Who decides the Proof of work

[Sergi]

Hello everyone,

First of all I would like to say that I am a newby here, so I would much appreciate that in case I do any mistake or breaking of the forum laws, you would point it out.

My question is as it introduced in the Subject: Since Bitcoin is based on a decentralized system who decides the proof of work that must be solved so that it gets tied to the blockchain? I guess it is based on some criteria that when any node receives the last block of the chain it can by itself calculates which it is the new proof of work, hence it is a function based in the last blockchain that gives an unique solution: f(B1)=New proof of work. If I am right what is that function? Otherwise how does it works?

Thanks in advance,

Sergi

[DannyHamilton]

Hello everyone,

First of all I would like to say that I am a newby here, so I would much appreciate that in case I do any mistake or breaking of the forum laws, you would point it out.

My question is as it introduced in the Subject: Since Bitcoin is based on a decentralized system who decides the proof of work that must be solved so that it gets tied to the blockchain? I guess it is based on some criteria that when any node receives the last block of the chain it can by itself calculates which it is the new proof of work, hence it is a function based in the last blockchain that gives an unique solution: f(B1)=New proof of work. If I am right what is that function? Otherwise how does it works?

Thanks in advance,

Sergi

The creators of the protocol get to decide what proof-of-work method the protocol is going to use. In the case of Bitcoin, that decision was made by Satoshi Nakamoto.

With bitcoin, the solo miner (or mining pool operator), build a block header from a list of transactions. Then they perform a double SHA256 hash of the header and check to see if the result is less than a target.  If it is, then they have completed the proof-of-work.  If it is not, then they modify the block header and try calculating the double SHA256 hash again.  They keep modifying the header and re-computing the double SHA256 hash until they either find a hash that has a value lower than the current target, or until they receive a valid block from a peer.  Then they start the whole process over again with a new block.

The target value is adjusted by a formula every 2016 blocks.  At that time, if the most recent 2016 blocks occurred too fast, then the target value is decreased, if the most recent 2016 blocks occurred too slow, then the target value is increased. The formula adjusts the target to attempt to keep the average time between blocks close to 10 minutes.

[Sergi]

Thanks for your answer,

My question is precisely about this point: "Then they perform a double SHA256 hash of the header". If I understand properly SHA256 algorithm starts with a string that throughout a mathematical operation over such string gives a result that must satisfy that result<target, i.e H(x)=y<target, where H(·) is such operation, 'x' is the string and 'y' the result. Who decides what is the string 'x' to solve?

I mean proof of work is all about solve a challenge. Whenever a new block is find, a new challenge is 'put on the table' so that all nodes are trying to solve the same challenge. Who puts on the table that new challenge anytime is needed? Is it decided by the protocol SHA256 based on the last block accepted in the blockchain?

Thank you!

Sergi

[OnkelPaul]

The string that is being hashed consists of the block's header data.
Since the header contains the hash of the previous block, nobody can start building a block (and hashing it) before the previous block is known.
Other parts of the header contain a hash of the block's contents (which is normally different for each miner, because it includes not only the transactions from mempool, but also the coinbase transaction which goes to an address created from a random private key, and the "nonce" which is incremented sequentially to find a block header whose hash is small enough.)

So there is no single entity who creates and distributes a new challenge, every miner has his own challenge built from the previous block and the new block's data.

Onkel Paul

[DannyHamilton]

If I understand properly SHA256 algorithm starts with a string that throughout a mathematical operation over such string gives a result that must satisfy that result<target, i.e H(x)=y<target, where H(·) is such operation, 'x' is the string and 'y' the result. Who decides what is the string 'x' to solve?

There is no string.

SHA256 is a calculation that starts with 1 or more binary digits of data and calculates a 256 bit result.  For any given input that result will always be the same, and any small change in the input results in an output that is unpredictably different.

In the case of bitcoin, the data that is being used as an input is the 80 bytes block header for which the miner is attempting to complete the proof-of-work. It consists of:

• A 4 byte version number
• A 32 byte hash of the most recently solved block (this is what keeps the miner from getting a head start on his proof of work, and what keeps anyone from being able to modify older blocks without re-performing all the proof-of-work since that block)
• A 32 byte merkle root (This is how the miner proves which transactions are in his block, and the order of those transactions)
• A 4 byte timestamp
• A 4 byte value that represents the current target value
• A 4 byte nonce (incrementing this value is how the miner "modifies the block header" before computing the SHA256 again)

I mean proof of work is all about solve a challenge. Whenever a new block is find, a new challenge is 'put on the table' so that all nodes are trying to solve the same challenge.

Not exactly.  The challenge is always there, and is essentially always the same:

"Create a valid block header such that the double SHA256 hash of that header is less than a target value, where the target value is determined by the proper adjustment at the previous adjustment block".
 

Who puts on the table that new challenge anytime is needed?

Satoshi Nakamoto did when he created the protocol.

Is it decided by the protocol SHA256 based on the last block accepted in the blockchain?

I'm not sure that I understand this question, but in order to be a valid block the challenge does require that the block header include the hash of the last block accepted in the blockchain.

[spazzdla]

Thanks for your answer,

My question is precisely about this point: "Then they perform a double SHA256 hash of the header". If I understand properly SHA256 algorithm starts with a string that throughout a mathematical operation over such string gives a result that must satisfy that result<target, i.e H(x)=y<target, where H(·) is such operation, 'x' is the string and 'y' the result. Who decides what is the string 'x' to solve?

I mean proof of work is all about solve a challenge. Whenever a new block is find, a new challenge is 'put on the table' so that all nodes are trying to solve the same challenge. Who puts on the table that new challenge anytime is needed? Is it decided by the protocol SHA256 based on the last block accepted in the blockchain?

Thank you!

Sergi

Watch "consus algorithms" by Andreas Antonpolious.

[AtheistAKASaneBrain]

The easiest analogy where most people seem to get it is the lottery one. Miners play a lottery to win the price (the Bitcoin reward) and the more hashing power the more tickets (chances of winning).

[Sergi]

Thanks everyone for the answers, now I do understand.

[Gleb Gamow]

Thanks for your answer,

My question is precisely about this point: "Then they perform a double SHA256 hash of the header". If I understand properly SHA256 algorithm starts with a string that throughout a mathematical operation over such string gives a result that must satisfy that result<target, i.e H(x)=y<target, where H(·) is such operation, 'x' is the string and 'y' the result. Who decides what is the string 'x' to solve?

I mean proof of work is all about solve a challenge. Whenever a new block is find, a new challenge is 'put on the table' so that all nodes are trying to solve the same challenge. Who puts on the table that new challenge anytime is needed? Is it decided by the protocol SHA256 based on the last block accepted in the blockchain?

Thank you!

Sergi

Watch "consus algorithms" by Andreas Antonpolious.

Andreas M. Antonopoulos: "Consensus Algorithms, Blockchain Technology and Bitcoin" [UCL]