Archives/proofofresearch.tex

\section{Distributed Proof of Research}

Each participant helps performing research by computations in Gridcoin's network. The network average is similar to difficulty in Proof of Work mining. As the network average rises it becomes harder to get the same magnitude. If a user wants to keep getting the same reward, they would have to add more compute power if there is an environment of a rising network average. If the price rose significantly more compute power would come on board, raising the network average, making it harder to get the same reward, just like difficulty in Proof of Work.

\subsection{Proof of Stake}

Proof of Research (PoR) is an algorithm, which combines a scheme to reward Miners for their work with an extremely secure block finding mechanism. This mechanism uses Peercoin's [2] Proof of Stake, in Novacoin's [43] and Blackcoin's [44] improvement of it. In Proof of Stake, currency is not mined, but minted as yearly compound interest. For this the Researcher needs a Wallet with Gridcoins already inside it. As a mint mechanism Proof of Stake uses the stake of the holder itself. The more stake the user acquires the higher the probability that they will mint a block.\\

To calculate the interest reward, coin age is used. Coin age is the stake of the investor times the days he held it for. If the investor Bob holds 50 Gridcoins for 3 days, he has acquired 150 coin age. The higher the coin age, the larger will be the reward compared to the target reward. Once a block is found with a transaction that moves the 50 Gridcoins away from Bob, the coin age for Bob is consumed.\\

Novacoin enabled Proof of Work as a stand alone function next to Proof of Stake. This means work can be calculated separately from interest and allows for separate hash targets.\\

Blocks are generated to meet a certain set yearly hash target for the whole network, for example a 1\% increase of total supply per year. This target is therefore adjusted continuously and not every 2 weeks like Bitcoin's difficulty. In Gridcoin the rate listed in the APR schedule is annualized, the rate applied to the coin balance with an APR of 1\% on coins held one day is therefore 1\%/365. When transferring the coins to a new address, a lock time of 16 hours takes effect, before age is accumulated again.\\

Gridcoin has increased the difficulty of a 51\% attack, an attack on a standard Proof of Work coin, which involves a single entity owning a minimum of 51\% of the total network hash rate. To attack Gridcoin in a similar way, the attacker would have to make a 51\% buy-out, meaning he needs to own 51\% of all the coins. In addition to the 51\%, the attacker would have to buy and hold the cumulative stake weight of all nodes with fewer than 30 blocks staked. Since interest is being paid to those who let their nodes run for the network, transaction fees are not needed in theory. However they are still enforced to prevent transaction spam on a single node.\\

These improvements were already made by Blackcoin [44], which Gridcoin, in an effort to keep up with current technology has implemented. Blackcoin also included the Zerocash [45] protocol, a process enabling anonymous transactions. For now this feature has been disabled from the Gridcoin wallet. Potentially this could be used in Gridcoin to guarantee that BOINC accounts cannot be tracked and as a result hijacked.\\

BOINC participation is not required to receive a Proof of Stake payment. A wallet that is not associated with a BOINC account is called an Investor wallet.

\subsubsection{Block Kernel Target}

\begin{equation}
X_{i+1}=X_i \cdot \frac{\Big( \frac{16 \cdot 60}{90} - 1 \Big) \cdot 90 + (t_{i} - t_{i-1}) + (t_i - t_{i-1})   }{ \Big( \frac{16 \cdot 60}{90} + 1 \Big) \cdot 90} 
\end{equation}

\begin{equation}
X_{i+1}=X_i \cdot \frac{810+2*(t_{i} - t_{i-1})}{990}
\end{equation}

\begin{equation}
X_{i+1}=X_i \cdot \frac{405+(t_{i} - t_{i-1})}{495}
\end{equation}

Legend: $t_i$ is time when a block i was created (CBlock.nTime). $X_i$ is the block kernel target like in Bitcoin [63]. In equation (3) we see that the more time passes since creation of the last block $X_i$ the higher the block kernel target gets. The higher kernel target makes easier for miners to satisfy the Proof of Stake Inequality.

