 Using smart contracts to eliminate middlemen in cryptocurrency mining Okay, thank you very much for the introduction. Thank you all for staying here so late So I'm here on Valer. I'm from Kyber Network, but I'm going to talk about an earlier work So this work started as an academic work Along with Sloy who is here Jason Torch from Trubit Foundation and the Patek So Patrick Jason and I were all from the National University of Singapore. I was in the Hebrew University of Jerusalem, Israel And later stage after academic research was done We started the real project called SmartPool and then Victor Tran also joined the SmartPool team Basically SmartPool is a mining pool where smart contract replaces puller operator Okay, so first some introduction on mining pool and mining in general in cryptocurrencies So all cryptocurrencies are based on a blockchain where blockchain is basically chain of blocks and in order to add a new blockchain to the network Miners have a responsibility and perform some computational tasks to build new blocks So, okay, so more formally All the time miners raise to solve some hard computational problem And the first miner who is able to solve this problem gets to add his new block to the network and is rewarded for that And after every block is added the race starts over again and this is Keep going indefinitely So even more formally, okay, what is the block problem? So there is some constant D, which is the network difficulty, which is adjusting all the time And we have the previous block data and now when we want to add new data when miner wants to add new data So his role is to find some integer NANDs While when you hash all these parameters the result of the hash function is smaller than some D Okay, so we say that a block is valid if it it is satisfied this property And now On Ethereum, for example, and in Bitcoin things are even worse So new This big D is adjusted every time so new blocks could be find on average every 15 or 20 seconds However, every GPU mining rig if you try to mine independently Will take months as a result to find new block And this is bad because if you're a miner you want to have some study income with slow variance So for this reason Miners form some coalitions or form into pools In order to get the steady income So with mining pools They're shared a computational power And they reduce their variance and this is also good to the network because if we have steady income more miners will join And therefore the security of the network is also increased now in order to reward every pool member The following procedure is carried so Miners in the mine pool are asked to submit solutions that Relax some lower difficulty lower case D And while a valid block has to have an answer that satisfy such as the hash function is bigger than smaller than some Upper case D. So for a valid share For a mini proof of work partial proof of work of a miner. It's enough to satisfy that it is smaller than some lower case D In particular every valid block is also a valid share And on the average if we find the over the such valid shares, then we will also find some block And then the reward for every Such valid share is roughly this lower case D over upper case D And the main thing to take from this formal description is that all this this is like very formal and mathematical process And it's very nature to assume or to try to have it formalized as a smart contract Going back to the process so So we have the network some might the size to solo mine and actually there are solo miners in the room. It's still possible. But the rest will Mine with some pool operator, or they will submit the shares If a share is also a real block, so this pool operator will also submit the pool to the network and all the other solo miners Okay, so in the network I also the pool operator is a solo miner All the other solo miners can also submit their full blocks and Eventually the pool operator will pay its members from the full block if I'm in submitted Now all this pooling give rise to very strong centralization. So both in Bitcoin and Ethereum and basically in any real blockchain So in Ethereum At least in the end of this July so 80% of the hash power was concentrated with six mining pools and This is this could give rise to some problems First and fourth most the censorship problem So but basically the pool operator is the one who decides on which transactions the miner will work on so we can easily sensor not in here but the six Pool operators that combat that collect that controls 80% of the network can easily decide which transaction are going to be add In Ethereum they also decide on the gas limit. They can maybe form a cartel of gas prices Okay, and there were some evidence not exactly to malicious behavior of pool operators But some undesired behavior or some slow response from pool operator So couple of months ago there was So the foundation asks miners to increase gas limit Technically no one opposed to it, but pull operators from some reason delayed The increase of the limit And the or many calls even for miners to increase it But since the pool operator is the one who controls it. There was nothing that they could do So center censorship is one issue another issue that this is a single point of failure So if 80% is controlled by six pool operator, so it's enough to eclipse or did us These six pool operators and Ethereum will lose 80% of its hash power, which means 80% of the security Pull members have to trust the pool operate pull operator to pay them and maybe in some smaller currencies and tokens so the war exit scams that were performed by a pool operators and Most notably in Bitcoin. So sometimes they delay or prevent protocol upgrades Famous example was the Segwit saga So, yeah, okay. So pools are good, but centralized pool have their disadvantages So what can we do? We want to have the centralized pool that it's not controlled by anyone a So in Ethereum, we have smart contracts and pull operator mission is very mathematical and mechanical So why not replace the pull operator with a smart contract and then the architecture is that some local client Will give the work to them. I will give the work to the miners the miners will get the Transaction from the from a local client that runs within their machine If they find real block this Local client also submitted to the network and from time data and And for the partial work they submit shares to the smart contract which reward them Okay for the submission now as in standard pools so the They submitted the blocks are rewarded their block reward of the submitted blocks is going to the smart contract Similarly as in standard pools simply the Coinbase address Is associated with the smart pool contract it or actually it is the smart pool contract address so If you would have that or we do have it with smart pool, so we get a completely decentralized mining pool with no censorship Depending on the payment scheme, but So it doesn't require any infrastructure or servers so low cost all the fees are only Ethereum gas fees no fees go to the smart contract And also the the payments are automatic and trustless, right? There's no way to steal money or whatever But on top of that it also preserves all the good things from the traditional mining pool So we have low variance It's fair to everybody anyone can join everything's anonymous And also what is important for