grin/core/src/pow/mod.rs

165 lines
5.1 KiB
Rust

// Copyright 2016 The Grin Developers
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//! The proof of work needs to strike a balance between fast header
//! verification to avoid DoS attacks and difficulty for block verifiers to
//! build new blocks. In addition, mining new blocks should also be as
//! difficult on high end custom-made hardware (ASICs) as on commodity hardware
//! or smartphones. For this reason we use Cuckoo Cycle (see the cuckoo
//! module for more information).
//!
//! Note that this miner implementation is here mostly for tests and
//! reference. It's not optimized for speed.
mod siphash;
pub mod cuckoo;
use time;
use consensus::EASINESS;
use core::{Block, Proof};
use core::hash::{Hash, Hashed};
use core::target::Target;
use pow::cuckoo::{Cuckoo, Miner, Error};
use ser;
use ser::{Writeable, Writer};
/// Subset of a block header that goes into hashing for proof of work.
/// Basically the whole thing minus the PoW solution itself and the total
/// difficulty (yet unknown). We also add the count of every variable length
/// elements in a header to make lying on those much harder.
#[derive(Debug)]
pub struct PowHeader {
pub nonce: u64,
pub height: u64,
pub previous: Hash,
pub timestamp: time::Tm,
pub utxo_merkle: Hash,
pub tx_merkle: Hash,
pub n_in: u64,
pub n_out: u64,
pub n_proofs: u64,
}
/// The binary definition of a PoW header is material for consensus as that's
/// the data that gets hashed for PoW calculation. The nonce is written first
/// to make incrementing from the serialized form trivial.
impl Writeable for PowHeader {
fn write(&self, writer: &mut Writer) -> Result<(), ser::Error> {
try!(writer.write_u64(self.nonce));
try!(writer.write_u64(self.height));
try!(writer.write_fixed_bytes(&self.previous));
try!(writer.write_i64(self.timestamp.to_timespec().sec));
try!(writer.write_fixed_bytes(&self.utxo_merkle));
try!(writer.write_fixed_bytes(&self.tx_merkle));
try!(writer.write_u64(self.n_in));
try!(writer.write_u64(self.n_out));
writer.write_u64(self.n_proofs)
}
}
impl PowHeader {
pub fn from_block(b: &Block) -> PowHeader {
let ref h = b.header;
PowHeader {
nonce: h.nonce,
height: h.height,
previous: h.previous,
timestamp: h.timestamp,
utxo_merkle: h.utxo_merkle,
tx_merkle: h.tx_merkle,
n_in: b.inputs.len() as u64,
n_out: b.outputs.len() as u64,
n_proofs: b.proofs.len() as u64,
}
}
}
/// Validates the proof of work of a given header.
pub fn verify(b: &Block) -> bool {
verify_size(b, b.header.cuckoo_len as u32)
}
pub fn verify_size(b: &Block, cuckoo_sz: u32) -> bool {
let hash = PowHeader::from_block(b).hash();
// make sure the hash is smaller than our target before going into more
// expensive validation
if b.header.target < b.header.pow.to_target() {
return false;
}
Cuckoo::new(hash.to_slice(), cuckoo_sz).verify(b.header.pow, EASINESS as u64)
}
/// Runs a naive single-threaded proof of work computation over the provided
/// block, until the required difficulty target is reached. May take a
/// while for a low target...
pub fn pow(b: &Block, target: Target) -> Result<(Proof, u64), Error> {
pow_size(b, target, b.header.cuckoo_len as u32)
}
/// Same as default pow function but uses the much easier Cuckoo20 (mostly for
/// tests).
pub fn pow20(b: &Block, target: Target) -> Result<(Proof, u64), Error> {
pow_size(b, target, 20)
}
pub fn pow_size(b: &Block, target: Target, sizeshift: u32) -> Result<(Proof, u64), Error> {
let mut pow_header = PowHeader::from_block(b);
let start_nonce = pow_header.nonce;
// try to find a cuckoo cycle on that header hash
loop {
// can be trivially optimized by avoiding re-serialization every time but this
// is not meant as a fast miner implementation
let pow_hash = pow_header.hash();
// if we found a cycle (not guaranteed) and the proof is lower that the target,
// we're all good
if let Ok(proof) = Miner::new(pow_hash.to_slice(), EASINESS, sizeshift).mine() {
if proof.to_target() <= target {
return Ok((proof, pow_header.nonce));
}
}
// otherwise increment the nonce
pow_header.nonce += 1;
// and if we're back where we started, update the time (changes the hash as
// well)
if pow_header.nonce == start_nonce {
pow_header.timestamp = time::at_utc(time::Timespec { sec: 0, nsec: 0 });
}
}
}
#[cfg(test)]
mod test {
use super::*;
use consensus::MAX_TARGET;
use core::Proof;
use genesis;
#[test]
fn genesis_pow() {
let mut b = genesis::genesis();
let (proof, nonce) = pow20(&b, MAX_TARGET).unwrap();
assert!(nonce > 0);
assert!(proof.to_target() < MAX_TARGET);
b.header.pow = proof;
b.header.nonce = nonce;
b.header.cuckoo_len = 20;
assert!(verify(&b));
}
}