\subsubsection{Proof of Stake Inequality}

To create a new valid block for the Gridcoin blockchain the following inequality has
to be satisfied:\footnote{This paragraph is sourced from [59] but it includes security fixes done in [60].}:

\begin{equation}
SHA256(SHA256(kernel)) < X_i \cdot UTXO
\end{equation}


First a data string (called $kernel$) is formed from the kernel components (see table), then the kernel is hashed to obtain a proof hash, and then this proof hash is compared to the current block kernel target. Both proof hash and target are (big) numbers. The kernel forms a valid proof only if the proof hash is less than the block kernel target. [60]\\

The idea of PoS is that you can't just iterate over some nonce trying endlessly, burning your CPU/GPU/ASIC power, until you find a valid kernel. In PoS, you can only try using different coins you have and the current time. [60]\\

The referenced unspent transaction output ($UTXO$) must be at least 16 hours old. \\

\begin{center}
\begin{figure}
 \begin{tabular}{||c c||} 
 \hline
 Field & Description \\ [0.5ex] 
 \hline
 txPrev.block.nTime & block time of referenced tx  \\
 \hline
 txPrev.nTime & timestamp of referenced tx  \\
 \hline
 txPrev.vout.hash & hash of referenced tx output  \\
 \hline
 txPrev.vout.n & index of referenced tx output  \\
 \hline
 txPrev.vout.n & index of referenced tx output  \\
 \hline
 Stake Modifier & a number composed of enthropy gathered from past blocks \\
 \hline
 nTime & current UNIX timestamp  \\ [1ex] 
 \hline
\end{tabular}
\medskip
\caption{\textit{Gridcoin Kernel Parameters} }
\end{figure}
\end{center}

\subsection{Proof of Research}

To tie BOINC and Gridcoin together and create a protocol that is both Proof of Work and Proof of Stake, but not wasteful of its resources in doing so, values from both algorithms are stored in the block header to provide a point of reference and cryptographic proof. Next to the normal Proof hash of Blackcoin, Gridcoin introduces the hash of the BOINC email together with the distributed client public key, which is used to calculate the CPID. This is called the CPID hashing algorithm. While the CPID is public, it cannot be used, or even stolen by another user, since he also needs the email for that, which only has its hashed value stored. Any invalid CPID is rejected, meaning that the CPID needs to be genuine, and the user has signed up with team Gridcoin. The user's magnitude is verified by parsing the XML as a 3rd party. This is described as Accuracy.\\

The verification through Netsoft and other credit checking farms will only be done during the first 6 confirms of a block. Once it is verified, no further evidence is needed. Both rewards are calculated together. As shown in the above reward calculation coin-age is already a part of the function. If somebody with no BOINC work to account for, an investor, finds a block, the values are simply left blank. "Difficulty" is adjusted dynamically similar to Kimoto's Gravity Well [46]. A Monte Carlo simulation was run to test the fairness of the network.

\subsection{Research Age}

Research Age was created as a way to eliminate the cap on how many coins a single CPID could earn in a single day. The cap was initially created as a security measure but lead to reduced competition and CPID splitting. Research Age works much like Coin Age. As time passes and as more credits are earned users' owed balance increases and when enough is owed and the user's wallet is connected to the network and unlocked to stake they will receive their reward. What a researcher is owed is commonly referred to as their Research Savings Account or RSA.


\subsection{How Gridcoin Is Created}

Gridcoin is created daily from two activities, Proof of Stake and Proof of Research. Proof of Research is produced at a targeted rate of about 50'000 coins per 1000 blocks. A factor is used to adjust rewards to achieve this target and is called a Magnitude Unit and is stored in the blockchain. If the number of coins generated is too low the Magnitude Unit increases, this increases the number of coins paid for a certain magnitude, if the number of coins generated is too high the Magnitude Unit decreases, this decreases the number of coins paid for a certain magnitude. This has the effect of balancing Proof of Research payments with Proof of Stake payments. Effectively, if fewer researchers are helping to secure the network, the incentive is increased. The second activity is Proof of Stake, and it is produced at an target rate of 1.5\% per year, as the coin base increases the number of coins created increases but always at a rate of 1.5\% per year. Proof of Stake is in every block, when a Proof of Research block is staked the Proof of Stake reward is also included.

\subsection{Proof of Research Beacons}

A beacon must be sent to the network to advertise a new CPID. This is performed automatically from the wallet if it is unlocked. The cost is 0.117416 Gridcoin and must be done once every six months. This beacon allows the Neural Network to know that it must look for that CPID's research credits in whitelisted project credit reporting files. A user must stake one block after the beacon is sent before they begin to accrue research owed, the lookback period is 6 months for what a researcher is owed but it looks back to the last staked block, not from when the beacon was sent. To stake a block a user must start with some coins, these can be purchased from an exchange or acquired from one of many faucets, or through the IRC channel faucet and tipping system. The more coins one begins with the faster the first block will be minted.  The initial age coins must be before they are able to stake is 16 hours.

Editor's note: this entire chapter is sourced from reference [23].\\