月亮链 月亮链
Ctrl+D收藏月亮链
首页 > AAVE > 正文

atc:比特币白皮书(英文版)_atc币是什么币CPU币

作者:

时间:1900/1/1 0:00:00

比特币白皮书

Bitcoin:APeer-to-PeerElectronicCashSystem

SatoshiNakamoto

satoshin@gmx.com

www.bitcoin.org

Abstract

Bitcoin:APeer-to-PeerElectronicCashSystem

SatoshiNakamoto

satoshin@gmx.com

www.bitcoin.org

1.Introduction

CommerceontheInternethascometorelyalmostexclusivelyonfinancialinstitutionsservingastrustedthirdpartiestoprocesselectronicpayments.Whilethesystemworkswellenoughformosttransactions,itstillsuffersfromtheinherentweaknessesofthetrustbasedmodel.Completelynon-reversibletransactionsarenotreallypossible,sincefinancialinstitutionscannotavoidmediatingdisputes.Thecostofmediationincreasestransactioncosts,limitingtheminimumpracticaltransactionsizeandcuttingoffthepossibilityforsmallcasualtransactions,andthereisabroadercostinthelossofabilitytomakenon-reversiblepaymentsfornonreversibleservices.Withthepossibilityofreversal,theneedfortrustspreads.Merchantsmustbewaryoftheircustomers,hasslingthemformoreinformationthantheywouldotherwiseneed.Acertainpercentageoffraudisacceptedasunavoidable.Thesecostsandpaymentuncertaintiescanbeavoidedinpersonbyusingphysicalcurrency,butnomechanismexiststomakepaymentsoveracommunicationschannelwithoutatrustedparty.

Whatisneededisanelectronicpaymentsystembasedoncryptographicproofinsteadoftrust,allowinganytwowillingpartiestotransactdirectlywitheachotherwithouttheneedforatrustedthirdparty.Transactionsthatarecomputationallyimpracticaltoreversewouldprotectsellersfromfraud,androutineescrowmechanismscouldeasilybeimplementedtoprotectbuyers.Inthispaper,weproposeasolutiontothedouble-spendingproblemusingapeer-to-peerdistributedtimestampservertogeneratecomputationalproofofthechronologicalorderoftransactions.ThesystemissecureaslongashonestnodescollectivelycontrolmoreCPUpowerthananycooperatinggroupofattackernodes.

2.Transactions

Wedefineanelectroniccoinasachainofdigitalsignatures.Eachownertransfersthecointothenextbydigitallysigningahashoftheprevioustransactionandthepublickeyofthenextownerandaddingthesetotheendofthecoin.Apayeecanverifythesignaturestoverifythechainofownership.

观点:比特币挖矿有可能将多余的能源货币化:金色财经报道,Satoshi Action Fund创始人Dennis Porter在社交媒体上表示,自2012年以来,负电价已呈爆炸式增长。随着可再生能源并入电网,这一问题将继续恶化。比特币挖矿有可能将多余的能源货币化,从而为纳税人提供更便宜、更可靠的电力。[2023/8/13 16:23:27]

Theproblemofcourseisthepayeecan'tverifythatoneoftheownersdidnotdouble-spendthecoin.Acommonsolutionistointroduceatrustedcentralauthority,ormint,thatcheckseverytransactionfordoublespending.Aftereachtransaction,thecoinmustbereturnedtotheminttoissueanewcoin,andonlycoinsissueddirectlyfromthemintaretrustednottobedouble-spent.Theproblemwiththissolutionisthatthefateoftheentiremoneysystemdependsonthecompanyrunningthemint,witheverytransactionhavingtogothroughthem,justlikeabank.

Weneedawayforthepayeetoknowthatthepreviousownersdidnotsignanyearliertransactions.Forourpurposes,theearliesttransactionistheonethatcounts,sowedon'tcareaboutlaterattemptstodouble-spend.Theonlywaytoconfirmtheabsenceofatransactionistobeawareofalltransactions.Inthemintbasedmodel,themintwasawareofalltransactionsanddecidedwhicharrivedfirst.Toaccomplishthiswithoutatrustedparty,transactionsmustbepubliclyannounced,andweneedasystemforparticipantstoagreeonasinglehistoryoftheorderinwhichtheywerereceived.Thepayeeneedsproofthatatthetimeofeachtransaction,themajorityofnodesagreeditwasthefirstreceived.

