how exactly was the original coefficient for difficulty determined?

4

3

I'm assuming difficulty has a "target" of 10 minutes because the coefficient satoshi chose becomes multiplied by a variable to help the network remain in proportion. IE, if the network hashrate is 2x the previous network hashrate, bnProofOfWorkLimit is multiplied by the previous difficulty and also by 2, which is the measurement of how much faster the network is producing hashes.

This is pretty simple to understand. However, I've been wondering about how the original difficulty was chosen so that the target is 10 minutes.

  • Is it based on some hard physical limit of computing?

I've come across this code in chainparams.h on line 113:

bnProofOfWorkLimit = CBigNum(~uint256(0) >> 32);
  1. What does ~uint256(0) mean in C++? I know that ~uint256(0) >> 32 means 1 / 2^24 in human-readable terms.
  2. Why is the ~uint256(0) function used instead of simply 256?
  3. Why was this chosen to be expressed as 256 >> 32 rather than 1 >> 24? Is there a good reason for this?

Any direction to learn more about this would be appreciated as well.

Note: I am not asking why the amount of time chosen was equal to 10 minutes, I am asking how the number 1 / 2^24 was arrived at to estimate 10 minutes in terms of how long it takes to calculate a sha256 digest.

bvpx

Posted 2013-10-16T07:02:32.490

Reputation: 1 052

Answers

11

I'm not sure it was. When the network started operating (and Satoshi was pretty much the only one mining), blocks weren't found every 10 minutes. For example, the first 2016 blocks were found in 24 days rather than 2 weeks. Normally this would cause the target to go up but it can't go above the hardcoded max target, so only in block 32256 in December 30 2009 we started seeing the retarget mechanism kicking in and blocks arriving every 10 minutes.

However, seeing that it did come out close to 10 minutes, it's possible Satoshi figured out the hashrate of his own machine, and chose the parameter as a round number close to what it would take to find a block every 10 minutes on his hardware.

I think you did not understand this line of code correctly. Hash values are represented as 256-bit unsigned integers. uint256(0) gives the representation of 0 in this data type. ~ is logical not and ~uint256(0) inverts all bits, giving the highest possible integer, 2^256-1. Right shifting by 32 bits gives 2^224-1, so that each hash has a chance of 1/2^32 to be lower than the max target.

The value is then converted to the more compact "bits" form, which also causes it to be rounded to (2^16-1)*2^208.

Doing 256>>32 or 1>>24 would have resulted in 0 since integer types can't hold fractions.

Meni Rosenfeld

Posted 2013-10-16T07:02:32.490

Reputation: 18 542

how does a value of 2^224-1 for bnProofOfWorkLimit result in each hash having a chance of 1/2^32 to be lower than the max target?bvpx 2013-10-16T15:09:58.837

1There are 2^256 different possible hash values, roughly 2^224 of them are lower than the max target, so a uniformly random one has a chance of 2^224 / 2^256 = 1/2^32 chance of being lower than the max target. PS I'm not intimate with the code enough to know exactly what bnProofOfWorkLimit is, but I would guess it translates to the max target as described above.Meni Rosenfeld 2013-10-16T15:21:53.433

Got it, I wasn't sure about the maximum possible hash values. What is the significance of a hash being "lower" than the max target anyway? How does this all play into the difficulty equation? It's an incredible challenge to understand how all of this works at the lowest level starting from nothing and just reading the code.bvpx 2013-10-16T15:25:51.017

@bvpx: Well, being lower than max target isn't very meaningful, other than being useful in calculations, and being a requirement for a traditional mining pool share. What matters is being lower than the current target. There actually isn't such a thing as "difficulty", the target is computed from the previous target and time to find 2016 blocks, and difficulty is defined as the ratio between the max target and the current target. The first target was of course the max target, and can never go above it.Meni Rosenfeld 2013-10-16T15:28:22.920

1@bvpx: The thing is, once we know that the probability to be lower than the max target is 1/2^32, and that the difficulty is D, we know that the probability of a hash to be lower than the target and hence a valid block is 1 / (2^32*D). Of course, since the max target is 2^224-2^208 rather than 2^224, this is off by a negligible amount.Meni Rosenfeld 2013-10-16T15:31:47.847

I see. So the difficulty couldn't retarget to lower than 1 since it was already at the limit. When more miners joined the network in late 2009, difficulty rose. However, I'm wondering how the 10 minute window was calculated. Is a 1/(2^32) chance to find a block significant in some way, maybe because of the speed of light the transfer of data is limited in hardware so it isn't possible to calculate a hash faster than expected? I'm guessing other alt-coins change the block timer by simply multiplying or dividing this value by whatever they want to approximate a new block timer.bvpx 2013-10-16T20:18:59.843

1@bvpx: No, 1/2^32 is not significant besides being a round number and giving a result that matched what was desired. From the total network hashrate (which at first was Satoshi's hashrate) it is easy to calculate what is the target needed to keep blocks at one per 10 min. Alts change the interval between blocks not by messing with the max target, but by changing the retarget calculation.Meni Rosenfeld 2013-10-16T21:32:35.337

2

The first difficulty was just simply the hardcoded mininum of 1. This didn't correspond to ten minutes initially, it was actually too high for the networks hashing power. The difficulty increased for the first time almost a year later on the 30th of December 2009.

For an overview of the difficulty adjustment you can refer to this table: Bitcoin Difficulty Adjustments

Murch

Posted 2013-10-16T07:02:32.490

Reputation: 41 609

Asked: 2013-10-16T07:02:32.490

Viewed: 1 470 times

Active: 2016-03-10T09:52:27.570