Hacker News new | past | comments | ask | show | jobs | submit login
Gridcoin: An open-source cryptocurrency that rewards volunteer computing (gridcoin.us)
230 points by guerrilla 11 days ago | hide | past | favorite | 142 comments

This may be misunderstanding the function of PoW. Bitcoin PoW provides three things: selection, security, and incentive. The compute resource burn is an externality, although, it also ends up providing an important function, economic distribution. For PoW to work,it has to be hard to produce, easy to verify, and most importantly, attest to one and only one state of the blockchain. The last part is where this fails as PoW. The solution to a puzzle is meaningless if the same solution can be shown as the result of two different inputs. So the puzzle must be practically unique to each proposed block (infinite possibilities), and ‘fair’ to each proposal. If you can find a useful puzzle with these properties, please don’t hold back.

The coin is proof of stake based. The rewards for BOINC come on top of staking. Each BOINC project that is rewarded has its stats looked up by a system of oracles and each node verifies that the oracles match up. The project themselves can be removed if they act up and there's a system for voting on which project to add and remove

If you have any more questions feel free to ask me or check out the Gridcoin website https://gridcoin.us

Note: I help work on the gridcoin.us website and have ~5000 Gridcoin, so I may be biased in my view of the coin :)

The website appears to represent it accurately, and exciting for all the reasons that BOINC is.

The Wikipedia article says:

“Gridcoin attempts to address and ease the environmental energy impact of cryptocurrency mining through its proof-of-research and proof-of-stake protocols, as compared to the proof of work system used by Bitcoin.”

I don’t see this implementation as having any relevance to cryptocurrency mining in general. Hopefully you can find a way, but the Wikipedia statement seems inaccurate.

I know that many (including one of the core developers) have tried to correct various things on that Wikipedia page, but my understanding is that there's an admin that keeps reverting most changes

> I don’t see this implementation as having any relevance to cryptocurrency mining

That's why a lot of people refer to running BOINC to get Gridcoin as "crunching" instead of mining to help distinguish it

> Each BOINC project that is rewarded has its stats looked up by a system of oracles and each node verifies that the oracles match up

For cryptocurrency noobs: the word "oracle" while seeming to be a buzzword that tries to provide some technical legitimacy, actually means "a node with authority", which basically goes against the whole point of cryptocurrency (decentralization).

Move on, nothing to see here. Disappointed that this reached HN frontpage (and wikipedia).

I'd agree that it is more centralized than I'd like, but it doesn't defeat the whole point. Gridcoin has a different purpose than most cryptocurrencies. It rewards science and is more decentralized than most coins that try similar goals [1]. I'd also note that the oracles have less direct power over the coin than you might think. See one of the comments I made about it earlier [2]

The alternative was previously flooding every project and downloading a massive gigabytes of data from the projects. It wasn't maintainable and a project left from the large amount of bandwidth it used up. As Gridcoin grew, it became a larger and larger issue. As well, some projects are now requiring tokens to access the stats (for GDPR reasons), so for some project, it became impossible to reward them without anything like this

> ...seeming to be a buzzword that tries to provide some technical legitimacy...

I'd also note that most things about Gridcoin usually doesn't use the term oracle (uses scrapers instead). I was using it here since I thought it would be a term more here were familiar with

[1] https://gridcoin.us/wiki/advantages-and-features.html

[2] https://news.ycombinator.com/item?id=26240413

Sorry I can't buy the idea. Once you have some oracle, you have more centralization than a properly decentralized currency. And then you end up with the worst of both worlds: as expensive and slow as a cryptocurrency, and as trust-dependent/weak as a centralized system (weak in the sense that there's a single point of failure and a single entity that you must trust).

Anything that can only be done with some degree of centralization should just use a PostgreSQL database instead, no point in using a blockchain.

> Once you have some oracle...

> ...single entity that you must trust...

It's not a single oracle. There are currently 6 that independently run and gather the same stats. The wallet compares each of those independent oracle's data to each other and makes sure it matches. There will almost certainly be more oracles in the futures

> Anything that can only be done with some degree of centralization should just use a PostgreSQL database instead, no point in using a blockchain.

You get more resiliency in running it through a blockchain. You would go from oracles having to coordinate in a tricky way to manipulate stuff to now being able to having a database where they could somewhat easily directly change balances, stop things from running, ect.

