2014-03-10 08:46:53 -07:00
|
|
|
// Copyright (c) 2009-2010 Satoshi Nakamoto
|
2014-12-16 17:47:57 -08:00
|
|
|
// Copyright (c) 2009-2014 The Bitcoin Core developers
|
2022-05-11 16:23:09 -07:00
|
|
|
// Copyright (c) 2016-2022 The Zcash developers
|
2014-12-12 20:09:33 -08:00
|
|
|
// Distributed under the MIT software license, see the accompanying
|
2019-07-18 07:16:09 -07:00
|
|
|
// file COPYING or https://www.opensource.org/licenses/mit-license.php .
|
2014-03-10 08:46:53 -07:00
|
|
|
|
|
|
|
#include "pow.h"
|
|
|
|
|
2014-12-16 06:43:03 -08:00
|
|
|
#include "arith_uint256.h"
|
2014-10-21 16:31:01 -07:00
|
|
|
#include "chain.h"
|
2016-02-28 12:19:07 -08:00
|
|
|
#include "chainparams.h"
|
|
|
|
#include "crypto/equihash.h"
|
2014-11-18 13:03:02 -08:00
|
|
|
#include "primitives/block.h"
|
2016-02-28 12:19:07 -08:00
|
|
|
#include "streams.h"
|
2014-03-10 08:46:53 -07:00
|
|
|
#include "uint256.h"
|
|
|
|
|
2020-04-14 16:53:28 -07:00
|
|
|
#include <librustzcash.h>
|
2022-05-25 19:36:15 -07:00
|
|
|
#include <rust/equihash.h>
|
2016-02-28 12:19:07 -08:00
|
|
|
|
2015-02-14 17:21:42 -08:00
|
|
|
unsigned int GetNextWorkRequired(const CBlockIndex* pindexLast, const CBlockHeader *pblock, const Consensus::Params& params)
|
2014-03-10 08:46:53 -07:00
|
|
|
{
|
2015-03-25 12:00:32 -07:00
|
|
|
unsigned int nProofOfWorkLimit = UintToArith256(params.powLimit).GetCompact();
|
2014-03-10 08:46:53 -07:00
|
|
|
|
|
|
|
// Genesis block
|
|
|
|
if (pindexLast == NULL)
|
|
|
|
return nProofOfWorkLimit;
|
|
|
|
|
2015-10-19 05:25:29 -07:00
|
|
|
// Regtest
|
|
|
|
if (params.fPowNoRetargeting)
|
|
|
|
return pindexLast->nBits;
|
|
|
|
|
2018-10-03 08:15:03 -07:00
|
|
|
{
|
2018-10-04 15:26:05 -07:00
|
|
|
// Comparing to pindexLast->nHeight with >= because this function
|
|
|
|
// returns the work required for the block after pindexLast.
|
2020-10-20 17:44:15 -07:00
|
|
|
if (params.nPowAllowMinDifficultyBlocksAfterHeight != std::nullopt &&
|
2020-10-20 16:39:23 -07:00
|
|
|
pindexLast->nHeight >= params.nPowAllowMinDifficultyBlocksAfterHeight.value())
|
2018-10-03 08:15:03 -07:00
|
|
|
{
|
|
|
|
// Special difficulty rule for testnet:
|
2019-05-19 13:54:43 -07:00
|
|
|
// If the new block's timestamp is more than 6 * block interval minutes
|
2018-10-03 08:15:03 -07:00
|
|
|
// then allow mining of a min-difficulty block.
|
2019-05-19 13:54:43 -07:00
|
|
|
if (pblock && pblock->GetBlockTime() > pindexLast->GetBlockTime() + params.PoWTargetSpacing(pindexLast->nHeight + 1) * 6)
|
2018-10-03 08:15:03 -07:00
|
|
|
return nProofOfWorkLimit;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-06-07 17:30:32 -07:00
|
|
|
// Find the first block in the averaging interval
|
|
|
|
const CBlockIndex* pindexFirst = pindexLast;
|
2016-09-06 04:03:36 -07:00
|
|
|
arith_uint256 bnTot {0};
|
2016-06-07 17:30:32 -07:00
|
|
|
for (int i = 0; pindexFirst && i < params.nPowAveragingWindow; i++) {
|
2016-09-06 04:03:36 -07:00
|
|
|
arith_uint256 bnTmp;
|
|
|
|
bnTmp.SetCompact(pindexFirst->nBits);
|
|
|
|
bnTot += bnTmp;
|
2016-06-07 17:30:32 -07:00
|
|
|
pindexFirst = pindexFirst->pprev;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check we have enough blocks
|
|
|
|
if (pindexFirst == NULL)
|
|
|
|
return nProofOfWorkLimit;
|
2014-03-10 08:46:53 -07:00
|
|
|
|
2020-11-12 02:52:49 -08:00
|
|
|
// The protocol specification leaves MeanTarget(height) as a rational, and takes the floor
|
|
|
|
// only after dividing by AveragingWindowTimespan in the computation of Threshold(height):
|
|
|
|
// <https://zips.z.cash/protocol/protocol.pdf#diffadjustment>
|
|
|
|
//
|
|
|
|
// Here we take the floor of MeanTarget(height) immediately, but that is equivalent to doing
|
|
|
|
// so only after a further division, as proven in <https://math.stackexchange.com/a/147832/185422>.
