mirror of https://github.com/zcash/zips.git
Specify difficulty adjustment.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
b1186b35a3
commit
da7c5d9352
|
@ -122,6 +122,12 @@
|
|||
\makeatother
|
||||
\newcommand{\typecolon}{\;\hollowcolon\;}
|
||||
|
||||
% We just want one ampersand symbol from boisik.
|
||||
\DeclareSymbolFont{bskadd}{U}{bskma}{m}{n}
|
||||
\DeclareFontFamily{U}{bskma}{\skewchar\font130 }
|
||||
\DeclareFontShape{U}{bskma}{m}{n}{<->bskma10}{}
|
||||
\DeclareMathSymbol{\binampersand}{\mathbin}{bskadd}{"EE}
|
||||
|
||||
\newcommand{\hairspace}{~\!}
|
||||
|
||||
\newcommand{\hfrac}[2]{\scalebox{0.8}{$\genfrac{}{}{0.5pt}{0}{#1}{#2}$}}
|
||||
|
@ -326,6 +332,18 @@
|
|||
\newcommand{\squash}{\!\!\!}
|
||||
\newcommand{\caseif}{\squash\text{if }}
|
||||
\newcommand{\caseotherwise}{\squash\text{otherwise}}
|
||||
\newcommand{\sorted}{\mathsf{sorted}}
|
||||
\newcommand{\length}{\mathsf{length}}
|
||||
\newcommand{\mean}{\mathsf{mean}}
|
||||
\newcommand{\median}{\mathsf{median}}
|
||||
\newcommand{\clamp}[2]{\mathsf{clamp\,}_{#1}^{#2}}
|
||||
\newcommand{\Lower}{\mathsf{lower}}
|
||||
\newcommand{\Upper}{\mathsf{upper}}
|
||||
\newcommand{\bitlength}{\mathsf{bitlength}}
|
||||
\newcommand{\size}{\mathsf{size}}
|
||||
\newcommand{\mantissa}{\mathsf{mantissa}}
|
||||
\newcommand{\ToCompact}{\mathsf{ToCompact}}
|
||||
\newcommand{\ToTarget}{\mathsf{ToTarget}}
|
||||
\newcommand{\hexint}[1]{\mathbf{0x{#1}}}
|
||||
\newcommand{\dontcare}{\kern -0.06em\raisebox{0.1ex}{\footnotesize{$\times$}}}
|
||||
\newcommand{\ascii}[1]{\textbf{``\texttt{#1}"}}
|
||||
|
@ -346,11 +364,14 @@
|
|||
\newcommand{\setof}[1]{\{{#1}\}}
|
||||
\newcommand{\range}[2]{\{{#1}\,..\,{#2}\}}
|
||||
\newcommand{\minimum}{\mathsf{min}}
|
||||
\newcommand{\maximum}{\mathsf{max}}
|
||||
\newcommand{\floor}[1]{\mathsf{floor}\!\left({#1}\right)}
|
||||
\newcommand{\ceiling}[1]{\mathsf{ceiling}\!\left({#1}\right)}
|
||||
\newcommand{\trunc}[1]{\mathsf{trunc}\!\left({#1}\right)}
|
||||
\newcommand{\ceiling}[1]{\mathsf{ceiling}\left({#1}\right)}
|
||||
\newcommand{\vsum}[2]{\smashoperator[r]{\sum_{#1}^{#2}}}
|
||||
\newcommand{\vxor}[2]{\smashoperator[r]{\bigoplus_{#1}^{#2}}}
|
||||
\newcommand{\xor}{\oplus}
|
||||
\newcommand{\band}{\binampersand}
|
||||
\newcommand{\mult}{\cdot}
|
||||
\newcommand{\rightarrowR}{\buildrel{\scriptstyle\mathrm{R}}\over\rightarrow}
|
||||
\newcommand{\leftarrowR}{\buildrel{\scriptstyle\mathrm{R}}\over\leftarrow}
|
||||
|
@ -503,7 +524,23 @@
|
|||
\newcommand{\slowStartPeriod}{\term{slow-start period}}
|
||||
\newcommand{\halvingInterval}{\term{halving interval}}
|
||||
|
||||
\newcommand{\PoWLimit}{\mathsf{PoWLimit}}
|
||||
\newcommand{\PoWAveragingWindow}{\mathsf{PoWAveragingWindow}}
|
||||
\newcommand{\PoWMedianBlockSpan}{\mathsf{PoWMedianBlockSpan}}
