The bitcoin networks transaction queue breaks another record
The proof-of-work is indeed a solution to a useless cryptographic puzzle—except, of course, that this "useless" work secures the Bitcoin network.
But what if some of the work could be useful? Or could be produced more efficiently? If mining does not entail a waste of resources for each node, then it also costs nothing for attackers to attack the system.
In fact, if the proof-of-work is less costly to solve, more honest participants join mining to collect the rewards , and soon the difficulty adjustment mechanism raises the difficulty again.
Hence, in a sense, the Bitcoin proof-of-work is built to spend a certain amount of resources no matter how efficient an individual miner becomes. To derive substantial benefits from mining without an offsetting increase in costs requires a proof-of-work that is useful to society at large but cannot provide value to the individual miner. For some attempts at using other problems as a basis for proof-of-work, see Ball et al. The key aspect of the Bitcoin protocol is its decentralization: This promotes both the resilience of the system, which does not have a single anchor of trust or single point of failure, and competition among the different participants for mining fees.
To maintain this decentralization, it is important that mining activity in Bitcoin be done by many small entities and that no single miner significantly outweigh the others. Ideally, the rewards that are given to miners should reflect the amount of effort they put in: In practice, some participants can benefit disproportionately from mining, for several different reasons.
An unbalanced reward allocation of this sort creates a bias in favor of larger miners with more computational power, making them more profitable than their smaller counterparts and creating a constant economic undercurrent toward the centralization of the system. Even slight advantages can endanger the system, as the miner can use additional returns to purchase more and more computational power, raising the difficulty of mining as the miner grows and pushing the other smaller and, hence, less profitable miners out of the game.
The resulting winner-takes-all dynamic inevitably leads to centralization within the system, which is then at the mercy of the prevailing miner, and no security properties can be guaranteed.
ASICs were orders of magnitude more efficient at mining bitcoins than previous systems. As this special hardware was not initially easy to acquire, it provided its owners with a great advantage over other miners—they could mine at a much lower cost. Those with this advantage would add ASIC-based proof-of-work to the system until the difficulty level would be so high that everyone else would quit mining. The risk was then that a single large miner would have sole access to ASICs and would come to dominate the Bitcoin system.
Concerns subsided after some time, as ASICs became commercially available and more widely distributed. In fact, ASIC mining actually introduces long-term effects that contribute to security. Later this article looks at how a miner can carry out profitable double spending and selfish mining attacks. One can argue, however, that even selfish and strategic miners are better off avoiding such attacks.
Indeed, a miner who invested millions of dollars in mining equipment such as ASICs is heavily invested in the future value of Bitcoin: Should the miner then use this gear to attack the system, confidence in the currency would drop, and with it the value of bitcoins and future rewards. The interests of miners are thus, in some sense, aligned with the overall health of the system.
All in all, ASIC mining introduces a barrier-to-entry to the system, as ordinary people cannot simply join the mining efforts; it thus reduces decentralization. On the other hand, it introduces a form of barrier-to-exit , as miners cannot repurpose their equipment to other economic activities; it therefore contributes to security. The appearance of competing cryptocurrencies e. This introduces complex market dynamics. For example, when a specific currency loses some value, miners will divert their mining power to another cryptocurrency until the difficulty readjusts.
This can cause fluctuations in block creation that destabilize smaller cryptocurrencies. Interestingly, some cryptocurrencies use different proof-of-work puzzles that are thought to be more resistant to ASIC mining, i.
This is often achieved by designing algorithmic problems that require heavy access to other resources, such as memory, and that can be solved efficiently by commercially available hardware. These alternative systems are in principle more decentralized, but on the flip side they lack the barrier-to-exit effect and its contribution to security.
A similar effect occurs when cloud mining becomes highly available. Some mining entities offer their equipment for rental over the cloud. The clients of these businesses are effectively miners who do not have a long-term stake in the system. As such services become cheaper and more accessible, anyone can easily become a temporary miner, with similar effects on security. Recall that creating a block requires solving a cryptographic puzzle unique to that block. This involves guessing inputs to a cryptographic hash function.
Solving the puzzle is mostly done via brute-force enumeration of different inputs. A miner can gain an advantage by creating blocks using more efficient methods than his or her counterparts. In addition to better hardware, an advantage can take a more algorithmic form. ASICBoost enables the miner to reuse some of the computational work performed during the evaluation of one input for the evaluation of another. This algorithm is proprietary, patent pending, and it is unclear who is and who is not using it.
