北大肖臻老师《区块链技术与应用》系列课程学习笔记[20]以太坊-权益证明

具体统计数据如下图所示：

The specific statistics are shown in figure xff1a below;

2.以太坊的统计数据

以太坊的能耗也是随时间增长的，中间有一些波动如下图1-3所示。

The energy consumption in Etherm is also xff0c over time; there are some fluctuations in the middle, as shown in figures 1-3 below.

具体的数据如下图1-4所示?。?

Specific data are shown in figures 1-4 below?

从道理上讲，比特币的交易是比较简单的，只有一些单纯的转账交易，以太坊的交易有可能包含对智能合约的调用，但实际上，以太坊的能耗比比特币低了很多。因为比特币出块时间长，比特币平均出块时间是10min，以太坊则是15s，所以以太坊挖矿挖的时间就短，每个交易平均下来的能耗就小，当然以太坊的交易能耗仍然比信用卡公司高很多。

Logically, xff0c; Bitcoin is a relatively simple xff0c; there are only simple transfer transactions xff0c; xff0c is likely to include calls for smart contracts xff0c; but xff0c is actually much lower than Bitcoin's energy consumption. Because Bitcoin has a long time out xff0c; Bitco has an average time out of 10minxff0c; Taipan is 15s xff0c; so xff0c is short with time to dig; xff0c is small xff0c; and, of course, the average energy down from each transaction is still much higher than that of credit card companies.

3.比特币和以太坊当成一个国家

如果把比特币和以太坊的能耗加在一起当作一个国家来算的话，他在国家中的排行榜入下图1-5所示。

If Bitcoin and Etheria's energy consumption are added together as one country, xff0c; his ranking in the country is shown in figure 1-5 below.

1.矿工为什么要挖矿？

为了取得出块奖励，为了获得收益。

To get a reward xff0c; to get a return.

2.为什么要给矿工这些收益，这些出块奖励呢？

为了激励矿工参与区块链的维护。

To motivate miners to participate in the maintenance of block chains.

3.矿工具体是怎么挖矿的呢？

需要找一笔挖矿资金，然后去买挖矿设备，如矿机、GPU等，然后开始挖矿。

There is a need to find a mining fund xff0c; then to buy mining equipment xff0c; e.g. mine machines, GPUs, etc. xff0c; and then to start mining.

4.那挖矿的收益是由什么决定的？

投入的资金决定的。收益由挖矿多少决定，挖矿多少由算力决定，算力由矿机决定，矿机由投入资金决定。既然最终是拼钱，那直接把钱拿出来比一比不就行了，矿工通过竞争算力来决定挖矿的收益如何分配，能不能改成直接靠比钱的多少来决定收益，都把钱投入区块链开发，按照每个人投入的资金的多少来决定收益的分配，这个就是权益证明的一个基本思想，这种方法也叫做Virtual Mining虚拟挖矿。

The profits are determined by the amount of money invested. The profits are determined by the amount of money invested in the mine; the amount of money invested in the mine is determined by the amount of money spent on the mine & #xff0c; the power of the mine is determined by the amount of money invested in the mine machine & #xff0c; since it is ultimately the amount of money spent & #xff0c; the amount of money spent is taken out of the money directly & xff0c; the miners decide, through competitive arithmetic, how the proceeds of the mine are distributed xff0c; whether they can be changed to xff0c directly by the amount of money; the amount of money invested in the block chain development xff0c; the distribution of the proceeds according to the amount of money invested by everyone xff0c; this is

1.权益证明的特点

采用权益证明的加密货币，一般在正式发行之前，会先预留一部分货币给开发者，也会出售一部分货币，来换取开发这个加密货币所需要的资金，按照权益证明的共识机制，每个人是按照持有货币的数量来进行投票的。

Encrypted currency xff0c; usually pre-released xff0c; pre-released part of currency to developers xff0c; also sold part of currency xff0c; in exchange for funds needed to develop this encrypted currency xff0c; based on 2.权益证明与工作量证明相比的优点

（1）省去了挖矿的过程，避免了由此带来的能耗和对环境的影响，减少了温室气体的排放。

& #xff08; 1） Saved mining & #xff0c; avoided energy consumption and environmental impacts & #xff0c; reduced greenhouse gas emissions.

（2）发动攻击的资源只能从加密货币系统内部得到。

& #xff08; 2） resources to launch an attack can only be obtained from within an encrypted currency system.