|
||||
\newcommand{\PoWMaxAdjustDown}{\mathsf{PoWMaxAdjustDown}}
|
||||
\newcommand{\PoWMaxAdjustUp}{\mathsf{PoWMaxAdjustUp}}
|
||||
\newcommand{\PoWDampingFactor}{\mathsf{PoWDampingFactor}}
|
||||
\newcommand{\PoWTargetSpacing}{\mathsf{PoWTargetSpacing}}
|
||||
\newcommand{\MeanTarget}{\mathsf{MeanTarget}}
|
||||
\newcommand{\MedianTime}{\mathsf{MedianTime}}
|
||||
\newcommand{\AveragingWindowTimespan}{\mathsf{AveragingWindowTimespan}}
|
||||
\newcommand{\MinActualTimespan}{\mathsf{MinActualTimespan}}
|
||||
\newcommand{\MaxActualTimespan}{\mathsf{MaxActualTimespan}}
|
||||
\newcommand{\ActualTimespan}{\mathsf{ActualTimespan}}
|
||||
\newcommand{\ActualTimespanDamped}{\mathsf{ActualTimespanDamped}}
|
||||
\newcommand{\ActualTimespanClamped}{\mathsf{ActualTimespanClamped}}
|
||||
\newcommand{\Threshold}{\mathsf{Threshold}}
|
||||
\newcommand{\ThresholdBits}{\mathsf{ThresholdBits}}
|
||||
|
||||
\newcommand{\targetThreshold}{\term{target threshold}}
|
||||
\newcommand{\targetThresholds}{\term{target thresholds}}
|
||||
|
@ -845,6 +882,8 @@ The notation $\typeexp{T}{\ell}$, where $T$ is a type and $\ell$ is an integer,
|
|||
means the type of sequences of length $\ell$ with elements in $T$. For example,
|
||||
$\bitseq{\ell}$ means the set of sequences of $\ell$ bits.
|
||||
|
||||
The notation $\length(S)$ means the length of (number of elements in) $S$.
|
||||
|
||||
The notation $T \subseteq U$ indicates that $T$ is an inclusive subset or subtype of $U$.
|
||||
|
||||
$\byteseqs$ means the set of bit sequences constrained to be of length
|
||||
|
@ -882,6 +921,9 @@ concatenating the elements of $S$ viewed as bit sequences. If the
|
|||
elements of $S$ are byte sequences, they are converted to bit sequences
|
||||
with the \emph{most significant} bit of each byte first.
|
||||
|
||||
The notation $\sorted(S)$ means the sequence formed by sorting the elements
|
||||
of $S$.
|
||||
|
||||
The notation $\GF{n}$ means the finite field with $n$ elements, and
|
||||
$\GFstar{n}$ means its group under multiplication.
|
||||
$\GF{n}[z]$ means the ring of polynomials over $z$ with coefficients
|
||||
|
@ -897,7 +939,8 @@ $b$ an integer, means the result of raising $a$ to the exponent $b$.
|
|||
The notation $a \bmod q$, for $a \typecolon \Nat$ and $q \typecolon \PosInt$,
|
||||
means the remainder on dividing $a$ by $q$.
|
||||
|
||||
The notation $a \xor b$ means the bitwise exclusive-or of $a$ and $b$,
|
||||
The notation $a \xor b$ means the bitwise-exclusive-or of $a$ and $b$,
|
||||
and $a \band b$ means the bitwise-and of $a$ and $b$. These are
|
||||
defined either on integers or bit sequences according to context.
|
||||
|
||||
The notation $\vsum{i=1}{\mathrm{N}} a_i$ means the sum of $a_{\allN{}}$.\;
|
||||
|
@ -910,16 +953,20 @@ sequences of integers.