A blockchain has some degree of centralization. For instance, how the very first peers found in blockchains is fairly centralized and relies on a lot of hardcoded nodes or servers. Now you can also seek out some connection too manually if you really want to, but most* have decided not to do that and accepted the trade off. Everything has a degree of centralization. It's not an all or nothing proposition. It is where you want to move on the balance of completely centralization to decentralized

* Partly because many aren't aware of this, but it still applies to those that are aware too

> It's not a single oracle.

I didn't say "single". I'm out of this convo.

In that case, why have proof of stake at all? Wouldn't it be simpler to just have the set of oracles alone facilitate the currency, since they already effectively have the power to?

The oracles don't have the power to completely run everything. With the current split for rewards, 25% of new coins is from just staking. As well, because new blocks are made only proof of stake, a 51% type attack would be also be much tougher for the oracles conspire and to pull off. Even if they tried to redirect 100% of research rewards (28750 GRC/day) to one address, it would take over 900 days to even reach the same amount as the address with the largest balance (~6% of current coin supply) [1].

Further, there's also more resiliency. If the oracles somehow broke or conspired and all said everyone did zero work, the network would still run. Now granted it would not be great that only previously pending research and PoS rewards would be given out, but you could still send coins, run polls, etc.

[1] https://main.gridcoinstats.eu/address/ (excluding the very largest one (the foundation) because it's multisig and can't stake. In its case it would take 1000 days to reach)

The market didnt tolerate oracle controlled coins when Gridcoin was released

The market does tolerate that now

Today you wouldnt use a new blockchain you would just issue an erc20 token with an oracle server having an admin key for distribution. You could have people merkle mine to accumulate a stake, but this is primarily to keep the “crypto/computational” branding for that audience, as the oracle aspect would still be centralized

I once saw another example coin like this where the "useful PoW" was finding chains of prime numbers or something. However, PoW solutions were not dependent on the current blockchain sate, which rendered it insecure as someone could just stockpile solutions and then hijack the blockchain. Is it the case here too?

The closest I've seen to a useful PoW coin is one which relied in intel SGX to prove that the work done was useful and honest, but of course the central root of trust is really Intel's SGX in that case.

> The solution to a puzzle is meaningless if the same solution can be shown as the result of two different inputs.

This isn't true. There are an infinite number of inputs that result in the same solution for bitcoin (or any hash)

Right, but that's a little unfair? SHA-256 is literally a function designed to make it impossible to find such collisions. BIONIC problems aren't designed with that in mind.

Okay let’s see an example. ;)

Like it or not they are technically correct. SHA-256 is a one way compression and furthermore the PoW for bitcoin doesn't require a match for the entire hash.

There's loads of examples of this in the bitcoin network whenever there's been a fork and eventually orphaned blocks.

Those are different solutions to the puzzle. Nobody has ever published a sha-256 hash collision. It has happened once with sha-1.

The principles are the same — it's just harder to find collisions for larger digest sizes. (Although bugs in sha-1 add an interesting wrinkle to the discussion.)

In fact one could argue that encryption without requiring infinite bandwidth or computation requires finite difficulty in math puzzles.

So our current approach to encryption is fundamentally vulnerable to (vastly) more powerful adversary computers. Only things like quantum cryptography break free of that limitation, by changing the ground rules.

Algorithmic cryptography depends on a computation time approaching infinity for perfect security. Quantum cryptography depends on a data transmission rate approaching zero for perfect security. Either way, perfect security takes forever.

One of the more famous examples of a BOINC project is Rosetta@home, which asks users to determine how proteins fold. Isn't this exactly what you stipulate? You just let the binary hash of the block encode a sequence of amino acids, and then have the output be a valid block hash if the hash of the corresponding protein fold data has enough 0 bits at the beginning.

who validates that the protein was folded correctly? Validating that the hash of some nonce contains enough leading zeroes is very easy for the network to validate. But verifying that users are correctly computing the protein folding (rather than quickly dumping out invalid folds to test hash values) seems like a difficult problem for the network to validate.

BOINC tasks are validated by running multiple executions on different hosts/users and comparing results; credit, and hence GRC, is only attributed to tasks with valid results: https://boinc.berkeley.edu/trac/wiki/CreditNew

This is a good point. I was assuming that computing a protein fold was something that could be done relatively quickly, but it seems like these simulations are actually much more computationally intensive than that.