基于工作量证明的共识系统从某种意义上来说，维护区块链安全的资源不是一个闭环，Block chain is secured by mining，用美元可以购买矿机，然后参与挖矿，资源是可以从加密货币系统的外面得到的。虽然近几年加密货币的市值有了很大的增长，但无论怎么说，跟世界经济总量相比，仍微乎其微。所以，如果有某个组织想要发动恶意攻击，只需用足够的资金购买挖矿设备，然后聚集到加密货币总算力一半以上的算力即可。外部的资源都可以转化成挖矿的算力，转换成对这个加密货币攻击的这种能力。像比特币这样比较主流的加密货币，抗攻击的能力还是相对比较强的，因为系统的总算力还是比较大的，如果是这些刚刚发行的小币种，这种遇到这样的攻击可能就是致命性的。如果这种小币种刚刚发行不久，就遇到这种攻击，那么很可能这个币价就直线下降甚至归零了，对于这个开发者和早期矿工来说，遭受的损失可能是灾难性的。AltCoin Infanticide，AltCoin：小币种，Infant：婴儿，Infanticide：扼杀在摇篮里。不等这个加密货币长大，就把它先干掉了。

Consensus system based on workload proof in a sense of resources available outside the encrypted monetary system; of resources to maintain block security is not a closed ring ， of dollars to buy mine machines xff0c; of resources available outside the encrypted monetary system; of resources available;

? ? ? ? 权益证明类似于股份制公司按每人占的股份进行投票，权益证明是按照你有多少该币种的币进行投票的，所以如果有某个人想发动恶意攻击，比如说51%的攻击，首先要获得这个币种发行量一半以上的份额才行，也就是说发动攻击的资源只能从加密货币系统内部得到，这就是为什么说他是一个闭环。买到足够多的币才能发动攻击，而一旦有人大量买入加密货币，会出现价格大涨，有点类似于股份制公司遭受恶意收购，所以说工作量证明的系统维护安全的资源不是一个闭环，权益证明才是一个闭环。

♪ ♪ strong's interest proves similar to the shareholding vote of a share company ， #xff0c; so if someone wants to launch a malicious attack xff0c; for example, 51% attack xff0c; first to get more than half of the circulation of this currency xff0c; that is to say that the resources to launch an attack can only be obtained from an encrypted currency system xff0c; that is why he is a closed ring.

3.权益证明和工作量证明混合模型? ? ?

权益证明和工作量证明并不是互斥的。有的加密货币采用的是一种混合模型，他仍然是要挖矿的，但是挖矿的难度跟你占有的权益，你持有币的数量相关。即持有的币越多，挖矿的难度就越小，根据持有的这个币的权益降低调整你的挖矿难度。当然，这其实也有一定问题，这样的话，系统中持有币数量最多的那个人，每次挖矿都是最容易的。所以，有的加密货币要求你投入的币会被锁定一段时间，不能重复使用，这种情况叫做Proof of Deposit。

certificates of interest and workloads are not mutually exclusive . Some encrypted currencies use a mixed model xff0c; he is still xff0c for mining; but the difficulty of mining is related to the amount of money you hold xff0c. The more currency you hold xff0c; the smaller the difficulty of mining xff0c; the less difficult it is to adjust your mining to the amount of money you hold xff0c; of course xff0c; there is a certain problem xff0c; xff0c; xff0c; the person with the largest number of currencies in the system xff0c; so xff0c; some cryptographic currencies require that your money be locked for a certain period xff0c; this cannot be repeated xff0c; this is called Proof of Deposit.

4.Proof of Stake

如下图3-1所示是我们之前学习过的出现分叉的情况，按照之前的情况是要么按照上方链挖，要么按照下方链挖，一般是会沿着上方链挖，因为它是最长合法链，但是下面那条链也有可能成为最长合法链，但是一般不会两边都挖，因为这样做算力分散了，挖到矿的概率就小了。

Figure 3-1 below shows the occurrence of the fork that we have learned before xff0c; as was the case before, either dig xff0c according to the upper chain; or dig xff0c according to the lower chain; usually dig xff0c along the upper chain; because it is the longest legal chain xff0c; but the lower chain may also be the longest legal chain xff0c; usually not xff0c on both sides; because it spreads out xff0c; and the probability of mining is small.

用权益证明的话，可以两边都下注，如果上面那条链成为最长合法链，下面那条链锁定的那些币是没有影响的。挖下面区块投入的那些币，只记录在下面的分叉上，并不影响你在上面分叉的使用，这种情况叫nothing at stake，这是早期基于权益证明遇到的一个问题。

xff0c in the words of interests; bets xff0c on both sides; if the chain above becomes the longest legal chain xff0c; those that are locked in the chain below are unaffected. Dig those coins xff0c that are put into the block below; record only xff0c on the fork below; do not affect your use of the fork above xff0c; this is known as nothing at STake， this is an early problem based on an entitlement certificate.