3.TimestampServer

Thesolutionweproposebeginswithatimestampserver.Atimestampserverworksbytakingahashofablockofitemstobetimestampedandwidelypublishingthehash,suchasinanewspaperorUsenetpost.Thetimestampprovesthatthedatamusthaveexistedatthetime,obviously,inordertogetintothehash.Eachtimestampincludestheprevioustimestampinitshash,formingachain,witheachadditionaltimestampreinforcingtheonesbeforeit.

4.Proof-of-Work

Toimplementadistributedtimestampserveronapeer-to-peerbasis,wewillneedtouseaproofof-worksystemsimilartoAdamBack'sHashcash,ratherthannewspaperorUsenetposts.Theproof-of-workinvolvesscanningforavaluethatwhenhashed,suchaswithSHA-256,thehashbeginswithanumberofzerobits.Theaverageworkrequiredisexponentialinthenumberofzerobitsrequiredandcanbeverifiedbyexecutingasinglehash.

Forourtimestampnetwork,weimplementtheproof-of-workbyincrementinganonceintheblockuntilavalueisfoundthatgivestheblock'shashtherequiredzerobits.OncetheCPUefforthasbeenexpendedtomakeitsatisfytheproof-of-work,theblockcannotbechangedwithoutredoingthework.Aslaterblocksarechainedafterit,theworktochangetheblockwouldincluderedoingalltheblocksafterit.

ARK基金与21Shares?AG美国子公司合作推出比特币期货ETF:10月14日消息,CathieWood旗下ARK基金已与21Shares AG美国子公司合作申请推出比特币期货ETF:“ARK 21Shares Bitcoin Futures Strategy ETF”,股票代码为ARKA。据悉,ARK已经与21Shares根据1933年的《证券法》合作提交了实物比特币ETF的申请,此次申请是根据1940年《投资公司法》对比特币期货ETF的额外申请,后者是SEC主席GaryGensler曾明确表示可能获得批准的加密ETF。(金十)[2021/10/14 20:27:25]

Theproof-of-workalsosolvestheproblemofdeterminingrepresentationinmajoritydecisionmaking.Ifthemajoritywerebasedonone-IP-address-one-vote,itcouldbesubvertedbyanyoneabletoallocatemanyIPs.Proof-of-workisessentiallyone-CPU-one-vote.Themajoritydecisionisrepresentedbythelongestchain,whichhasthegreatestproofof-workeffortinvestedinit.IfamajorityofCPUpoweriscontrolledbyhonestnodes,thehonestchainwillgrowthefastestandoutpaceanycompetingchains.Tomodifyapastblock,anattackerwouldhavetoredotheproof-ofworkoftheblockandallblocksafteritandthencatchupwithandsurpasstheworkofthehonestnodes.Wewillshowlaterthattheprobabilityofaslowerattackercatchingupdiminishesexponentiallyassubsequentblocksareadded.

Tocompensateforincreasinghardwarespeedandvaryinginterestinrunningnodesovertime,theproof-of-workdifficultyisdeterminedbyamovingaveragetargetinganaveragenumberofblocksperhour.Ifthey'regeneratedtoofast,thedifficultyincreases.

5.Network

Thestepstorunthenetworkareasfollows:

1)Newtransactionsarebroadcasttoallnodes.

2)Eachnodecollectsnewtransactionsintoablock.

3)Eachnodeworksonfindingadifficultproof-of-workforitsblock.

4)Whenanodefindsaproof-of-work,itbroadcaststheblocktoallnodes.

5)Nodesaccepttheblockonlyifalltransactionsinitarevalidandnotalreadyspent.

6)Nodesexpresstheiracceptanceoftheblockbyworkingoncreatingthenextblockinthechain,usingthehashoftheacceptedblockastheprevioushash.

