我的最新视频课程《说透以太坊技术》被选为第一个上线登链社区讲堂的课程,正在进行超低折扣促销
My latest video course, Say E-Technology, was selected for the first online community lecture session #xff0c; a super-low discount promotion is under way.
Dapp和公链开发者的必修课,原价360元,现59元起,每新上传一节课价格上调5元,小伙伴们抓紧时间上车哦
Mandatory course for Dapp and public-chain developers & #xff0c; original cost of $360 & #xff0c; current cost of $59 & #xff0c; price increase of $5 #xff0c per new upload course; little partners rushing into the car
课程链接:https://learnblockchain.cn/course/1
Course link #xff1a; https://learnblockchain.cn/course/1
对于没有把数学学会的同学来说,如果希望从算法层了解以太坊的工作量证明是非常困难的。一本黄皮书会难倒一大批吃瓜群众。因此,本文将试图使用图文和尽量简单的数学来解释以太坊挖矿工作量证明,包括以太坊是如何对抗ASIC1、如何动态调整挖矿难度、如何校验挖矿正确性的。
xff0c for those who do not have math schools; it is difficult to understand the Ether's workload from the algorithm level. A yellow-skin book will be difficult for a large crowd of people who eat gourmet. xff0c; this paper will try to use graphics and as simple as possible to explain xff0c as a result of the mining workload in the Taiku; it will include how the Etherkom is confronting ASIC1, how dynamically adjusts the mining difficulties, and how to verify the correctness of the mining.
工作量证明(Proof-of-Work,PoW)是一种对应服务与资源滥用、或是拒绝服务攻击的经济对策。一般是要求用户进行一些耗时适当的复杂运算,并且答案能被服务方快速验算,以此耗用的时间、设备与能源做为担保成本,以确保服务与资源是被真正的需求所使用。
Workload certification (Proof-of-Work, PoW) is an economic response to the misuse of services and resources or the denial of service attacks. Generally, users are required to perform complex and time-consuming calculations & #xff0c; and answers can be quickly measured by the service provider & #xff0c; the cost of time, equipment and energy is used as collateral xff0c; and services and resources are used to ensure that they are used for real needs.
摘自维基百科
It's taken from Wikipedia.
这种经济性应对政策概念,是在1993年提,直到1999年才使用 Proof-of-Work一词。
This economic policy response concept xff0c; it was introduced in 1993 xff0c; the term Proof-of-Work was not used until 1999.
Proof of Work ,直接翻译过来是工作量证明。这个词的中文直接听起来有点不知所云。实际上如果我跟你说结婚证明,离职证明,那你是不是首先想到的是一张上面印着一些东西的纸呢?别人看到这张纸就知道你的确结婚了,或者你的确从某单位离职了。工作量证明从语法上也是一个逻辑,也可以理解成一张纸,通过这张纸就可以证明你的确完成了一定量的工作。这就是工作量证明的字面意思。
Proof of Work & #xff0c; Direct translation is proof of workload. The word in Chinese sounds a little obscure. In fact, if I told you about the certificate of marriage & #xff0c; the certificate of separation & #xff0c; if you think first of a piece of paper with something on it & #xff1f; if you see this piece of paper, you know that you are married & #xff0c; or that you are leaving a unit. The proof of workload is also a logic & #xff0c; it is understandable that a piece of paper & #xff0c can prove that you did a certain amount of work. That is the literal meaning of the proof of workload.
那工作量证明有什么特点呢?我们抛开计算机,用现实世界的例子来说明。例如我上课不认真,老师罚我把《桃花源记》抄写十遍,我用了两个小时的劳动,最后给老师的就是一张纸,而老师要确认我的确付出了大量劳动,其实只需要看一眼就可以了。这个例子道出了 POW 机制的一大特点,那就是生成需要花费大量劳动,但是验证只需一瞬间。另外一个工作量证明的例子可以是,老师给我出一道题,我给老师的运算结果,或者说就是最后的那个数字,就是我的工作量证明。回到计算机情形下,纸当然是不存在的,所以所谓的工作量证明就是花费了很多劳动而得到的一个数了。
And what's the characteristic of the workload proof? xff1f; we drop the computer xff0c; we use the example of the real world. For example, I'm not serious xff0c; the teacher fined me for reproducing the Powder Book ten times xff0c; I used two hours of work xff0c; the last thing I gave the teacher was a paper xff0c; the teacher wanted to confirm that I did pay a lot of work xff0c; or the last number xff0c; that's my workload.