|
2016-09-06 04:03:36 -07:00
|
|
|
arith_uint256 bnAvg {bnTot / params.nPowAveragingWindow};
|
|
|
|
|
2019-05-19 13:54:43 -07:00
|
|
|
return CalculateNextWorkRequired(bnAvg,
|
|
|
|
pindexLast->GetMedianTimePast(), pindexFirst->GetMedianTimePast(),
|
|
|
|
params,
|
2019-07-18 13:57:13 -07:00
|
|
|
pindexLast->nHeight + 1);
|
2015-02-21 04:57:44 -08:00
|
|
|
}
|
|
|
|
|
2016-09-05 03:25:11 -07:00
|
|
|
unsigned int CalculateNextWorkRequired(arith_uint256 bnAvg,
|
|
|
|
int64_t nLastBlockTime, int64_t nFirstBlockTime,
|
2019-05-19 13:54:43 -07:00
|
|
|
const Consensus::Params& params,
|
|
|
|
int nextHeight)
|
2015-02-21 04:57:44 -08:00
|
|
|
{
|
2019-07-26 09:34:23 -07:00
|
|
|
int64_t averagingWindowTimespan = params.AveragingWindowTimespan(nextHeight);
|
|
|
|
int64_t minActualTimespan = params.MinActualTimespan(nextHeight);
|
|
|
|
int64_t maxActualTimespan = params.MaxActualTimespan(nextHeight);
|
2014-03-10 08:46:53 -07:00
|
|
|
// Limit adjustment step
|
2016-06-07 17:30:32 -07:00
|
|
|
// Use medians to prevent time-warp attacks
|
2016-07-21 01:50:05 -07:00
|
|
|
int64_t nActualTimespan = nLastBlockTime - nFirstBlockTime;
|
2019-07-26 09:34:23 -07:00
|
|
|
nActualTimespan = averagingWindowTimespan + (nActualTimespan - averagingWindowTimespan)/4;
|
2016-06-07 17:30:32 -07:00
|
|
|
|
2019-07-26 09:34:23 -07:00
|
|
|
if (nActualTimespan < minActualTimespan) {
|
|
|
|
nActualTimespan = minActualTimespan;
|
|
|
|
}
|
|
|
|
if (nActualTimespan > maxActualTimespan) {
|
|
|
|
nActualTimespan = maxActualTimespan;
|
|
|
|
}
|
2014-03-10 08:46:53 -07:00
|
|
|
|
|
|
|
// Retarget
|
2015-03-25 12:00:32 -07:00
|
|
|
const arith_uint256 bnPowLimit = UintToArith256(params.powLimit);
|
2016-09-05 03:25:11 -07:00
|
|
|
arith_uint256 bnNew {bnAvg};
|
2019-07-26 09:34:23 -07:00
|
|
|
bnNew /= averagingWindowTimespan;
|
2016-04-08 04:19:03 -07:00
|
|
|
bnNew *= nActualTimespan;
|
2014-03-10 08:46:53 -07:00
|
|
|
|
2019-07-26 09:34:23 -07:00
|
|
|
if (bnNew > bnPowLimit) {
|
2015-03-25 12:00:32 -07:00
|
|
|
bnNew = bnPowLimit;
|
2019-07-26 09:34:23 -07:00
|
|
|
}
|
2014-03-10 08:46:53 -07:00
|
|
|
|
|
|
|
return bnNew.GetCompact();
|
|
|
|
}
|
|
|
|
|
2020-07-14 21:15:09 -07:00
|
|
|
bool CheckEquihashSolution(const CBlockHeader *pblock, const Consensus::Params& params)
|
2016-02-28 12:19:07 -08:00
|
|
|
{
|
2018-01-26 15:31:44 -08:00
|
|
|
unsigned int n = params.nEquihashN;
|
|
|
|
unsigned int k = params.nEquihashK;
|
2016-02-28 12:19:07 -08:00
|
|
|
|
|
|
|
// I = the block header minus nonce and solution.
