What is preventing me from simply constructing a hash that's lower than the current target?
I just started learning about Bitcoin, and something I can figure out is why miners have to use a random process (hashing a nonce) to get lower than the target. For example, if the target is
00000000000001ae00000000000000
why not just produce
000000000000000000000000000001
to become the winner? I have no practical experience mining, I'm guessing my ignorance lies in the requirements of how a hash is produced. If so, where can I find about those requirements? Thanks.
EDIT: For clarity, I mean this in the sense of what part of the technology requires me to use a hash function? Rather than in the sense of just constructing something that looks like a valid hash.
mining-theory hash
asked Apr 11 at 19:53
ZduffZduff
1285
New contributor
Zduff is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I just started learning about Bitcoin, and something I can figure out is why miners have to use a random process (hashing a nonce) to get lower than the target. For example, if the target is
00000000000001ae00000000000000
why not just produce
000000000000000000000000000001
to become the winner? I have no practical experience mining, I'm guessing my ignorance lies in the requirements of how a hash is produced. If so, where can I find about those requirements? Thanks.
EDIT: For clarity, I mean this in the sense of what part of the technology requires me to use a hash function? Rather than in the sense of just constructing something that looks like a valid hash.
mining-theory hash
asked Apr 11 at 19:53
ZduffZduff
1285
New contributor
Zduff is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
2
Other nodes checking your hash will notice that you are lying: the hash does not match the calculated hash. The only thing you can do to influence weather your hash matches the calculated hash is to change the nonce and try - this is in fact the proof of work algorithm - change nonce, calculate hash, see if it fits the target and try, try again. You are always welcome to voluntarily choose a harder target but statistically that means other people would be able to find a matching hash before you
– slebetman
Apr 12 at 6:38
2
Also, you have a slight misunderstanding. The process is not hashing the nonce, it is hashing the block. Of course hashing the block will generate a fixed hash value which may never match the target. The solution? Allow miners to add their own garbage/ignored data to the block - the nonce - then hash the whole thing. If the hash don't match the target you need to change the nonce and retry. In this way it is impossible to pre-calculate the hash using a pre-generated nonce because you have no control over the other data in the block
– slebetman
Apr 12 at 6:42
add a comment |
I just started learning about Bitcoin, and something I can figure out is why miners have to use a random process (hashing a nonce) to get lower than the target. For example, if the target is
00000000000001ae00000000000000
why not just produce
000000000000000000000000000001
to become the winner? I have no practical experience mining, I'm guessing my ignorance lies in the requirements of how a hash is produced. If so, where can I find about those requirements? Thanks.
EDIT: For clarity, I mean this in the sense of what part of the technology requires me to use a hash function? Rather than in the sense of just constructing something that looks like a valid hash.
mining-theory hash
asked Apr 11 at 19:53
ZduffZduff
1285
New contributor
Zduff is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I just started learning about Bitcoin, and something I can figure out is why miners have to use a random process (hashing a nonce) to get lower than the target. For example, if the target is
00000000000001ae00000000000000
why not just produce
000000000000000000000000000001
to become the winner? I have no practical experience mining, I'm guessing my ignorance lies in the requirements of how a hash is produced. If so, where can I find about those requirements? Thanks.
EDIT: For clarity, I mean this in the sense of what part of the technology requires me to use a hash function? Rather than in the sense of just constructing something that looks like a valid hash.
mining-theory hash
mining-theory hash
asked Apr 11 at 19:53
ZduffZduff
1285
New contributor
Zduff is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked Apr 11 at 19:53
ZduffZduff
1285
New contributor
Zduff is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited Apr 12 at 3:25
Zduff
asked Apr 11 at 19:53
ZduffZduff
1285
New contributor
Zduff is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked Apr 11 at 19:53
ZduffZduff
1285
asked Apr 11 at 19:53
ZduffZduff
1285
1285
New contributor
Zduff is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Zduff is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Zduff is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
2
Other nodes checking your hash will notice that you are lying: the hash does not match the calculated hash. The only thing you can do to influence weather your hash matches the calculated hash is to change the nonce and try - this is in fact the proof of work algorithm - change nonce, calculate hash, see if it fits the target and try, try again. You are always welcome to voluntarily choose a harder target but statistically that means other people would be able to find a matching hash before you
– slebetman
Apr 12 at 6:38
2
Also, you have a slight misunderstanding. The process is not hashing the nonce, it is hashing the block. Of course hashing the block will generate a fixed hash value which may never match the target. The solution? Allow miners to add their own garbage/ignored data to the block - the nonce - then hash the whole thing. If the hash don't match the target you need to change the nonce and retry. In this way it is impossible to pre-calculate the hash using a pre-generated nonce because you have no control over the other data in the block
– slebetman
Apr 12 at 6:42
add a comment |
2