Nodesalwaysconsiderthelongestchaintobethecorrectoneandwillkeepworkingonextendingit.Iftwonodesbroadcastdifferentversionsofthenextblocksimultaneously,somenodesmayreceiveoneortheotherfirst.Inthatcase,theyworkonthefirstonetheyreceived,butsavetheotherbranchincaseitbecomeslonger.Thetiewillbebrokenwhenthenextproofof-workisfoundandonebranchbecomeslonger;thenodesthatwereworkingontheotherbranchwillthenswitchtothelongerone.

比特币出现2小时的出块延迟:据BTC浏览器数据显示,比特币最近两块的间隔时间长达2个小时,出块延迟或与近两日主流矿池算力大幅回落有关。[2021/6/11 23:30:45]

Newtransactionbroadcastsdonotnecessarilyneedtoreachallnodes.Aslongastheyreachmanynodes,theywillgetintoablockbeforelong.Blockbroadcastsarealsotolerantofdroppedmessages.Ifanodedoesnotreceiveablock,itwillrequestitwhenitreceivesthenextblockandrealizesitmissedone.

6.Incentive

Byconvention,thefirsttransactioninablockisaspecialtransactionthatstartsanewcoinownedbythecreatoroftheblock.Thisaddsanincentivefornodestosupportthenetwork,andprovidesawaytoinitiallydistributecoinsintocirculation,sincethereisnocentralauthoritytoissuethem.Thesteadyadditionofaconstantofamountofnewcoinsisanalogoustogoldminersexpendingresourcestoaddgoldtocirculation.Inourcase,itisCPUtimeandelectricitythatisexpended.

Theincentivecanalsobefundedwithtransactionfees.Iftheoutputvalueofatransactionislessthanitsinputvalue,thedifferenceisatransactionfeethatisaddedtotheincentivevalueoftheblockcontainingthetransaction.Onceapredeterminednumberofcoinshaveenteredcirculation,theincentivecantransitionentirelytotransactionfeesandbecompletelyinflationfree.

Theincentivemayhelpencouragenodestostayhonest.IfagreedyattackerisabletoassemblemoreCPUpowerthanallthehonestnodes,hewouldhavetochoosebetweenusingittodefraudpeoplebystealingbackhispayments,orusingittogeneratenewcoins.Heoughttofinditmoreprofitabletoplaybytherules,suchrulesthatfavourhimwithmorenewcoinsthaneveryoneelsecombined,thantounderminethesystemandthevalidityofhisownwealth.

7.ReclaimingDiskSpace

Oncethelatesttransactioninacoinisburiedunderenoughblocks,thespenttransactionsbeforeitcanbediscardedtosavediskspace.Tofacilitatethiswithoutbreakingtheblock'shash,transactionsarehashedinaMerkleTree,withonlytherootincludedintheblock'shash.Oldblockscanthenbecompactedbystubbingoffbranchesofthetree.Theinteriorhashesdonotneedtobestored.

Ablockheaderwithnotransactionswouldbeabout80bytes.Ifwesupposeblocksaregeneratedevery10minutes,80bytes*6*24*365=4.2MBperyear.Withcomputersystemstypicallysellingwith2GBofRAMasof2008,andMoore'sLawpredictingcurrentgrowthof1.2GBperyear,storageshouldnotbeaproblemeveniftheblockheadersmustbekeptinmemory.

Peter Schiff:比特币是“新傻瓜的黄金”:黄金支持者、比特币反对人士Peter Schiff发推文说,由于美元已经比黄金便宜,通货膨胀很快就会到来。现在投资者将需要更多美元来获取黄金,并用更多美元来购买其他所有东西。有评论称,由于美元变得越来越弱,现在可以用美元购买更多的比特币。对此Peter Schiff回复称,“你可以用美元和比特币购买更少的黄金,从而在美元和BTC之间划出一条相似线,以使两者听起来都劣于黄金。比特币成为趋势仅用两年半,这意味着在整个人类历史中,黄金一直是价值的存储”。Schiff还总结说,“黄金是新黄金”,比特币是“新傻瓜的黄金”。[2020/7/8]

8.SimplifiedPaymentVerification

Itispossibletoverifypaymentswithoutrunningafullnetworknode.Auseronlyneedstokeepacopyoftheblockheadersofthelongestproof-of-workchain,whichhecangetbyqueryingnetworknodesuntilhe'sconvincedhehasthelongestchain,andobtaintheMerklebranchlinkingthetransactiontotheblockit'stimestampedin.Hecan'tcheckthetransactionforhimself,butbylinkingittoaplaceinthechain,hecanseethatanetworknodehasacceptedit,andblocksaddedafteritfurtherconfirmthenetworkhasacceptedit.