|
|
|
|
CEquihashInput I{*pblock};
|
|
|
|
// I||V
|
|
|
|
CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
|
|
|
|
ss << I;
|
2020-04-14 16:53:28 -07:00
|
|
|
|
2022-05-25 19:36:15 -07:00
|
|
|
return equihash::is_valid(
|
2020-07-14 04:01:42 -07:00
|
|
|
n, k,
|
2022-05-25 19:36:15 -07:00
|
|
|
{(const unsigned char*)ss.data(), ss.size()},
|
|
|
|
{pblock->nNonce.begin(), pblock->nNonce.size()},
|
|
|
|
{pblock->nSolution.data(), pblock->nSolution.size()});
|
2016-02-28 12:19:07 -08:00
|
|
|
}
|
|
|
|
|
2015-02-14 17:21:42 -08:00
|
|
|
bool CheckProofOfWork(uint256 hash, unsigned int nBits, const Consensus::Params& params)
|
2014-03-10 08:46:53 -07:00
|
|
|
{
|
|
|
|
bool fNegative;
|
|
|
|
bool fOverflow;
|
2014-12-16 06:43:03 -08:00
|
|
|
arith_uint256 bnTarget;
|
2014-09-04 12:23:42 -07:00
|
|
|
|
2014-03-10 08:46:53 -07:00
|
|
|
bnTarget.SetCompact(nBits, &fNegative, &fOverflow);
|
|
|
|
|
|
|
|
// Check range
|
2015-03-25 12:00:32 -07:00
|
|
|
if (fNegative || bnTarget == 0 || fOverflow || bnTarget > UintToArith256(params.powLimit))
|
2019-10-22 10:16:53 -07:00
|
|
|
return false;
|
2014-03-10 08:46:53 -07:00
|
|
|
|
|
|
|
// Check proof of work matches claimed amount
|
2014-12-16 06:43:03 -08:00
|
|
|
if (UintToArith256(hash) > bnTarget)
|
2019-10-22 10:16:53 -07:00
|
|
|
return false;
|
2014-03-10 08:46:53 -07:00
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2014-12-16 06:43:03 -08:00
|
|
|
arith_uint256 GetBlockProof(const CBlockIndex& block)
|
2014-07-05 03:05:33 -07:00
|
|
|
{
|
2014-12-16 06:43:03 -08:00
|
|
|
arith_uint256 bnTarget;
|
2014-07-05 03:05:33 -07:00
|
|
|
bool fNegative;
|
|
|
|
bool fOverflow;
|
2014-10-29 09:00:02 -07:00
|
|
|
bnTarget.SetCompact(block.nBits, &fNegative, &fOverflow);
|
2014-07-05 03:05:33 -07:00
|
|
|
if (fNegative || fOverflow || bnTarget == 0)
|
|
|
|
return 0;
|
|
|
|
// We need to compute 2**256 / (bnTarget+1), but we can't represent 2**256
|
2017-06-19 15:57:31 -07:00
|
|
|
// as it's too large for an arith_uint256. However, as 2**256 is at least as large
|
2014-07-05 03:05:33 -07:00
|
|
|
// as bnTarget+1, it is equal to ((2**256 - bnTarget - 1) / (bnTarget+1)) + 1,
|
2020-08-06 02:03:52 -07:00
|
|
|
// or ~bnTarget / (bnTarget+1) + 1.
|
2014-07-05 03:05:33 -07:00
|
|
|
return (~bnTarget / (bnTarget + 1)) + 1;
|
2014-03-10 08:46:53 -07:00
|
|
|
}
|
2015-03-17 06:35:59 -07:00
|
|
|
|
|
|
|
int64_t GetBlockProofEquivalentTime(const CBlockIndex& to, const CBlockIndex& from, const CBlockIndex& tip, const Consensus::Params& params)
|
|
|
|
{
|
|
|
|
arith_uint256 r;
|
|
|
|
int sign = 1;
|
|
|
|
if (to.nChainWork > from.nChainWork) {
|
|
|
|
r = to.nChainWork - from.nChainWork;
|
|
|
|
} else {
|
|
|
|
r = from.nChainWork - to.nChainWork;
|
|
|
|
sign = -1;
|
|
|
|
}
|
2019-05-19 13:54:43 -07:00
|
|
|
r = r * arith_uint256(params.PoWTargetSpacing(tip.nHeight)) / GetBlockProof(tip);
|
2015-03-17 06:35:59 -07:00
|
|
|
if (r.bits() > 63) {
|
|
|
|
return sign * std::numeric_limits<int64_t>::max();
|
|
|
|
}
|
|
|
|
return sign * r.GetLow64();
|
|
|
|
}
|