This is obviously not my area of expertise, but I wonder if there is any way to make more efficient but still useful computational questions about protein folding. For example, if we try to fold just part of a protein (only 100 or so amino acids, say) and do it at a much lower fidelity of simulation, is the result still helpful?

Exactly this. The PoW scheme must commit you to a particular chain.

Can you just hash a new solution to the puzzle with the new proposed block?

Solution has to depend on the proposed block, so that a solution is not reusable for the next block

The solution is also announced in cleartext, so you can check against previous solutions.

The problem is that when a miner announces a block with a solution, an attacker could immediately announce their own alternative block with the same solution and there would be a chance that the network would take up their block first.

But if the legitimate miner announces & signs a hash of the solution well beforehand, they can prove theirs is the legitimate solution.

Then that adds a delay to each block being broadcast to the network. It also means that the longer a miner waits to broadcast the block, the more time a different miner has to finish a proof-of-work and claim the next block first. Miners are all racing each other, so they're all going to try to wait the most minimum amount.

The logic around only accepting a block if you previously saw a signed hash is vulnerable to sybil attacks. An attacker could run thousands of nodes on the p2p network, never relay anyone else's signed hashes, steal the proof-of-works from completed blocks and then broadcast signed hashes of its own blocks with the stolen pows and then broadcast those blocks. Many users might find themselves connected to only nodes run by the attacker and would get tricked into accepting the attacker's chain.

The proof-of-work not depending on the blockchain state means that a miner could queue up lots of complete proof-of-works and then mint a ton of blocks with them all at once to do a 51% attack.

Any solution to this is either going to be centralized or look like proof-of-stake, and at that point, the proof-of-work is extra and not actually load-bearing at all.

Ok, not being usable for the next block is not enough. It must not be usable for any other block. Competing chains, forks, other miners stealing your rewards, etc. Has to depend on the hash of the previous block, and also the transaction where you send the reward to yourself (-> even if someone else "steals it", you get the reward so it doesn't matter).

For those that are wondering how this works, Gridcoin uses PoS - not PoW - and then rewards for research on top of it. It is not locked into any algorithm because it's not PoW. There are currently 18 different BOINC project [1] that it rewards. New projects can be voted in or can be voted off.

To try to reduce the centralization, there is a system of oracles that gathers the stats from each project and the nodes verify that the oracles match each other. As well, each project only consists of 1/18th of the rewards [2] from research and there's also new coins rewarded for just staking, so if a project acts up, they wouldn't be able to largely manipulate coin supply.

If you have any more questions about it, feel free to ask me

[1] https://gridcoin.us/guides/whitelist.htm

[2] https://gridcoin.us/wiki/magnitude.html

Note: I help work on the gridcoin.us website and have ~5000 Gridcoin, so I may be biased in my view of the coin :)

Whats the use for the coin? Its an incentive obviously but its only so because it has a price tag. Who should buy the coin from me if I "mined" one and what would he do with it?

As one of the commenters mention, it's an issue with all cryptocurrencies. Right now one of the reason people want to get Gridcoin is to get enough to stake regularly to earn their rewards or because they believe in the coin. In the future, there's been some ideas floating around that I think are very interesting. For instance, one idea that's been floating around is to create a service that accepts GRC and offers assistance to researchers for setting up a BOINC project

No, its not with all, maybe with most but regardless this doesn't add any anything. I want to know specifically for this coin.

>to get enough to stake regularly to earn their rewards

Reward paid in, let me guess, more coins. self fueling like most other coins. Thats not a real usecase

>because they believe in the coin

so it has religion-like properties, awesome /s not a use case

>create a service that accepts GRC and offers assistance to researchers for setting up a BOINC project

so its used as a medium of exchange which boils down to the price tag it has. you could just pay someone with normal money no one would want to be paid in gridcoin unless one gets overpaid. Obviously this is also not a use case.

I'll admit it's not great right now, but I don't know if I understand what you view as a use case? If using it to get things of value with it is not a use case, then what coin or currency has any use case? Everything is a transfer of value even beyond just currencies be it paid in time or other things

> Reward paid in, let me guess, more coins. self fueling like most other coins. Thats not a real usecase

It's also worth noting that you don't have to go through it if you use a pool, and there's work on making it not require pools if you don't want to start out with any Gridcoin. If you look up Gridcoin and "Manual rewards claim" you'll find some of the discussion about it.