|
|||
The notation $\floor{x}$ means the largest integer $\leq x$.
|
||||
$\ceiling{x}$ means the smallest integer $\geq x$.
|
||||
|
||||
The notation $\bitlength(x)$, for $x \typecolon \Nat$, means the smallest integer
|
||||
$\ell$ such that $2^\ell > x$.
|
||||
|
||||
The symbol $\bot$ is used to indicate unavailable information or a failed decryption.
|
||||
|
||||
The following integer constants will be instantiated in \crossref{constants}:
|
||||
$\MerkleDepth$, $\NOld$, $\NNew$, $\MerkleHashLength$, $\hSigLength$,
|
||||
$\PRFOutputLength$, $\NoteCommitRandLength$, $\RandomSeedLength$, $\AuthPrivateLength$,
|
||||
$\NoteAddressPreRandLength$, $\MAXMONEY$, $\SlowStartInterval$, $\HalvingInterval$,
|
||||
$\MaxBlockSubsidy$, $\NumFounderAddresses$.
|
||||
$\MaxBlockSubsidy$, $\NumFounderAddresses$, $\PoWLimit$, $\PoWAveragingWindow$,
|
||||
$\PoWMedianBlockSpan$, $\PoWDampingFactor$, $\PoWTargetSpacing$.
|
||||
The bit sequence constant $\Uncommitted \typecolon \bitseq{\MerkleHashLength}$
|
||||
and the rational constant $\FoundersFraction \typecolon \Rat$ will also be defined
|
||||
in that section.
|
||||
and the rational constants $\FoundersFraction$, $\PoWMaxAdjustDown$, and
|
||||
$\PoWMaxAdjustUp$ will also be defined in that section.
|
||||
|
||||
|
||||
\nsection{Concepts}
|
||||
|
@ -2031,6 +2078,16 @@ Define:
|
|||
\item $\MaxBlockSubsidy \typecolon \Nat := 1.25 \mult 10^9$ (\zatoshi)
|
||||
\item $\NumFounderAddresses \typecolon \Nat := 48$
|
||||
\item $\FoundersFraction \typecolon \Rat := \frac{1}{5}$
|
||||
\item $\PoWLimit \typecolon \Nat := \begin{cases}
|
||||
2^{243} - 1,&\squash\text{for the production network} \\
|
||||
2^{251} - 1,&\squash\text{for the test network}
|
||||
\end{cases}$
|
||||
\item $\PoWAveragingWindow \typecolon \Nat := 17$
|
||||
\item $\PoWMedianBlockSpan \typecolon \Nat := 11$
|
||||
\item $\PoWMaxAdjustDown \typecolon \Rat := \frac{32}{100}$
|
||||
\item $\PoWMaxAdjustUp \typecolon \Rat := \frac{16}{100}$
|
||||
\item $\PoWDampingFactor \typecolon \Nat := 4$
|
||||
\item $\PoWTargetSpacing \typecolon \Nat := 150$ (seconds).
|
||||
\end{formulae}
|
||||
|
||||
|
||||
|
@ -3043,8 +3100,13 @@ started hashing the \header (according to the miner). \\ \hline
|
|||
\end{tabularx}
|
||||
\end{center}
|
||||
|
||||
Let $\ThresholdBits$ be as defined in \crossref{diffadjustment}, and let $\PoWMedianBlockSpan$
|
||||
be the constant defined in \crossref{constants}.
|
||||
|
||||
\begin{consensusrules}
|
||||
\item The \blockVersionNumber{} \MUST be 4.
|
||||
\item For a \block at \blockHeight $\BlockHeight$, \nBitsField{} \MUST be equal to
|
||||
$\ThresholdBits(\BlockHeight)$.
|
||||
\item The \block{} \MUST pass the difficulty filter defined in \crossref{difficulty}.
|
||||
\item \solution{} \MUST represent a valid Equihash solution as defined in \crossref{equihash}.
|
||||
\item \nTimeField{} \MUST be strictly greater than the median time of the previous
|
||||
|
@ -3221,8 +3283,17 @@ ordering of bits in the solution encoding would require bit-reversal
|
|||
|
||||
\nsubsubsection{Difficulty filter} \label{difficulty}
|
||||
|
||||
Let $\ToTarget$ be as defined in \crossref{nbits}.