Assuch,theverificationisreliableaslongashonestnodescontrolthenetwork,butismorevulnerableifthenetworkisoverpoweredbyanattacker.Whilenetworknodescanverifytransactionsforthemselves,thesimplifiedmethodcanbefooledbyanattacker'sfabricatedtransactionsforaslongastheattackercancontinuetooverpowerthenetwork.Onestrategytoprotectagainstthiswouldbetoacceptalertsfromnetworknodeswhentheydetectaninvalidblock,promptingtheuser'ssoftwaretodownloadthefullblockandalertedtransactionstoconfirmtheinconsistency.Businessesthatreceivefrequentpaymentswillprobablystillwanttoruntheirownnodesformoreindependentsecurityandquickerverification.

9.CombiningandSplittingValue

Althoughitwouldbepossibletohandlecoinsindividually,itwouldbeunwieldytomakeaseparatetransactionforeverycentinatransfer.Toallowvaluetobesplitandcombined,transactionscontainmultipleinputsandoutputs.Normallytherewillbeeitherasingleinputfromalargerprevioustransactionormultipleinputscombiningsmalleramounts,andatmosttwooutputs:oneforthepayment,andonereturningthechange,ifany,backtothesender.

Itshouldbenotedthatfan-out,whereatransactiondependsonseveraltransactions,andthosetransactionsdependonmanymore,isnotaproblemhere.Thereisnevertheneedtoextractacompletestandalonecopyofatransaction'shistory.

10.Privacy

Thetraditionalbankingmodelachievesalevelofprivacybylimitingaccesstoinformationtothepartiesinvolvedandthetrustedthirdparty.Thenecessitytoannouncealltransactionspubliclyprecludesthismethod,butprivacycanstillbemaintainedbybreakingtheflowofinformationinanotherplace:bykeepingpublickeysanonymous.Thepubliccanseethatsomeoneissendinganamounttosomeoneelse,butwithoutinformationlinkingthetransactiontoanyone.Thisissimilartothelevelofinformationreleasedbystockexchanges,wherethetimeandsizeofindividualtrades,the"tape",ismadepublic,butwithouttellingwhothepartieswere.

行情 | 比特币在Bitfinex上的溢价约为300美元:据bitcoinist消息,普遍猜测,人们正在卖出Tether以换取比特币。这导致比特币在Bitfinex交易所的溢价约为300美元。那些使用Bitfinex的人发现,与其他交易所相比,Bitfinex上比特币的溢价约为300美元。[2018/10/18]

Asanadditionalfirewall,anewkeypairshouldbeusedforeachtransactiontokeepthemfrombeinglinkedtoacommonowner.Somelinkingisstillunavoidablewithmulti-inputtransactions,whichnecessarilyrevealthattheirinputswereownedbythesameowner.Theriskisthatiftheownerofakeyisrevealed,linkingcouldrevealothertransactionsthatbelongedtothesameowner.

11.Calculations

Weconsiderthescenarioofanattackertryingtogenerateanalternatechainfasterthanthehonestchain.Evenifthisisaccomplished,itdoesnotthrowthesystemopentoarbitrarychanges,suchascreatingvalueoutofthinairortakingmoneythatneverbelongedtotheattacker.Nodesarenotgoingtoacceptaninvalidtransactionaspayment,andhonestnodeswillneveracceptablockcontainingthem.Anattackercanonlytrytochangeoneofhisowntransactionstotakebackmoneyherecentlyspent.

TheracebetweenthehonestchainandanattackerchaincanbecharacterizedasaBinomialRandomWalk.Thesuccesseventisthehonestchainbeingextendedbyoneblock,increasingitsleadby+1,andthefailureeventistheattacker'schainbeingextendedbyoneblock,reducingthegapby-1.