> so it has religion-like properties, awesome /s not a use case

I was thinking more in terms of some of the reasons why Gridcoin's developers have Gridcoin - not necessarily advocating for others to do the same. I should have clarified that I didn't think this was a use case

I should also mention that having Gridcoin helps you in polls. Gridcoin has a system of polls and the polls are weighted by how much work you do in BOINC and how many coins you have. Note that it's your amount of those before a poll so you can't try to gain more influence after learning of a poll. It of course has its own issues and discussions about how or if votes should be weighted

Maybe I should have said a "unique use case" and also one that out-competes other similar systems. Buying stuff with the coin may be an use case but this coin is in no way better than the thousands others for doing just that. Its very much end of the line for acceptance and thus this use case is not really valid.

Ah that makes more sense

I see using it a currency backed by scientific work is already something that makes using it unique and can make people interested in accepting it and use it. I see that you don't view it the same way, but that's okay too

As well, here's one thing that may or may not usecase per se, but it is something a that's different from most cryptos in use of the coin itself. It's nice feature that only a one or maybe a handful other coins [1] called sidestaking. With it you can send any % of your staking rewards to other addresses in the coinbase transaction. So you could for instance use it to donate to BOINC projects that accept Gridcoin every time you stake (and people already do that). Or you could send it to a friend when you stake or anyone really. You can send to multiple addresses every time you stake with different % for each (up to 6 before it has to cycle through them on each stake) to. On the flip side, accepting Gridcoin means you can also accept sidestakes (at least for things like donations)

[1] Pinkcoin is the only other one I know of and could find (https://www.youtube.com/watch?v=HTuM69Lgd5o). Looking it up just brings me mostly to Gridcoin stuff

>backed by scientific work

Sorry to rain on your parade but this is utter nonsense. Its not backed by anything. Words have meanings and you cant just use an existing word to describe some different imaginary concept. There is no such thing as baking "money" with past work. The benefit of past work is already "used", it can not somehow hold value for the rest of time. If you calculate the larges know prime number that number does in no way have or hold the value of work you put in to get it. the number is in fact worthless once it is known.

>sidestakes I'm impressed what kind of nonsense people come up with and can somehow present as something valuable. Sounds like the self fueling money printer system named gridcoin has a builtin function to donate fractions of the printed money to different addresses. literally donation by inflation - should be called stimulus lol.

Maybe backed was a bad word to use. I more just meant that it's creation is linked with scientific work having been done. That it has a value linked to helping science - not a direct one to one thing you can exchange for helping science. More so that accepting it means that you know that part of it came from helping science

> If you calculate the larges know prime number that number does in no way have or hold the value of work you put in to get it. the number is in fact worthless once it is known.

None of the projects on Gridcoin are currently for finding Prime numbers. There was one in the past, but it was removed from the whitelist per the admin's request. I also disagree with the notion prime numbers they are worthless once they are known, but I'm not going to go into that because it's not relevant here

With Gridcoin the work is meaningful after it has been done. Take for instance the biomedical research done by a bunch of projects. The proteins and the drugs they help lead to have massive impacts to a lot of people. Now it isn't something you can exchange back and forth through time obviously, but its result is something you can still see is meaningful

> literally donation by inflation

I didn't say it wasn't from inflation, but it's opposed to many making no donations at all and there still being the same amount of inflation. It's used a lot because it's convenient to setup and it doesn't result in any extra transaction fees or the like. The alternative in other coins is that people just don't end up sending anything more and just take all of the newly minted coins

> should be called stimulus lol


not going to go into this

I think continuing this conversation is not going to really result in much. I'm not sure what exactly you are looking for that you see in other cryptocurrencies. I think this is going keep going in circles.

The prime number thing was an example not related to this coin.

The stimulus thing was just a joke.

I'm not looking for anything that "I see in other cryptocurrencies". I was just looking for a reason why this coins should be used by anyone. The other 9k coins are irrelevant.

In it's heyday during 2018 it got up to 15-17 cents (USD), but by the end of 2018 it was at 1/2 cent and by the end of 2019 it was at 1/10 cent. It's been delisted from most of the major exchanges and pulled from wallet apps like Coinomi; your observations above are correct, you need to have coin to make coin and you cannot make coin quickly without throwing a lot of hardware at it. You must use their wallet, which is... well, it has a lot of users having to deal with it not working right/needing repaired frequently (see /r/gridcoin).