再说说 POW 最早的用途。人们在使用电子邮件的时候会收到垃圾邮件的骚扰。如果没有成本,那么发送一百万封邮件的确是很轻松的事情了。所以,聪明的人就会想,如果让每一封邮件发送时候,都有一个微小的成本,那么垃圾邮件就会被很大程度的遏制了。而 POW 就是为了服务这个目的产生的。基本过程就是邮件接收方会先广播一道题出去,邮件发送方发邮件的时候必须附带上这道题的答案,这样邮件才会被接受,否则就会被认为是垃圾邮件。
Plus, the earliest uses of Pow. People get spam harassment when they use e-mails. It's easy to send a million messages without cost & #xff0c; it's easy to send a million messages. So & #xff0c; smart people think & #xff0c; xff0c; there's a small cost #xff0c at the time each e-mail is sent; xff0c; xff0c; xff0c; then spam is contained to a great extent. And Pow is created to serve this purpose. The basic process is that mail recipients broadcast a question xff0c; e-mail senders must attach an answer to this question #xff0c; so the mail will be accepted #xff0c; otherwise it will be considered to be spam.
摘自:https://zhuanlan.zhihu.com/p/42694998
From #xff1a; https://zhuanlan.zhihu.com/p/42694998
挖矿就是在求解一道数学方程。方程的多个可能的解被称为解的空间。挖矿就是从中寻找一个解。不同于几何方程,这个挖矿方程有如下特点:
Digging is a mathematical equation. Multiple possible solutions to the equation are called resolution space. Mining is a solution. Unlike geometric equations & #xff0c; this mining equation has the following characteristics xff1a;
1.没有比穷举法更有效的求解方法;2.解在空间中均匀分布,每一次穷举查找到解的概率基本一致;3.解的空间足够大,保证一定能够找到解;
There is no more effective method of solving xff1b; 2. Solving is evenly distributed in space xff0c; the probability of finding a solution in each exhaustive survey is largely consistent xff1b; 3. The resolution is wide enough xff0c; and xff1b is guaranteed.
假设挖矿方程是:n=random(1,10),求 n< D。
Assuming that the mining equation is xff1a; n61; Random (1,10) xff0c; n< D.
当 D为10时,我们只需要运算一次就可以找到任意的n都满足 n<10,可当 D =5,则平均需要两次运算才能找到 n<5,随着D的减小,需要运算的次数就会增大。
When D is 10 & #xff0c; we only need to calculate once to find any n< 10 & #xff0c; when D & #61; 5 & #xff0c; on average it takes two operations to find n< 5 & #xff0c; as D decreases & #xff0c; the number of operations required will increase.
这里的D 就是通常说的挖矿难度,通过调整解空间中的符合要求的解的数量来控制求解所需要尝试的次数,间接的控制产生一个区块所需要的时间。使得可以调控和稳定区块间隔时间。
The D here is what is usually called mining difficulties, controlling the number of attempts to solve by adjusting the number of solutions in the resolution space that meet the requirements xff0c; and the time it takes for indirect control to produce a block. This allows the time between blocks to be regulated and stabilized.
当挖矿的人很多,单位时间内尝试次数增多时,求解的速度也就更快,区块挖出用时更短。此时则增大挖矿难度,增大平均尝试次数,使得挖矿耗时上升。反之依然。
When there are many diggers xff0c; when there is an increase in the number of attempts in a unit time xff0c; when there is a faster speed of resolution xff0c; and when blocks are less used. This increases the difficulty of digging xff0c; increases the average number of attempts xff0c; increases the time taken to dig. The reverse is still true.
通过父区块可计算新区块的挖矿难度,再求解挖矿方程。
The difficulty of excavating the new blocks can be calculated through parent blocks xff0c; the equation of excavating the mine is then sought.