Such an algorithmic advantage can be translated to lower power consumption per hash. Bitmain, a large manufacturer of ASICs for bitcoin mining that also operates some mining pools, was recently accused by some of secretly deploying a hardware variant of ASICBoost to increase its profits. Allegations were made that this company was politically blocking some protocol improvements that would coincidentally remove their ability to use ASICBoost.
Yet another method for a miner to become more efficient is to invest in communication infrastructure. By propagating blocks faster, and by receiving others' blocks faster, a miner can reduce the chances that their blocks will not belong to the longest chain and will be discarded "orphaned". As off-chain blocks receive no rewards, a better connection to the network translates to reduced losses.
Admittedly, with Bitcoin's current block creation rate, this advantage is rather marginal; blocks are created infrequently, and speeding up delivery by just a few seconds yields relatively little advantage. Nonetheless, better connectivity is a relatively cheap way to become more profitable. Furthermore, the effects of communication become much more pronounced when the protocol is scaled up and transaction processing is accelerated.
Today Bitcoin clears three to seven transactions per second on average. Changing the parameters of Bitcoin to process more transactions per second would increase the rate of orphan blocks and would amplify the advantage of well-connected miners.
As with any large entity, professional miners may enjoy the economic benefits of size. With a larger mining operation, such miners are much more likely to invest in different optimizations, such as finding sources of somewhat cheaper electricity, or placing their equipment in cooler regions to provide more efficient cooling to their machines mining usually consumes a great deal of electricity, and cooling the machines presents a real challenge.
Large miners can also purchase ASICs in bulk for better prices. All of this translates to natural advantages to size, a phenomenon that is not specific to Bitcoin but in fact appears in many industries. These effects give large miners an advantage and slowly pull the system toward a centralized one.
Many have raised concerns that most of today's Bitcoin mining is done by Chinese miners. They enjoy better access to ASICs, cheaper electricity, and somewhat lower regulation than similar operations in other locations.
The Chinese government, which tightly controls Internet traffic in and out of China, could choose to disrupt the system or even seize the mining equipment that is within its borders. Bitcoin's mining process yields very high reward but with very low probability for each small miner. A single ASIC that is running full time may have less than a 1-in, chance of mining the next block, which implies that years can go by without finding a single block.
Many would prefer a small, constant rate of income over long periods of time this is essentially risk aversion. Mining pools are coalitions of miners that combine their computational resources to create blocks together and share the rewards among members of the pool. Since the pool's workers together find blocks much more often than each miner alone, they are able to provide small continuous payments to each worker on a more regular basis.
From the perspective of the Bitcoin network, the pool is just a single mining node. Pool participants interact with the pool's server, which sends the next block header that the pool is working on to all workers. Each member tries to solve the cryptographic puzzle corresponding to this block in fact, they use small variants of the same block and work on slightly different proof-of-work puzzles to avoid duplicating work.
Whenever a worker finds a solution, it is sent to the pool manager, who in turn publishes the block to the network. The block provides a reward to the pool, which the manager then distributes among all of the pool's workers minus some small fee.
Many pools are public and open to any willing participant. Obviously, such pools must take measures to ensure that only members who truly contribute to the pool's mining efforts enjoy a portion of the rewards. To that end, every pool member sends partial solutions of the proof-of-work to the pool—these are solutions that came "close" to being full blocks. Partial solutions are much more common than full solutions, and anyone working on the problem can present a steady stream of such attempts that fall short of the target.
This indicates that the worker is indeed engaged in work, and can be used to assess the amount of computational power each worker dedicates to the pool.
Pools thus reward workers in some proportion to the number of shares that they earn a share is granted for every partial solution that is submitted. Fortunately, a pool member who has found a valid solution to the puzzle cannot steal the rewards. The cryptographic puzzle depends on the block header, which is under the control of the pool's manager. It encodes a commitment to the contents of the block itself via a cryptographic hash , including the recipient of the block's rewards.
After finding a valid solution for a specific block header, one cannot tamper with the header without invalidating the solution. In the early days of Bitcoin, mining pools would simply divide the reward from the latest block among all workers in proportion to the number of partial solutions each worker submitted. The number of shares was measured from the previous block created by the same pool.
Some workers came up with a way to improve their rewards: If a block was then found by the pool, its reward would be split among many shares. Working to generate additional shares is just as costly as before but yields low expected rewards for this very reason. Instead, the worker could just switch to another pool in which a block had been found more recently, and in which each additional share granted a higher expected reward.
If this behavior is adopted by many, a pool that is temporarily unsuccessful should, in fact, be completely abandoned by all rational miners. Pool-hopping-resistant reward schemes were quickly developed and adopted by most mining pools. While a miner cannot steal the block reward of a successful solution, he or she can still deny the reward to the rest of the pool.