Other nodes checking your hash will notice that you are lying: the hash does not match the calculated hash. The only thing you can do to influence weather your hash matches the calculated hash is to change the nonce and try - this is in fact the proof of work algorithm - change nonce, calculate hash, see if it fits the target and try, try again. You are always welcome to voluntarily choose a harder target but statistically that means other people would be able to find a matching hash before you
– slebetman
Apr 12 at 6:38
2
Also, you have a slight misunderstanding. The process is not hashing the nonce, it is hashing the block. Of course hashing the block will generate a fixed hash value which may never match the target. The solution? Allow miners to add their own garbage/ignored data to the block - the nonce - then hash the whole thing. If the hash don't match the target you need to change the nonce and retry. In this way it is impossible to pre-calculate the hash using a pre-generated nonce because you have no control over the other data in the block
– slebetman
Apr 12 at 6:42
2
2
Other nodes checking your hash will notice that you are lying: the hash does not match the calculated hash. The only thing you can do to influence weather your hash matches the calculated hash is to change the nonce and try - this is in fact the proof of work algorithm - change nonce, calculate hash, see if it fits the target and try, try again. You are always welcome to voluntarily choose a harder target but statistically that means other people would be able to find a matching hash before you
– slebetman
Apr 12 at 6:38
Other nodes checking your hash will notice that you are lying: the hash does not match the calculated hash. The only thing you can do to influence weather your hash matches the calculated hash is to change the nonce and try - this is in fact the proof of work algorithm - change nonce, calculate hash, see if it fits the target and try, try again. You are always welcome to voluntarily choose a harder target but statistically that means other people would be able to find a matching hash before you
– slebetman
Apr 12 at 6:38
2
2
Also, you have a slight misunderstanding. The process is not hashing the nonce, it is hashing the block. Of course hashing the block will generate a fixed hash value which may never match the target. The solution? Allow miners to add their own garbage/ignored data to the block - the nonce - then hash the whole thing. If the hash don't match the target you need to change the nonce and retry. In this way it is impossible to pre-calculate the hash using a pre-generated nonce because you have no control over the other data in the block
– slebetman
Apr 12 at 6:42
Also, you have a slight misunderstanding. The process is not hashing the nonce, it is hashing the block. Of course hashing the block will generate a fixed hash value which may never match the target. The solution? Allow miners to add their own garbage/ignored data to the block - the nonce - then hash the whole thing. If the hash don't match the target you need to change the nonce and retry. In this way it is impossible to pre-calculate the hash using a pre-generated nonce because you have no control over the other data in the block
– slebetman
Apr 12 at 6:42
add a comment |
2 Answers
2
active
oldest
votes
EDIT: For clarity, I mean this in the sense of what part of the technology requires me to use a hash function? As opposed, to just constructing something that looks like a valid hash.
When determining whether or not a block is valid, each and every bitcoin node on the network will take the header of that block, and run it through a hashing algorithm to see what the output is. If the output is lower than the target value, then the block is valid (assuming that the rest of the block is also valid, of course).
Notice something important: the hash value itself is not explicitly stored in the block. So you cannot just append some fabricated value that falls below the target value onto the block in lieu of a valid PoW. To create a valid block, you must construct it such that all other network nodes can independently verify it as being valid, and to do so, they use a hash function.
As Pieter mentioned, hash functions are unpredictable 'one-way' functions. The only way to find a valid output is by trying a huge number of possible inputs, and 'getting lucky', so to speak.
answered Apr 11 at 20:50
chytrikchytrik
7,5422628
It's not quite that simple. The hash needs to be resistant to pre-image attacks.
– jpmc26
Apr 12 at 1:08
3
@jpmc26 Any useful cryptographic hash function should be.
– immibis
Apr 12 at 4:00
1
@jpmc26 A cryptographic hash function is commonly understood to mean indistinguishable from random, which implies preimage and collision resistant. This doesn't hold for non-cryptographic hash functions.
– Pieter Wuille
Apr 12 at 14:17
add a comment |
Hash functions are unpredictable.
You can't simply find an input to the hash function that produces such an output. The only way to accomplish that is by trying lots and lots of candidate blocks as input. If the target is 1000 times smaller, it requires 1000 times as many tries.
answered Apr 11 at 19:58
Pieter WuillePieter Wuille
48.4k3100163
Deleted comment. Please see edit to question.
– Zduff
Apr 11 at 20:05
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "308"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Zduff is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f85994%2fwhat-is-preventing-me-from-simply-constructing-a-hash-thats-lower-than-the-curr%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
EDIT: For clarity, I mean this in the sense of what part of the technology requires me to use a hash function? As opposed, to just constructing something that looks like a valid hash.
When determining whether or not a block is valid, each and every bitcoin node on the network will take the header of that block, and run it through a hashing algorithm to see what the output is. If the output is lower than the target value, then the block is valid (assuming that the rest of the block is also valid, of course).