挖矿工作量证明通过一个密码学安全的nonce来证明“为了获得挖矿方程解n,已经付出了一定量的计算”。工作量证明函数可以用PoW表示:
其中
The mining workload has been demonstrated by a cryptographic security nence to prove “a certain amount of calculation has been made in order to obtain the excavator equation n,”. The workload certificate function can be expressed in PoW : 
?是区块 difficulty 值。;3.
?是区块mixHash值;挖矿方程算法返还的第一个参数值;4.
是区块nonce值; 挖矿方程算法返还的第二个参数值;5.d 是一个计算mixHash所需要的大型数据集dataset;6.PoW是工作量证明函数,可以得到两个值,其中第一个是mixHash,第二个是密码学依赖于 H和d的伪随机数。
1.
大致流程如下:
The approximate process is as follows: xff1a;
1.根据父区块头和新区块头计算出;2.在PoW开始时选择一个随机数作为Nonce的初始化值;3.将Nonce和作为挖矿方程Ethash的入参;4.执行Ethash将得到两个返回值:mixHash和 result;5.判断 result 是否高于
。如果是则 nonce加1,继续穷举查找;否则,如果是则说明求解成功。返回 mixHash和Nonce;6.两个值记录到区块头中,完成挖矿。
1.
Aligning algorithms have changed xff0c several times on Ethernet; and the actual realization code is inconsistent xff0c even if defined in Taiwan’s yellow book; here I solve block difficulty algorithms in terms of program implementation code. 
其中有:
Among them are xff1a;
是创世区块的难度值。难度值参数
被用来影响出块时间的动态平衡。使用了变量而非直接使用两个区块间的时间间隔,是用于保持算法的粗颗粒度,防止当区块时间间隔为1秒时只有稍微高难度情况。也可以确保该情况下容易导致到软分叉。
-99 的上限只是用来防止客户端安全错误或者其他黑天鹅问题导致两个区块间在时间上相距太远,难度值也不会下降得太多。在数学理论是两个区块的时间间隔不会超过24秒。
The upper limit of -99 is simply to prevent client security errors or other black swan problems from leading to a long time gap between the two blocks xff0c; the difficulty value does not fall too much. The mathematical theory is that the time interval between the two blocks does not exceed 24 seconds.
难度增量 ∈ 会越来越快地使难度值缓慢增长(每10万个区块),从而增加区块时间差别,为以太坊2.0的权益证明(proof-of-stake)切换增加了时间压力。这个效果就是所谓的“难度炸弹”(“difcultybomb”)或“冰河时期”(“iceage”)。
The difficulty increases the speed with which the difficulty increases (per 100,000 blocks) xff0c; thus increases the time difference between blocks xff0c; increases the time pressure for proof-of-stake swaps. This effect is the so-called “difficultybomb” or “iceage” effect.
以太坊的设想是最终从PoW过度到PoS,为了给过度施加时间压力,所以在区块难度中预埋了一个难度炸弹 ∈ ,他是以2的指数级增长的。如果听过“棋牌摆米”的数学故事,就应该清楚指数级增长是非常恐怖的。
It is the idea that it will eventually go too far from PoW to PoS, that it will put excessive time pressure on xff0c; that it pre-positions a hard bomb in the block's difficulty xff0c; that he is growing at the index level of 2. If you have heard the mathematical story of "gaming rice" xff0c; and it should be clear that index growth is terrible.
最终,在拜占庭版本中,伴随EIP-649,通过伪造一个区块号
来延迟冰河时期的来临。这是通过用实际区块号减去300万来获得的。换句话说,就是减少 ∈ 和区块间的时间间隔,来为权益证明的开发争取更多的时间并防止网络被“冻结”。
Final xff0c; in Byzantine version xff0c; accompanied by EIP-649, delayed the onset of the ice age by falsifying a block number 
到500万来延迟冰河时期。
xff0c in the Constantinople version upgrade; xff0c in video conference by the developer of the Taitang; xff0c if the difficulty bomb is directly executed xff0c; xfff0c if the portal is successfully switched to Pos, there are a large number of miners leaving xff0c; this is likely to have a significant impact on the safety of the community. xff0c; with EIP-1234, 
5 million to delay the ice period.
