce(3)-nounce(2)| = 10% |nounce(4)-nounce(3)| = 1% |nounce(5)-nounce(4)| = 5% |nounce(6)-nounce(5)| = 10% Combined probability 0.000005% that is 1 in 20 million of times. Bitcoin in broken!!! I just did a rough approximation, only valid for small probabilities and few events. You are welcome to do the exact computation. You calculate in a wrong way. You should define the meaning of "close" a priori. That could be 20%, 10%, or 1%. Let say you choose 10%, the P(1.8%, 0.12%, 7.2%) should be 1/1000, not 1/645161. And let say you choose 2%, the P(1.8%, 0.12%, 7.2%) should be 1/2551 (0.02*0.02*0.98). Therefore, one event of this kind is expected in about 2 weeks. Please stop here (and edit your misleading topic) unless you find something really statistical significantly deviated from the theoretical distribution. I don't understand what you mean. OK, let me do the computation and explain things carefully. You can tell me on which point you disagree. (0) Put your 2^32-1 integer values on a circle of perimeter 2. This geometrical representation will help you. (1) We assume uniform distribution of nounces. This is correct as first approximation, but not totally accurate as pointed out before by several people. We may extract the historical distribution and use it. (2) The probability that two consecutive nounces are closer as nounce(354641) and nounce(354640) is 1.8%. It is the minor arc length between the two nounces on the circle. Same for nounce(354642) and nounce(354641), and for nounce(354643) and nounce(354644). Otherwise, please correct me if you disagree. (3) We assume independence of nounces with respect to previous nounces, i.e. we consider nounces as independent random variables. This implies that distance between nounce(n+2) and nounce(n+1) is independent of the distance between nounce(n+1) and nounce(n). (4) Thus, the probability of having three consecutive events of the sort described is just the product of the probabilities, it is 1 over 645161. The probability of seeing this is on average once each 12.27 years at an average production of one block (nounce) every 10 minutes. If you can't see why you are committing an elementary statistics fallacy, just consider this: 1. P is an uniformly distributed variable from 0 to 1, with mean = 0.5 2. There is 144 blocks per day 3. The probability calculated, in the way you suggest, is about 0.5^144 = 4*10(-44), which should NEVER happen ------------------------------------- For the consecutive 731kb blocks, it just showed there were too many unconfirmed tx and miners had to use the maximum size. The probability of having 144 independent random variables all smaller that their mean value is what you computed. It is the same as computing the probability of throwing 144 times a coin and seeing all times heads. You are right. It is extremely unlikely and should never happen. Where is the fallacy?  We never heard back of jl2012. I guess he agrees that my argument wasn't fallacious. I withdraw most claims, but I stand by the claim that to see 144 times heads in 144 coin throws is very unlikely. I will run some statistics on nounces. I am now very curious about their distribution. Anyone did study that before? |
|
|
|
|
|
inBitweTrust
|
|
May 03, 2015, 01:01:43 AM |
|
As I said I withdraw any claims and if I have something relevant to say on this mater it will be in a public research paper. I am not trying to scam anyone, to scare anyone, nor to sell anything. On the other hand I don't either play the game of "having to defend my reputation" because Mr gmaxwell decides so.
It has nothing to do with fear of a vulnerability as many of us have heard and researched these discussions many times before. It is merely us being intolerant towards nonsense presented in an arrogant manner or someone setting up a scam by making insinuations and teasing developers that you have a solution but won't disclose it. It is simply bad manners to do with open source projects where we try to share ideas openly. Go ahead and either prove yourself by writing that research paper or mining faster than anyone else. I look forward to seeing your whitepaper or being proven wrong and having to apologize for judging you too quickly because in all honestly it would be really neat if you did find something new we haven't discovered or discussed over the years. I guess he agrees that my argument wasn't fallacious. I withdraw most claims, but I stand by the claim that to see 144 times heads in 144 coin throws is very unlikely.
I will run some statistics on nounces. I am now very curious about their distribution. Anyone did study that before?
You were so close now want to begin discussing matters more without doing your homework. Please just finish that whitepaper that supports your secret claims and than some of us will happily read it and have something to discuss. |
|
|
|
gmaxwell
Moderator
Legendary
Offline
Activity: 4172
Merit: 8419
|
|
May 03, 2015, 01:41:55 AM
Last edit: May 03, 2015, 02:19:02 AM by gmaxwell |
|
We never heard back of jl2012.
I guess he agrees that my argument wasn't fallacious. I withdraw most claims, but I stand by the claim that to see 144 times heads in 144 coin throws is very unlikely.
I will run some statistics on nounces. I am now very curious about their distribution. Anyone did study that before?
Is this kind of comment acceptable in the circles you normally travel in? If one of the people I worked with presented an argument of this form my response would be "Shame on you". Perhaps jl2012 has other things to do than click reload constantly and wade through the page and pages of untrimmed quotations in your message? Doubly so when it has been very clearly explained that your statistical argument is outright incorrect already by others. Miners do not select nonces uniformly for boring engineering reasons, this is a fact, it's the behavior of hardware sitting right next to me, it's easily observable on the blockchain. Your statistical argument is that IF nonces were uniform then it would be unlikely to see a run of similar ones. You do not correct for multiple comparisons (we've had some 354k possible runs of 4 for this to be true in), but most importantly you seem to strangely continue to ignore the fact that we know that various hardware does not uniformly select nonces; and instead you suggest this is evidence of your secret hypothesis. Why are you surprised that we reject your reasoning and instead question your motivations? The nonces here aren't even that close-- 2167965896, 2148513297, 2143118375, 2456983311 spans 7% of the nonce range... Since people seem to get caught up on the the analysis, perhaps a numerical example in python might simplify things for people:
import random
trys = 1000000
threshold = 2456983311 - 2143118375
small_rng = 0
for i in xrange(trys):
n = [random.randrange(0,2**32) for ii in xrange(4)]
small_rng += (max(n)-min(n))<=threshold
print("Out of %d tries, %d groups of 4 nonces were spanned a range equal or smaller than %d."%(trys,small_rng,threshold))
print("Since there are 144 blocks (thus 144 overlapping groups of 4)")
print("We'd expect to see this every %f days with _uniform_ nonces."%(1./(float(small_rng)/trys*144.)))
Which yields:
Out of 1000000 tries, 1524 groups of 4 nonces were spanned a range equal or smaller than 313864936.
Since there are 144 blocks (thus 144 overlapping groups of 4)
We'd expect to see this every 4.556722 days with _uniform_ nonces.
Since we also know existing hardware produces a subset of nonces we should probably expect these runs to be even more common than the above reflects. To get a feel for how non-uniformity changes this, switching to an RNG with a linear sloping probability, abs(random.randrange(0,2**32)-random.randrange(0,2**32)), increases the rate of these 'small' spans by about 2.8x. Without a reason to believe the exact criteria was established in advance instead of based on the data we should also probably be correcting for the fact that there are many other possible "patterns" people might find interesting and might use to claim support for some secret theory; e.g. ending with certain digits in some base, or being close mod 2^32, having digits that are cyclic shifts of each other in some base, being close by a larger but also 'small' threshold (E.g. the post originally claimed 6 blocks with a nonce span of 1856814243 which we'd expect to see a bit over 8 times per day.), or having some other simple arithmetic relation, etc. |
|
|
|
|
|