5.以太坊中准备采用的权益证明协议

（1）过渡阶段

& #xff08; 1xff09; transition phase

以太坊中准备采用的权益证明协议叫做Casper the Friendly Finality Gadget(FFG)，在过渡阶段跟工作量证明混合使用，为工作量证明提供Finality，Finality是一种最终的状态，包含在Finality中的交易不会被取消，单纯基于工作量证明的交易是有可能被回滚的，比特币中规定要等六个确定区块，意思是等了六个确定区块之后，发生回滚的可能性已经非常小了，但是有个某个有恶意的攻击者，从前面开始分叉，只要他算力足够强占到半数以上的算力，那么仍然有可能让这个分叉链变得比原来的链更长，所以单纯基于挖矿的是缺乏这种Finality。

The agreement on proof of interest to be adopted in the Tails is called Casper the Financial Finance Gadget (FFG) & #xff0c; mixed use of ， during the transition phase with the workload certificate; provision of Finaability， for workload certification; Final state & #xff0c; transaction included in Finality will not be cancelled xff0c; transaction based solely on workload proof is likely to roll back xff0c; six defined blocks xff0c in Bitco is required to wait for six defined blocks xff0c; the possibility of rolling back is already very small xff0c; but there is a malicious attacker xff0c; transaction starting from the front xff0c; as long as he is strong enough to account for more than half of the force xffc; it is still possible to make the segment longer than the original chain xfffn; this mine is based on a simple lack of mining.

（2）Casper协议
引入了一个概念叫做验证者Validator，要想成为一个Validator必须要投入一定数量的以太币作为保证金，这个保证金会被系统里面锁定住。Validator的职责是要推动系统达成共识，投票决定那条链是最长合法链，投票的权益决定于保证金的数目大小，具体的做法类似于数据库里的Two-phase commit。

（ 2） Casper Agreement
introduced a concept called the Certator Validator & #xff0c; to become a Validador, a certain amount of tNT is required as a bond & #xff0c; this bond is locked in the system. Validador's job is to promote consensus in the system xff0c; to vote to determine that the chain is the longest legitimate chain xff0c; to vote in favour of the size of the bond xff0c; to do something similar to the Two-phase committee in the database.

混用的时候还是有人挖矿的，挖矿每挖出100个区块就作为一个epoch，然后决定能不能成为Finality，要进行一些投票，第一轮投票是Prepare Message，然后第二轮是Commit Message，Casper规定每一轮投票都要得到2/3的验证者才能通过（按照保证金的金额大小来算）。实际系统当中不再区分这两个Message，而且把这个epoch从原来的100个区块减少到50个区块，变成了每50个区块就是一个epoch，每个epoch只用一轮投票的就行了，这一轮投票对于上一个epoch来说是个Commit Message，对于下一个来说是一个Prepare Message，要连续两轮投票，两个epoch都得到2/3以上的多数，才算有效，如下图3-2所示?。

The first round of voting was Prepare Message， the second round was sent to Commit Message， Casper required two thirds of the certified voters for each round of voting to pass through xff08; xff09 according to the size of the guarantee; the actual system no longer distinguished between the two; and this epoch was reduced from 100 to 50 blocks xff0c; the next 50 blocks was an epoch#xff0c; each epoch only used a round of votes xff0c; the last round was a compoch #x0x0x0; the next #0fffffffffffft2; and the next #0x0x0x0x0x0x0x0xx0x0x0xx0x0x0x; the next ballot was effective;

验证者参与有什么好处呢？
如果验证者履行职责的话，可以得到相应的奖励，就像矿工挖矿能得到出块奖励一样，验证者做这个工作也可以得到这个奖励。但如果验证者有不良行为被发现的话，要受到相应的处罚，比如某个验证者行政不作为，该投票的时候不去投票，导致系统迟迟达不成共识，这种情况下要扣掉他的一部分保证金。如果某个验证者乱作为（乱投票），给两个有冲突的分叉都投票，就两边下注，这种情况被发现的话，要没收全部的保证金，没收到保证金会被销毁，相当于减少了系统中以太币的总供应量。每个验证者有一定任期（即使你交了保证金也不是可以永远当验证者），任期满了之后要经过一定时间的等待期，等待期是为了让其他的验证者检举揭发这个验证者有没有什么不良的行为，进行惩处，如果等待期过了，没有什么问题，验证者可以取回当初的保证金并且得到的奖励。

if the certifier performed his duties < xff0c > ; the corresponding rewards xfff0c; xff0c as if the miner's mining was given an incentive xff0c; xxxxfnnnfdndndndndndnttfttttttnftttntttttttttnttntntttttttttttttttttttt t ttttt ttt ff ff