这个挖矿难度调整机制保证了区块时间的动态平衡;如果最近的两个区块间隔较短,则会导致难度值增加,因此需要额外的计算量,大概率会延长下个区块的出块时间。相反,如果最近的两个区块间隔过长,难度值和下一个区块的预期出块时间也会变短。
This difficulty adjustment mechanism ensures a dynamic balance of block time xff1b; if the last two blocks are shorter xff0c; if the last two are shorter xff0c; if the difficulty is increased xff0c; if additional calculations are required xff0c; presumably, the next block is prolonged. xff0c; if the last two blocks are too long xff0c; the difficulty value and the expected release time of the next block is also shorter.
区块链鼻祖比特币,是PoW共识,已经稳定运行10年。但在2011年开始,因为比特币有利可图,市场上出现了专业矿机专门针对哈希算法、散热、耗能进行优化,这脱离了比特币网络节点运行在成千上万的普通计算机中并公平参与挖矿的初衷。这容易造成节点中心化,面临51%攻击风险。因此,以太坊需要预防和改进PoW。因此在以太坊设计共识算法时,期望达到两个目的:
xff0c; PoW Consensus & #xff0c; has been stable for 10 years. But starting in 2011 xff0c; because bitcoin is profitable xff0c; the market has seen the emergence of a specialized miner dedicated to the optimization of Hashi algorithms, heat dispersion, energy consumption xff0c; this is a departure from the original intent of Bitcoin network nodes to run in thousands of ordinary computers and participate equitably in mining. This can easily result in nodal centralization xff0c; risk of 51% attack. xff0c; therefore, the Taiku needs to prevent and improve PoW. #xff0c is therefore expected to achieve two objectives xff1a when designing consensus algorithms in Taiku;
1.抗ASIC1性:为算法创建专用硬件的优势应尽可能小,理想情况是即使开发出专有的集成电路,加速能力也足够小。以便普通计算机上的用户仍然可以获得微不足道的利润。2.轻客户端可验证性: 一个区块应能被轻客户端快速有效校验。
1. Anti-ASIC1xff1a; the advantage of creating specialized hardware for algorithms should be as small as possible xff0c; ideally, even if a proprietary integrated circuit is developed xff0c; the acceleration capability is small enough. Users on a general computer will still get negligible profits. 2. Light client verifiability: a block should be able to be quickly and effectively verified by a light client.
在以太坊早期起草的共识算法是 Dagger-Hashimoto,由 Buterin和 Dryja提出。但被证明很容易受到 Sergio Lerner 共享内存硬件加速的影响。所以最终抛弃了 Dagger-Hashimoto,改变研究方向。在对 Dagger-Hashimoto 进行大量修改,终于形成了明显不同于 Dagger-Hashimoto 的新算法:Ethash。Ethash 就是以太坊1.0 的挖矿方程。
The consensus algorithm that was drafted earlier in Etheria was Dagger-Hashimoto, proposed by Buterin and Dryja. But it proved to be easily affected by the acceleration of Sergio Lerner's share of memory hardware. So it eventually abandoned Dagger-Hashimoto, changed the course of the study. In Dagger-Hashimoto, a lot of modifications were made xfff0c; a new algorithm clearly different from Dagger-Hashimoto xff1a; Ethash. Ethash is the recipe for mining 1.0 in Taiku.