smart pool that no security deposits are needed. Okay, you just join and Start getting money for your work So, yeah, okay, sure. Let's replace this Pool operator with a smart contract. Why not sounds very simple. So So the idea very simple but technically very complicated So In real pools, okay, you basically have to submit a share every minute or so And okay, you cannot handle such big volume if even if it could okay the the gas fees for submission Share would have been bigger than the share reward. So there's no point submitting every share Okay, so the next naive idea is okay. Let's ask for shares with high difficulty Which in return also have a high reward So, okay, but there but in this case, we are not much better than the standard pool Because then again, we have high variance in the payment. It's not very very attractive to miners So in Bitcoin the decentralized mining pool version for Bitcoin. This is roughly what it does Okay, so it limits the number of shares to serve to one one share per 30 seconds for the entire pool Which is not very not favorable to small miners so in bit of in Bitcoin pity pool it somehow works because the pool is very small but Obviously, it doesn't scale So this solution is also not great. So What we come up to is a probabilistic sampling algorithm So the idea is that okay, let's let miners cheat and submit invalid shares But as long as they are not expected to gain format. So so who cares So the idea is that okay miners will submit a bulk of six or maybe six six million shares We will probabilistically sample one of them and check them But the intuition is okay. Let's consider the case was they submitted six invalid. So they submitted six Shares out of them. So 33% are invalid. So we sample one share. So with probability of two thirds We will sample a good share and actually so we will pay them six units But with probability of one third, we will sample a bet share and we'll pay zero So overall the expectation of the payment will be four which is exactly the number of valid shares They have okay, so they can cheat but it's not profitable profitable to them So yeah, sure, let's do probabilistic sampling and then another difficult problem problem Okay, so we can easily detect invalid share. They have invalid proof. They have invalid proof of work But what if they duplicate what if they submitted the duplication? So this is much harder problem, but we are okay, so we Eventually we also tackle this problem and solve it So we introduce some new that data structure That allow testing for sortedness of Submitted shares so we called it augmented Merkel tree and it allows us to reduce the number of checks from the number of submitted data from log n square to log n which okay put in concrete numbers was 20 units of 32 bytes as opposed to 400 units, which is very significant for the concrete numbers Okay, so so this was mostly the academic project and then Implemented also so we raise some donations from the public back in 2017 January 2017 and started implemented it So the architecture is a follower. So We have a smart pool contract on the blockchain, of course, but all of this should reside On the miners the local computer local machine So Iran parity or get or is ferret client and then we have this smart pool client that we in charge of So parity gives us transaction to mine The client assign it to either minor or any other favorite minor Okay, and this reside on the mining rigs So it give it work. Okay in return to get shares once in a while when we have enough of Enough shares to submit so we commit on these shares to the smart pool contract So we only give the Merkel root of the shares And then in return so the smart smart pool contract return the index of The sharing it need to sample And then in return okay, so the smart pool client also submit the actual share the smart pool contract verify the share And if everything is okay, it gets the reward for all the batch. Otherwise, you get nothing Okay, so this is the architecture and here another very technical implementation details so Verifying proof of work is also hard in ethereum. So ethereum proof of work requires So So it is memory hard so it requires a data set of over one gig So we can obviously not store it on the blockchain It will cost us a hundred or thousand of dollars and this data set is changing every three days Fortunately though this data set is deterministic And even more fortunately out of this data set in every verification only 64 elements should be fetched from the data set So what we did since everything is determined deterministic and predictable We just store the Merkel truth of each Precomputed data set and we can do it for years to come this very low cost And now miners that join us already know what is the Merkel route they can test it Okay, they don't need to trust us. So this is fine And now in every proof of work The miners has to do in it to prove its proof of work To the smart contract. They also attach the 64 elements along with the relevant Merkel pass and we verify it. So Okay, so this is a real project we actually deployed it deployed it It was running relatively smoothly for two months around June and July 2017 We found real block on the Ethereum mainnet The operation cost was were very little for the miners and Okay, so on average it was like 2.6 percent that went to gas fees But technically it could be as low as it as low as they want as long as they are willing to wait to get their payment This is still not open to the public and we had five million miners out of them one which was very big We reached something over 30 giga hash per second Which was roughly okay when we started it was roughly to two blocks per day Difficultly increased much during these months. So we end up with one block per day And the verification course was something over two and a half million gas Which is a lot but doable and recorded. Okay, so some of our miners submitted only once per month The big ones submitted once every few hours So this is scalable, I mean we could have handled also far on hope we will handle thousands of miners Right, so you could you should only do it one per day one per week. So there's room for everybody So again 2.6 million gas. It's a lot, but it's it's feasible Okay, and this is an example for This is a proof that we actually found blocks. So if you go to this extra data if you observe it So you see smart pool And here are some details on the minor idea, etc. So we found over 80 like this Okay, but why is the project still not alive so So actually we had very big hash power all together, but most of them was due to one single miner Well, which we actually are very grateful for his support Intesting and such so Setting up setting up our system is very technical and hard process. Okay, not many or Either willing or able to do Okay, and even once after we did it we find many optimizations that we still have to do on the client not on the contact side that Should support big mining farm. So Well as very big mining farm and we don't have any optimizations for that So he's now waiting for us to complete the optimizations Okay, so there's still some work to do before we go live, but not a lot Okay, so this project is open source not profit and we are looking for more people to join us So in particular go developers But in a case we have a gtab Your welcome all to fork it use it or contribute. Thank you