|
||||
|
||||
Difficulty is defined in terms of a \targetThreshold, which is adjusted for each
|
||||
\block according to the algorithm defined in \crossref{diffadjustment}.
|
||||
|
||||
The difficulty filter is unchanged from \Bitcoin, and is calculated using
|
||||
\SHAd on the whole \blockHeader (including $\solutionSize$ and $\solution$).
|
||||
The result is interpreted as a 256-bit integer represented in little-endian
|
||||
byte order, which \MUST be less than or equal to the \targetThreshold given by
|
||||
$\ToTarget(\nBitsField)$.
|
||||
|
||||
|
||||
\nsubsubsection{Difficulty adjustment} \label{diffadjustment}
|
||||
|
||||
|
@ -3231,9 +3302,89 @@ with simplifications and altered parameters, to adjust difficulty to target
|
|||
the desired 2.5-minute block time.
|
||||
Unlike \Bitcoin, the difficulty adjustment occurs after every block.
|
||||
|
||||
\todo{Describe the algorithm.}
|
||||
The constants $\PoWLimit$, $\PoWAveragingWindow$, $\PoWMaxAdjustDown$, $\PoWMaxAdjustUp$,
|
||||
$\PoWDampingFactor$, and $\PoWTargetSpacing$ are instantiated in \crossref{constants}.
|
||||
|
||||
Let $\ToCompact$ and $\ToTarget$ be as defined in \crossref{nbits}.
|
||||
|
||||
Let $\nTime(\BlockHeight)$ be the value of the $\nTimeField$ field in the \header of the
|
||||
\block at \blockHeight $\BlockHeight$.
|
||||
|
||||
Let $\nBits(\BlockHeight)$ be the value of the $\nBitsField$ field in the \header of the
|
||||
\block at \blockHeight $\BlockHeight$.
|
||||
|
||||
\Blockheader fields are specified in \crossref{blockheader}.
|
||||
|
||||
\vspace{1ex}
|
||||
\introlist
|
||||
Define:
|
||||
|
||||
\begin{formulae}
|
||||
\hfuzz=10pt
|
||||
\item $\mean(S) := \left( \vsum{i=1}{\length(S)} S_i \right) \raisebox{-0.4ex}{\scalebox{1.4}{/\,}} \length(S)$.
|
||||
\item $\median(S) := \sorted(S)_{\ceiling{\length(S) / 2}}$
|
||||
\item $\clamp{\Lower}{\Upper}(x) := \maximum(\Lower, \minimum(\Upper, x)))$
|
||||
\item $\trunc{x} := \begin{cases}
|
||||
\floor{x},&\caseif x \geq 0 \\
|
||||
-\floor{-x},&\caseotherwise
|
||||
\end{cases}$
|
||||
|
||||
\item $\AveragingWindowTimespan := \PoWAveragingWindow \mult \PoWTargetSpacing$
|
||||
\item $\MinActualTimespan := \floor{\AveragingWindowTimespan \mult (1 - \PoWMaxAdjustUp)}$
|
||||
\item $\MaxActualTimespan := \floor{\AveragingWindowTimespan \mult (1 + \PoWMaxAdjustDown)}$
|
||||
\item $\MedianTime(\BlockHeight) := \median(\listcomp{\nTime(i) \for i \from
|
||||
\maximum(0, \BlockHeight - \PoWMedianBlockSpan) \upto \BlockHeight - 1})$
|
||||
\item $\ActualTimespan(\BlockHeight) := \MedianTime(\BlockHeight) - \MedianTime(\BlockHeight - \PoWAveragingWindow)$
|
||||
\item $\ActualTimespanDamped(\BlockHeight) := \AveragingWindowTimespan + \trunc{\scalebox{0.98}{\hfrac{\ActualTimespan(\BlockHeight) - \AveragingWindowTimespan}{\PoWDampingFactor}}}$
|
||||
\item $\ActualTimespanClamped(\BlockHeight) := \clamp{\MinActualTimespan}{\MaxActualTimespan}(\ActualTimespanDamped(\BlockHeight))$