这个算法的大致流程如下:
The approximate process for this algorithm is as follows: xff1a; 
1.通过扫描区块头直到某点,来为每个区块计算得到一个种子 Seed。2.根据种子可以计算一个初始大小为 16MB的伪随机缓存cache。轻客户端保存这个 cache,用于辅助校验区块和生成数据集。3.根据 cache, 可以生成一个初始大小为 1GB的DAG数据集。数据集中的每个条目(64字节)仅依赖于 cache 中的一小部分条目。数据集会随时间线性增长,每30000个区块间隔更新一次。数据集仅仅存储在完整客户端和矿工节点,但大多数时间矿工的工作是读取这个数据集,而不是改变它。4.挖矿则是在数据集中选取随机的部分并将他们一起哈希。可以根据 cache 仅生成验证所需的部分,这样就可以使用少量内存完整验证,所以对于验证来讲,仅需要保存 cache 即可。
1. A seed is calculated for each block by scanning the head of a block until a point xff0c. 2. A pseudo-random cache cache with an initial size of 16MB can be calculated on the basis of the seed. The cache is saved by a light client to support the calibration block and generate the data set. 3. Based on cache, can generate a DAG data set with an initial size of 1GB. Each entry in the data set (64 bits) is dependent on only a small portion of the cache entry. Data gatherings can be updated at intervals of xff0c per 30,000 blocks. Data sets can be stored only at the full customer end and miner's node xff0c; most time miners can read the data set xff0c; not change it. Mining can only be saved in a random section of the data pool. Data gatherings can generate only those parts of xff0c per block; this can use only a small amount of xff0c; this can be used for validation purposes.
这里cache选择16 MB 缓存是因为较小的高速缓存允许使用光评估(light-evaluation)方法,太容易用于 ASIC。16 MB 缓存仍然需要非常高的缓存读取带宽,而较小的高速缓存可以更容易地被优化。较大的缓存会导致算法太难而使得轻客户端无法进行区块校验。
Cache selects 16 MB caches here because smaller high-speed caches allow light-evaluation methods, which are too easy to use for ASIC. 16 MB caches still require very high cache read-and-read bandwidth & #xff0c; smaller high-speed caches can be more easily optimized. Large caches can make algorithms too difficult for light clients to perform block calibrations.
选择初始大小为 1GB 的DAG数据集是为了要求内存级别超过大多数专用内存和缓存的大小,但普通计算机能够也还能使用它。数据集选择 30000 个块更新一次,是因为间隔太大使得更容易创建被设计为非常不频繁地更新并且仅经常读取的内存。而间隔太短,会增加进入壁垒,因为弱机器需要花费大量时间在更新数据集的固定成本上。
The DAG data set with an initial size of 1 GB is selected to require the memory level to exceed the size of most dedicated memory and caches xff0c; but the normal computer can also use it. The data set is selected for 30000 blocks to update xff0c once; it is made easier to create memory that is designed to be updated very infrequently and read only frequently. The interval is too short xff0c; it increases access barriers xff0c; because weak machines take a lot of time on the fixed cost of updating data sets.
同时,缓存和数据集大小随时间线性增长,且为了降低循环行为时的偶然规律性风险,数据大小是一个不超过上限的素数。每年约以0.73倍的速度增长,这个增长速率大致同摩尔定律持平。这仍有越过摩尔定律的风险,将导致挖矿需要非常大量的内存,使得普通的GPU不再能用于挖矿。因为可通过使用缓存重新生成所需数据集的特定部分,少量内存进行PoW验证,因此你只需要存储缓存,而不需要存储数据集。
At the same time xff0c; Cache and dataset sizes increase linearly over time xff0c; and, in order to reduce the occasional regularity risk of recycling behaviour xff0c; data size is a prime number that does not exceed the ceiling. Growth is about 0.73 times xff0c per year; this rate of growth is roughly the same as in Moore's Law. There is still a risk of crossing Moore's Law xff0c; mining requires a very large amount of RAM xff0c; ordinary GPUs are no longer capable of mining.
缓存c和数据集d的大小依赖用区块的窗口周期Eepoch。
The size of the cache c and data set d depends on the window cycle Eepoch. 
每过一个窗口周期后,数据集固定增长8MB(223 字节),缓存固定增长 128kb(217 字节)。为了降低循环行为时的偶然规律性风险,数据大小必须是一个素数。计算缓存大小公式:
After each window cycle xff0c; data set fixed growth 8MB (223 bytes) xff0c; Cache fixed growth 128kb (217) bytes. To reduce the incidental regularity risk of circular behaviour xff0c; data size must be a prime. Calculating the cache size formula xff1a; 
计算数据大小公式:
Calculating data size formula@#xff1a;
其中,求素数公式如下:
of which xff0c; xff1a; 
这个素数计算是从不高于上限值中向下依次递减2*64字节递归查找,直到 x/64是一个素数。
This prime is calculated to search for xff0c in descending order from 2*64 bytes not above the upper limit; until x/64 is a prime.