TheprobabilityofanattackercatchingupfromagivendeficitisanalogoustoaGambler'sRuinproblem.Supposeagamblerwithunlimitedcreditstartsatadeficitandplayspotentiallyaninfinitenumberoftrialstotrytoreachbreakeven.Wecancalculatetheprobabilityheeverreachesbreakeven,orthatanattackerevercatchesupwiththehonestchain,asfollows:

Givenourassumptionthatp>q,theprobabilitydropsexponentiallyasthenumberofblockstheattackerhastocatchupwithincreases.Withtheoddsagainsthim,ifhedoesn'tmakealuckylungeforwardearlyon,hischancesbecomevanishinglysmallashefallsfurtherbehind.

Wenowconsiderhowlongtherecipientofanewtransactionneedstowaitbeforebeingsufficientlycertainthesendercan'tchangethetransaction.Weassumethesenderisanattackerwhowantstomaketherecipientbelievehepaidhimforawhile,thenswitchittopaybacktohimselfaftersometimehaspassed.Thereceiverwillbealertedwhenthathappens,butthesenderhopesitwillbetoolate.

Thereceivergeneratesanewkeypairandgivesthepublickeytothesendershortlybeforesigning.Thispreventsthesenderfrompreparingachainofblocksaheadoftimebyworkingonitcontinuouslyuntilheisluckyenoughtogetfarenoughahead,thenexecutingthetransactionatthatmoment.Oncethetransactionissent,thedishonestsenderstartsworkinginsecretonaparallelchaincontaininganalternateversionofhistransaction.

Therecipientwaitsuntilthetransactionhasbeenaddedtoablockandzblockshavebeenlinkedafterit.Hedoesn'tknowtheexactamountofprogresstheattackerhasmade,butassumingthehonestblockstooktheaverageexpectedtimeperblock,theattacker'spotentialprogresswillbeaPoissondistributionwithexpectedvalue:

Togettheprobabilitytheattackercouldstillcatchupnow,wemultiplythePoissondensityforeachamountofprogresshecouldhavemadebytheprobabilityhecouldcatchupfromthatpoint:

Rearrangingtoavoidsummingtheinfinitetailofthedistribution...

ConvertingtoCcode...

#includedoubleAttackerSuccessProbability(doubleq,intz)

{

doublep=1.0-q;

doublelambda=z*(q/p);

doublesum=1.0;

inti,k;

for(k=0;k<=z;k++)

{

doublepoisson=exp(-lambda);

for(i=1;i<=k;i++)

poisson*=lambda/i;

sum-=poisson*(1-pow(q/p,z-k));

}

returnsum;

}

Runningsomeresults,wecanseetheprobabilitydropoffexponentiallywithz.

q=0.1

z=0P=1.0000000

z=1P=0.2045873

z=2P=0.0509779

z=3P=0.0131722

z=4P=0.0034552

z=5P=0.0009137

z=6P=0.0002428

z=7P=0.0000647

z=8P=0.0000173

z=9P=0.0000046

z=10P=0.0000012

q=0.3

z=0P=1.0000000

z=5P=0.1773523

z=10P=0.0416605

z=15P=0.0101008

z=20P=0.0024804

z=25P=0.0006132

z=30P=0.0001522

z=35P=0.0000379

z=40P=0.0000095

z=45P=0.0000024

z=50P=0.0000006

SolvingforPlessthan0.1%...

P<0.001

q=0.10z=5

q=0.15z=8

q=0.20z=11

q=0.25z=15

q=0.30z=24

q=0.35z=41

q=0.40z=89

q=0.45z=340

12.Conclusion

Wehaveproposedasystemforelectronictransactionswithoutrelyingontrust.Westartedwiththeusualframeworkofcoinsmadefromdigitalsignatures,whichprovidesstrongcontrolofownership,butisincompletewithoutawaytopreventdouble-spending.Tosolvethis,weproposedapeer-to-peernetworkusingproof-of-worktorecordapublichistoryoftransactionsthatquicklybecomescomputationallyimpracticalforanattackertochangeifhonestnodescontrolamajorityofCPUpower.Thenetworkisrobustinitsunstructuredsimplicity.Nodesworkallatoncewithlittlecoordination.Theydonotneedtobeidentified,sincemessagesarenotroutedtoanyparticularplaceandonlyneedtobedeliveredonabesteffortbasis.Nodescanleaveandrejointhenetworkatwill,acceptingtheproof-ofworkchainasproofofwhathappenedwhiletheyweregone.TheyvotewiththeirCPUpower,expressingtheiracceptanceofvalidblocksbyworkingonextendingthemandrejectinginvalidblocksbyrefusingtoworkonthem.Anyneededrulesandincentivescanbeenforcedwiththisconsensusmechanism.