Notice something important: the hash value itself is not explicitly stored in the block. So you cannot just append some fabricated value that falls below the target value onto the block in lieu of a valid PoW. To create a valid block, you must construct it such that all other network nodes can independently verify it as being valid, and to do so, they use a hash function.
As Pieter mentioned, hash functions are unpredictable 'one-way' functions. The only way to find a valid output is by trying a huge number of possible inputs, and 'getting lucky', so to speak.
answered Apr 11 at 20:50
chytrikchytrik
7,5422628
It's not quite that simple. The hash needs to be resistant to pre-image attacks.
– jpmc26
Apr 12 at 1:08
3
@jpmc26 Any useful cryptographic hash function should be.
– immibis
Apr 12 at 4:00
1
@jpmc26 A cryptographic hash function is commonly understood to mean indistinguishable from random, which implies preimage and collision resistant. This doesn't hold for non-cryptographic hash functions.
– Pieter Wuille
Apr 12 at 14:17
add a comment |
EDIT: For clarity, I mean this in the sense of what part of the technology requires me to use a hash function? As opposed, to just constructing something that looks like a valid hash.
When determining whether or not a block is valid, each and every bitcoin node on the network will take the header of that block, and run it through a hashing algorithm to see what the output is. If the output is lower than the target value, then the block is valid (assuming that the rest of the block is also valid, of course).
Notice something important: the hash value itself is not explicitly stored in the block. So you cannot just append some fabricated value that falls below the target value onto the block in lieu of a valid PoW. To create a valid block, you must construct it such that all other network nodes can independently verify it as being valid, and to do so, they use a hash function.
As Pieter mentioned, hash functions are unpredictable 'one-way' functions. The only way to find a valid output is by trying a huge number of possible inputs, and 'getting lucky', so to speak.
answered Apr 11 at 20:50
chytrikchytrik
7,5422628
It's not quite that simple. The hash needs to be resistant to pre-image attacks.
– jpmc26
Apr 12 at 1:08
3
@jpmc26 Any useful cryptographic hash function should be.
– immibis
Apr 12 at 4:00
1
@jpmc26 A cryptographic hash function is commonly understood to mean indistinguishable from random, which implies preimage and collision resistant. This doesn't hold for non-cryptographic hash functions.
– Pieter Wuille
Apr 12 at 14:17
add a comment |
EDIT: For clarity, I mean this in the sense of what part of the technology requires me to use a hash function? As opposed, to just constructing something that looks like a valid hash.
When determining whether or not a block is valid, each and every bitcoin node on the network will take the header of that block, and run it through a hashing algorithm to see what the output is. If the output is lower than the target value, then the block is valid (assuming that the rest of the block is also valid, of course).
Notice something important: the hash value itself is not explicitly stored in the block. So you cannot just append some fabricated value that falls below the target value onto the block in lieu of a valid PoW. To create a valid block, you must construct it such that all other network nodes can independently verify it as being valid, and to do so, they use a hash function.
As Pieter mentioned, hash functions are unpredictable 'one-way' functions. The only way to find a valid output is by trying a huge number of possible inputs, and 'getting lucky', so to speak.
answered Apr 11 at 20:50
chytrikchytrik
7,5422628
EDIT: For clarity, I mean this in the sense of what part of the technology requires me to use a hash function? As opposed, to just constructing something that looks like a valid hash.
When determining whether or not a block is valid, each and every bitcoin node on the network will take the header of that block, and run it through a hashing algorithm to see what the output is. If the output is lower than the target value, then the block is valid (assuming that the rest of the block is also valid, of course).
Notice something important: the hash value itself is not explicitly stored in the block. So you cannot just append some fabricated value that falls below the target value onto the block in lieu of a valid PoW. To create a valid block, you must construct it such that all other network nodes can independently verify it as being valid, and to do so, they use a hash function.
As Pieter mentioned, hash functions are unpredictable 'one-way' functions. The only way to find a valid output is by trying a huge number of possible inputs, and 'getting lucky', so to speak.
answered Apr 11 at 20:50
chytrikchytrik
7,5422628
answered Apr 11 at 20:50
chytrikchytrik
7,5422628
answered Apr 11 at 20:50
chytrikchytrik
7,5422628
answered Apr 11 at 20:50
chytrikchytrik
7,5422628
7,5422628
It's not quite that simple. The hash needs to be resistant to pre-image attacks.
– jpmc26
Apr 12 at 1:08
3
@jpmc26 Any useful cryptographic hash function should be.
– immibis
Apr 12 at 4:00
1
@jpmc26 A cryptographic hash function is commonly understood to mean indistinguishable from random, which implies preimage and collision resistant. This doesn't hold for non-cryptographic hash functions.