种子seed实际是一个哈希值,每个窗口周期(30000个区块)更新一次。它是经过多次叠加Keccak256计算得到的。
Seed is actually a Hashi & #xff0c; it is updated every window cycle (30,000 blocks). It is calculated by adding Keccak256 several times.
第一个窗口周期内的种子哈希值s 是一个空的32字节数组,而后续每个周期中的种子哈希值,则对上一个周期的种子哈希值再次进行Keccak256哈希得到。
The seed Hashis in the first window cycle is an empty 32byte array xff0c; the seed Hashis in each subsequent cycle xff0c; and the seed Hashis in the previous cycle is again captured in Keccak256 Hashi.
缓存cache 生成过程中,是将cache切割成64字节长的若干行数组操作的。
Cache generation & #xff0c;
先将种子哈希值的Keccak512结果作为初始化值写入第一行中;随后,每行的数据用上行数据的Keccak512哈希值填充;最后,执行了3次 RandMemoHash算法(在严格内存硬哈希函数 Strict Memory Hard Hashing Functions (2014)中定义的内存难题算法)。该生成算法的目的是为了证明这一刻确实使用了指定量的内存进行计算。
The results of Keccak512 of the seed have been written as initialization values in line 1 xff1b; then xff0c; data for each line have been filled with topline xff1b; last xff0c; and the Rand MemoHash algorithm has been implemented three times (as defined in Strict Memory Hard Hashing Actions (2014)). The algorithm is designed to show that the memory of the specified quantity has been used for calculation purposes.
RandMemoHash 算法可以理解为将若干行进行首尾连接的环链,其中n为行数。
The Rand MemoHash algorithm can be understood as the chain xff0c; of which n is the line number. 
每次RandMemoHash 计算是依次对每行进行重新填充。先求第 i 行的前后两行值得或运算结果,再对结果进行Keccak512哈希后填充到第i行中。
RandMemoHash calculates that each row is refilled sequentially. First, the first two lines of line I are worthwhile or operational xff0c; then the result is filled in line I after Keccak512 Hashi.
最后,如果操作系统是 Big-Endian(非little-endian)的字节序,那么意味着低位字节排放在内存的高端,高位字节排放在内存的低端。此时,将缓存内容进行倒排,以便调整内存存放顺序。最终使得缓存数据在内存中排序顺序和机器字节顺序一致。
& #xff0c; if the operating system is Big-Endian (non-little-endian) byte & #xff0c; that means low-bit emissions in the upper end & #xff0c; high-bit emissions in the lower end. & #xff0c; reverse cache content in #xff0c; in order to adjust memory storage order. Eventually, the order of order in the cache data in the memory is consistent with the order of the machine bytes.
利用缓存cache来生成数据集,首先将缓存切割成n个16 bytes大小的单元。在生成过程中时将数据集切割为若干个64bytes大小的数据项,可对每项数据mix并发生成。最终将所有数据项拼接成数据集。
Use cache cache to generate datasets & #xff0c; first to cut caches into n 16 bytes-sized units. During generation, the data sets are cut into several 64bytes-sized data items & #xff0c; each datamix can occur. Eventually, all data items are combined into data sets.
1.
在生成index行的数据时,先从缓存中获取第 index % n 个单元的值u;
When generating data for the index line & #xff0c; first fetching the value of unit u of the index %n from the cache;
2.
数据项mix长度64bytes,分割为4bytes的16个uint32。第一个uint32等于 u^index,其他第i个uint32等于u+i;
Data item mix length 64bytes, 16 uint32 split into 4bytes. The first uint32 equals uindex, the other uint32 equals u#43;i;
3.
用数据项mix的Keccak512哈希值覆盖mix;
(b) To overwrite mix; with the Keccak512 Hz of the data item mix;
4.
对mix进行FNV哈希。在FNV哈希时,是要从缓存中获取256个父项进行运算。
Runs the FNV Hashi to mix. At FNV Hashi & #xff0c; to get 256 parent items from the cache for calculation.