The miner can choose to submit only partial solutions to the pool's manager but discard all successful solutions. The miner thus receives a share of the rewards when others find a solution, without providing any actual contribution to the pool. Discarding the successful solution sabotages the pool, and causes a small loss of income to the attacker. In spite of the losses to an attacker, in some situations it is worthwhile for mining pools to devote some of their own mining power to sabotage their competitors: These workers then execute a block-withholding attack.
Careful calculations of the costs and rewards show that, in some scenarios depending on the sizes of the attacker and victim pools , the attack is profitable. In the modified version, workers would not be able to discern between partial and full solutions to the proof-of-work puzzle and would not be able to selectively withhold full solutions.
While pools are good for small miners, mitigating their risk and uncertainty, they introduce some centralization to the system. The pool operator is essentially controlling the combined computational resources of many miners and is therefore quite powerful.
Some researchers proposed a technical modification to the mining protocol that undermines the existence of public pools altogether. Assuming many miners would claim the rewards for themselves, pools would not be profitable and would therefore dissolve. Earlier, this article described methods by which a miner can become more dominant within the protocol—both to profit more than his or her fair share and to generate more of the blocks in the chain.
The methods discussed thus far do not violate any of the protocol's rules; in some sense, miners are expected to make the most of their hardware and infrastructure. This section discusses direct violations of the rules of the protocol that allow miners to profit at the expense of others. In a sense, the existence of such strategies implies that there is something fundamentally broken in the protocol's incentive structure: Informally, the protocol instructs any node to: Attacks on the protocol correspond to deviations from one or more of these instructions.
A miner who does not validate incoming messages is vulnerable—the next block might include an invalid transaction that he or she did not verify, or reference an invalid predecessor block.
Other nodes will then consider this new block as invalid and ignore it. This sets a clear incentive for miners to embed in their blocks only valid transactions and to validate every new block before accepting it. Interestingly, despite this logic, sometimes miners mine on top of a block without fully validating it. This practice is known as SPV mining SPV stands for simplified payment verification and usually refers to the use of thin clients that do not read the full contents of blocks.
Why would miners engage in building on top of an unvalidated block? The answer again lies in incentives. Some miners apply methods to learn about the hash ID of a newly created block even before receiving its entire contents one such method, known as spy-mining, involves joining another mining pool as a worker to detect block creation events.
Even when the block is received, it takes time to validate the transactions it contains. During this time, the miner is aware that the blockchain is already longer by one block. You can check your transaction's confirmation status and other payment details on any blockchain explorer like BitPay's block explorer Insight. Look up your transaction using your transaction ID or the sending or receiving bitcoin addresses, which can all be found in your bitcoin wallet that sent the payment.
For your transaction to be considered fully confirmed by most BitPay merchants, your transaction will need to have six confirmations. Note that until your payment has six confirmations on the bitcoin blockchain, the recipient will not have access to the funds and will not be able to refund your transaction.
While some BitPay merchants may choose to fulfill orders on payments with fewer block confirmations, you will need at least one block confirmation before your order can be considered complete.
If your transaction confirms and the merchant does not fulfill your order, you don't need to reach out to BitPay. Because block sizes are limited, it's important for bitcoin miners to know which transactions they should include in blocks first. Miners use prices to figure this out. When you broadcast a transaction, your total amount sent usually includes a "miner fee" which goes to pay miners. If you want your transaction to leave the bitcoin mempool and be added to a block quickly, it's important that you include a sufficient miner fee.
This is why we strongly suggest using the BitPay wallet or another true bitcoin wallet that can dynamically calculate the miner fee needed for timely block confirmations. For reference, the website bitcoinfees. Transactions are being added to the bitcoin mempool's full queue constantly. Some may have been sent with higher miner fees than the one sent with your payment.
This means that with current network traffic, miners may deprioritize your unconfirmed transaction even if it was sent with an appropriate fee at the time. Your transaction will likely confirm, but if the Bitcoin network does not confirm it, it be spendable again in your wallet. Funds are spendable again in the BitPay wallet after transactions fail to confirm for up to 72 hours, but other wallets may behave differently.
If you are not using the BitPay wallet, you should contact your wallet provider for help if your unconfirmed funds do not show up as spendable again after a few days. While BitPay does not control confirmation times on the Bitcoin network, we care about the payment frustrations BitPay merchants and purchasers are experiencing right now. For purchasers, our BitPay wallet team has been working on updates to the BitPay wallet for our next release which will help to mitigate the effects of these delays on the bitcoin network when they occur.