– Pieter Wuille
Apr 12 at 14:17
add a comment |
It's not quite that simple. The hash needs to be resistant to pre-image attacks.
– jpmc26
Apr 12 at 1:08
3
@jpmc26 Any useful cryptographic hash function should be.
– immibis
Apr 12 at 4:00
1
@jpmc26 A cryptographic hash function is commonly understood to mean indistinguishable from random, which implies preimage and collision resistant. This doesn't hold for non-cryptographic hash functions.
– Pieter Wuille
Apr 12 at 14:17
It's not quite that simple. The hash needs to be resistant to pre-image attacks.
– jpmc26
Apr 12 at 1:08
It's not quite that simple. The hash needs to be resistant to pre-image attacks.
– jpmc26
Apr 12 at 1:08
3
3
@jpmc26 Any useful cryptographic hash function should be.
– immibis
Apr 12 at 4:00
@jpmc26 Any useful cryptographic hash function should be.
– immibis
Apr 12 at 4:00
1
1
@jpmc26 A cryptographic hash function is commonly understood to mean indistinguishable from random, which implies preimage and collision resistant. This doesn't hold for non-cryptographic hash functions.
– Pieter Wuille
Apr 12 at 14:17
@jpmc26 A cryptographic hash function is commonly understood to mean indistinguishable from random, which implies preimage and collision resistant. This doesn't hold for non-cryptographic hash functions.
– Pieter Wuille
Apr 12 at 14:17
add a comment |
Hash functions are unpredictable.
You can't simply find an input to the hash function that produces such an output. The only way to accomplish that is by trying lots and lots of candidate blocks as input. If the target is 1000 times smaller, it requires 1000 times as many tries.
answered Apr 11 at 19:58
Pieter WuillePieter Wuille
48.4k3100163
Deleted comment. Please see edit to question.
– Zduff
Apr 11 at 20:05
add a comment |
Hash functions are unpredictable.
You can't simply find an input to the hash function that produces such an output. The only way to accomplish that is by trying lots and lots of candidate blocks as input. If the target is 1000 times smaller, it requires 1000 times as many tries.
answered Apr 11 at 19:58
Pieter WuillePieter Wuille
48.4k3100163
Deleted comment. Please see edit to question.
– Zduff
Apr 11 at 20:05
add a comment |
Hash functions are unpredictable.
You can't simply find an input to the hash function that produces such an output. The only way to accomplish that is by trying lots and lots of candidate blocks as input. If the target is 1000 times smaller, it requires 1000 times as many tries.
answered Apr 11 at 19:58
Pieter WuillePieter Wuille
48.4k3100163
Hash functions are unpredictable.
You can't simply find an input to the hash function that produces such an output. The only way to accomplish that is by trying lots and lots of candidate blocks as input. If the target is 1000 times smaller, it requires 1000 times as many tries.
answered Apr 11 at 19:58
Pieter WuillePieter Wuille
48.4k3100163
answered Apr 11 at 19:58
Pieter WuillePieter Wuille
48.4k3100163
answered Apr 11 at 19:58
Pieter WuillePieter Wuille
48.4k3100163
answered Apr 11 at 19:58
Pieter WuillePieter Wuille
48.4k3100163
48.4k3100163
Deleted comment. Please see edit to question.
– Zduff
Apr 11 at 20:05
add a comment |
Deleted comment. Please see edit to question.
– Zduff
Apr 11 at 20:05
Deleted comment. Please see edit to question.
– Zduff
Apr 11 at 20:05
Deleted comment. Please see edit to question.
– Zduff
Apr 11 at 20:05
add a comment |
Zduff is a new contributor. Be nice, and check out our Code of Conduct.
Zduff is a new contributor. Be nice, and check out our Code of Conduct.
Zduff is a new contributor. Be nice, and check out our Code of Conduct.
Zduff is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Bitcoin Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f85994%2fwhat-is-preventing-me-from-simply-constructing-a-hash-thats-lower-than-the-curr%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
2
Other nodes checking your hash will notice that you are lying: the hash does not match the calculated hash. The only thing you can do to influence weather your hash matches the calculated hash is to change the nonce and try - this is in fact the proof of work algorithm - change nonce, calculate hash, see if it fits the target and try, try again. You are always welcome to voluntarily choose a harder target but statistically that means other people would be able to find a matching hash before you
– slebetman
Apr 12 at 6:38
2
Also, you have a slight misunderstanding. The process is not hashing the nonce, it is hashing the block. Of course hashing the block will generate a fixed hash value which may never match the target. The solution? Allow miners to add their own garbage/ignored data to the block - the nonce - then hash the whole thing. If the hash don't match the target you need to change the nonce and retry. In this way it is impossible to pre-calculate the hash using a pre-generated nonce because you have no control over the other data in the block
– slebetman
Apr 12 at 6:42