|
||||
\item $\MeanTarget(\BlockHeight) := \begin{cases}
|
||||
\PoWLimit, \hspace{16em}\text{if } \BlockHeight \leq \PoWAveragingWindow \\
|
||||
\mean(\listcomp{\ToTarget(\nBits(i)) \for i \from \BlockHeight - \PoWAveragingWindow \upto \BlockHeight - 1}),\\
|
||||
\hspace{20.7em}\text{otherwise}
|
||||
\end{cases}$
|
||||
\end{formulae}
|
||||
|
||||
\vspace{1ex}
|
||||
\introlist
|
||||
The \targetThreshold for a given \blockHeight $\BlockHeight$ is then calculated as:
|
||||
|
||||
\begin{formulae}
|
||||
\item $\Threshold(\BlockHeight) \hspace{0.43em} := \hspace{0.43em} \begin{cases}
|
||||
\PoWLimit, \hspace{16em}\text{if } \BlockHeight = 0 \\
|
||||
\minimum(\PoWLimit, \floor{\hfrac{\MeanTarget(\BlockHeight)}{\AveragingWindowTimespan}}
|
||||
\mult \ActualTimespanClamped(\BlockHeight)),\\
|
||||
\hspace{20.7em}\text{otherwise}
|
||||
\end{cases}$
|
||||
\item $\ThresholdBits(\BlockHeight) := \ToCompact(\Threshold(\BlockHeight))$.
|
||||
\end{formulae}
|
||||
|
||||
\pnote{
|
||||
The convention used for the height parameters to $\MedianTime$, $\ActualTimespan$,
|
||||
$\ActualTimespanDamped$, $\ActualTimespanClamped$, $\MeanTarget$, $\Threshold$, and
|
||||
$\ThresholdBits$ is that these functions use only information from \blocks \emph{preceding}
|
||||
the given \blockHeight.
|
||||
}
|
||||
|
||||
\introlist
|
||||
\nsubsubsection{nBits conversion} \label{nbits}
|
||||
|
||||
Deterministic conversions between a \targetThreshold and a ``compact" nBits value are not
|
||||
fully defined in the Bitcoin documentation \cite{Bitcoin-nBits}, and so we define them here:
|
||||
|
||||
\begin{formulae}[leftmargin=1.5em,label=]
|
||||
\item $\size(x) := \ceiling{\hfrac{\bitlength(x)}{8}}$
|
||||
\item $\mantissa(x) := \floor{x \mult 256^{3 - \size(x)}}$
|
||||
\item $\ToCompact(x) := \begin{cases}
|
||||
\mantissa(x) + 2^{24} \mult \size(x),&\caseif \mantissa(x) < 2^{23} \\
|
||||
\floor{\hfrac{\mantissa(x)}{256}} + 2^{24} \mult (\size(x)+1),&\caseotherwise
|
||||
\end{cases}$
|
||||
\item $\ToTarget(x) := \begin{cases}
|
||||
0,&\caseif x \band 2^{23} = 2^{23} \\
|
||||
(x \band (2^{23}-1)) \mult 256^{\floor{x / 2^{24}} - 3},&\caseotherwise.
|
||||
\end{cases}$
|
||||
\end{formulae}
|
||||
|
||||
\introlist
|
||||
\nsubsection{Calculation of Block Subsidy and Founders' Reward} \label{subsidies}
|
||||
|
||||
\crossref{subsidyconcepts} defines the \blockSubsidy, \minerSubsidy, and \foundersReward.
|
||||
|
@ -3860,6 +4011,7 @@ The errors in the proof of Ledger Indistinguishability mentioned in
|
|||
\subparagraph{2016.0-beta-1.13}
|
||||
|
||||
\begin{itemize}
|
||||
\item Specify the difficulty adjustment algorithm.
|
||||
\item Clarify some definitions of fields in a \blockHeader.
|
||||
\item Define $\PRFaddr{}$ in \crossref{keycomponents}.
|
||||
\end{itemize}
|
||||
|
|
Loading…
Reference in New Issue