References

W.Dai,"b-money,"http://www.weidai.com/bmoney.txt,1998.

H.Massias,X.S.Avila,andJ.-J.Quisquater,"Designofasecuretimestampingservicewithminimal

trustrequirements,"In20thSymposiumonInformationTheoryintheBenelux,May1999.

S.Haber,W.S.Stornetta,"Howtotime-stampadigitaldocument,"InJournalofCryptology,vol3,no

2,pages99-111,1991.

D.Bayer,S.Haber,W.S.Stornetta,"Improvingtheefficiencyandreliabilityofdigitaltime-stamping,"

InSequencesII:MethodsinCommunication,SecurityandComputerScience,pages329-334,1993.

S.Haber,W.S.Stornetta,"Securenamesforbit-strings,"InProceedingsofthe4thACMConference

onComputerandCommunicationsSecurity,pages28-35,April1997.

A.Back,"Hashcash-adenialofservicecounter-measure,"

http://www.hashcash.org/papers/hashcash.pdf,2002.

R.C.Merkle,"Protocolsforpublickeycryptosystems,"InProc.1980SymposiumonSecurityand

Privacy,IEEEComputerSociety,pages122-133,April1980.

W.Feller,"Anintroductiontoprobabilitytheoryanditsapplications,"1957.

沙棘财经是沙棘传媒旗下专注大数据、人工智能、区块链、币圈的深度报道的垂直自媒体。微信公众号:shaji-media

标签:atcCPUtronatc币是什么币CPU币CPU价格tron币是什么币

AAVE热门资讯
比特币:量子链联合创始人帅初:区块链短期很难冲击BAT_以太坊比特币中国官网联系方式

雷帝网乐天2月25日报道量子链联合创始人帅初日前在“三点钟火星财经学习成长”社群与火星财经发起人王峰展开对话,具体有10问10答.

1900/1/1 0:00:00
比特币:干货,《区块链常用术语解释》汇总,随后附上中英文对照表_40亿比特币能提现吗

以下是区块链领域中的一些常见术语,供有兴趣了解区块链技术的初学者参考。1、地址(Addresses,加密数字货币地址)加密货币地址用于在网络上发送或接收交易.

1900/1/1 0:00:00
瑞波币:瑞波币一天暴涨30% 创始人富豪榜排名超过李嘉诚_数字货币

“默默无闻”的瑞波币屡创新高,最近成为了币圈当红炸子鸡。北京时间4日早间CNBC称,瑞波币周三大涨近30%,突破3美元,进一步巩固了其仅次于比特币的第二大加密货币地位.

1900/1/1 0:00:00
区块链:每日币讯:韩国将支持加密货币购物,STK令牌加入以太坊企业联盟_以太坊区块链工程专业学什么

2018.03.28 据《韩国时报》、《中央日报》报道,韩国加密货币交易所Bithumb、移动支付营运商KoreaPay’sService在26日宣布,已有200家连锁品牌.

1900/1/1 0:00:00
比特币:比特币是世界上最成功的互联网产品,没有之一!_BAT价格

文/一刘 如果要问互联网世界投入最小、运营最简单、最省事、估值最高、回报最大的单个互联网产品,也许你一时会想不起来.

1900/1/1 0:00:00
比特币:比特币等虚拟货币再次遭遇团灭,已有平台暂停交易_莱特币中国区创始人pz

最近的虚拟货币真是的太火了,小编的朋友圈每5条信息就有一条是跟比特币、区块链相关的,社交网络上讨论虚拟货币也成为一种风潮.

1900/1/1 0:00:00