1.确定第p个父项位置: FNV(index^p , mix[p%16]) % n;2.再将FNV( mix[p%16], cache[p] )的值填充到 mix[p%16]中;其中,FNV(x,y)= x*0x01000193 ^ y ;这里的256次计算,相当于mix的16个uint32循环执行了16次。
1. Determines the location of the p parent item: FNV (indexp & #xff0c; mix[p%16] % n& #xff1b; 2. Fill the value of FNV (mix[p%16], cache[p]) to xff1b in mix[p%16]; xff0c; FNV(x,y)& #61; x*0x01000193 y & #xff1b; 256 calculations xff0c; 16 uint32 cycles equivalent to mix have been implemented 16 times.
5.
再一次用数据项mix的Keccak512哈希值覆盖mix;
Once again, the Keccak512 Hashi value of the data item mix overmix;
6.
如果机器字节序是Big-Endian的,则还需要交换高低位;
If the byte sequence of the machine is Big-Endian xff0c; there is also a need to exchange low xff1b;
7.
最后将mix填充到数据集中,即 dataset[index]=mix;
Finally fill mex into the data repository xff0c; i.e. dataet[index]=mix;
注意,在FNV哈希计算中,初始大小1 GB数据集累积需要约42亿次(16777216 * 256) 次计算。即使并发计算,也需要一定的时间才能完成一次数据集生成。这也就是为什么在启动一个geth挖矿节点时,刚开始时会看到一段“Generating DAG in progress” 的日志,直到生成数据集完成后,才可以开始挖矿。
Note & #xff0c; , in FNVH calculations; the initial size of a GB data set takes about 4.2 billion times (16777216 *256) to accumulate. Even co-enumerate & #xff0c; takes some time to complete a dataset generation. This is why #xff0c starts with a gath mining node; a log & #xff0c ; can start mining until the data set is generated.
准备好数据集dataset就可以用于工作量证明计算。依赖nonce、h、dataset可计算出的一个伪随机数N,工作量证明就是校验N是否符合难度要求。工作量计算由挖矿方程Ethash定义。
Dataset dataset can be used for workload proof calculations. A false random number N, can be calculated with nence, h, dataset; workload proof is to verify N's compliance with difficulty requirements. 
上图是Ethash的计算流程图。说明如下:
The figure above is a flow chart of Ethash's calculations.
1.首先将传入的新区块头哈希值和随机数nonce拼接后进行KEC512哈希,得到64字节的种子seed;2.然后初始化一个128字节长的mix,初始化时分割成32个4字节的单元;使用128字节的顺序访问,以便每次Ethash计算都始终从RAM提取整页,从而最小化页表缓存未命中情况。理论上,ASIC是可以避免的;3.mix数组的每个元素值来自于seed; mix[i]= s[i%16*4];是seed的第0、4、8...60位的值;4.紧接着完成64次循环内存随机读写。每次循环需要从 dataset 中取指定位置p(fnv(i^s[:32],i%32) % rows)和p+1上的两个16字节拼接成32字节的m;然后,使用fnv(mix[i],m[i])去覆盖mix[i]; 其中,i是循环索引、s[:32]是种子seed的前32字节、rows是表示数据集dataset可分成rows个128字节。5.然后压缩mix。压缩是将mix以每16字节分别压缩得到8个压缩项。每16字节又是4小份的fnv叠加哈希值fnv(fnv(fnv(m[0],m[1]),m[2]),m[3]);6.拼接这8个压缩项就得到mix的哈希值mixHash;7.最后将seed和mixHash进行KEC256哈希得到伪随机数N;8.最终,返回这两个参数:mixHash和N;
#xff0c; initialization of a 128 byte mixxff0c; initialization of 32 4 byte units xff1b; sequential access to 128 by 128 bits xff0c; maintenance of the entire page xff0c per Ethash; release of the 64 bytes seed, release of the 64 by 64 by 64 by 64 by 64 by 64; xf0c; ff6 by x6; f6 by f6; f3x6; f6x3; f6 by s; f3x3; f6x3x6x; f6x6s; f6x3; f6x3; f6 s3; f6 s; s3; ff6 s; s3; ffffffffs.
点击?阅读原文?获得更好阅读体验
Click? Read the original? Get a better reading experience.
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
发表评论