There were a few businesses accepting the coins for awhile (VPN providers, there was a hosting provider for a bit, I think a stickers/mugs/tshirt website, etc.) but that seemed to have dried up by 2019. The community itself has always seemed nice/pleasant, this is not a comment on those working the coin just on it's actual viability in real life - kinda has no use beyond owning it to make and own more of it as a curiosity. When I stopped using/trying I just dumped whatever random couple hundred coins I had into a public faucet, wasn't worth the hassle of trying to cash out $10 after a year of participating.

It's worth noting that a lot of work (4500+ hours in ten months of development and testing[1]) has been put into a massive rewrite of the wallet in 5.0.0. The wallet is a lot more stable than it was when you last used it, the GUI is much better, tons of old crappy code was removed, thing are more secure in general, etc. There's also much better testing of releases now too

[1] https://www.reddit.com/r/gridcoin/comments/im8ktw/gridcoin_5...

That's fantastic to hear - while I have your ear, as a WCG cruncher I did not want to (be forced to) join Team Gridcoin in order for the work to be counted. Along with above work, has the WCG requirement to join Team Gridcoin been lifted (design altered to another method) now/as well? Teams are 50% of the fun in WCG, so the requirements for a specific team membership are unwelcome.

I was also really wanting manual reward claim (the current staking method is a lottery), I think that's still in progress reading the other comments - if I'm crunching for coin, being subject to a lottery method of when I'll get "paid" is a non starter, I want to claim my work coins when I want. The sheer fact that users with large coin are encouraged to split their stakes to increase their lottery chances of winning the stake are just crap, it's heavily biased towards HODLers and people who got in around 2016 and have a million coins - basically, the coin poor are penalized, newcomers have no hope in this staking scheme. I've always thought it was a little ponzi-scheme-like to be honest.

That's correct that the requirement to be on team Gridcoin was removed in 5.0.0. You can now earn Gridcoin from any BOINC team.

The manual rewards claim is still in the works although there's now some more specific plans in mind [1] for it than there were in the past. It's on the roadmap somewhere

[1] See this message from Jim Owens (one of the core developers) about some of what he's thinking https://discord.com/channels/211637812968161280/338020950714.... I would normally quote this instead of making you have to join a Discord, but it's rather lengthy and part of a discussion

Thanks for the update, progress! I'll dig into the last bit more, I don't Discord but I'm sure it's over on reddit or that other place people blog for coin (it's been a minute since last I was in this game). Much appreciated.

Let em guess, the work was paid with gridcoins.

Originally the main developers didn't request any compensation for this, but yes they will be compensated in Gridcoin. The reason for this is partly that Gridcoin is really community run and doesn't have much USD or other fiat just lying around, but with the history of the foundation address (not an organization), there's a fair amount of Gridcoin that can be spent on it and other tasks

let me rephrase:

"Originally it wasn't mean to be paid by printing "money" but then they did exactly that because somehow they hand no fiat lying around."

Its useless development paid by useless coins for the sake of making the useless coins spendable to pay for the useless development. A self-feeding nonsense system that happens to produce software that no one would actually want to pay for.

The whole system is only prevented from collapsing by the fact that some people hold on to the coins in hope of future profit and some may even buy them for that reason.

I just want to note that I meant originally for the 5.0.0 work the developers didn't request compensation, and so it hasn't been sent just yet since it the request was recent. It has nothing to do with being paid in Gridcoin or not.

> Its useless development paid by useless coins for the sake of making the useless coins spendable to pay for the useless development. A self-feeding nonsense system that happens to produce software that no one would actually want to pay for.

It's community run. There isn't really a "they" deciding anything or paying for things. It's not paid for so much as compensated. Some people have done work on it without requesting any compensation. I think you think there is a more formal system in place here than there is. The only reason there is a bunch of Gridcoin lying around in that foundation address for this is because of the transition from Gridcoin-Classic to modern Gridcoin [1] which arguably probably shouldn't have been done the way it was, but it's too late for anyone to reverse that decision from 2014.

As with the other thread, I don't think continuing this thread will be lead to very much either.

Lastly, I just want to note that for me, the reason that some of this doesn't matter as much to me personally (not that it doesn't matter at all) is because I view Gridcoin more as an addition to the science. If Gridcoin collapsed and went to zero, I still would have done something useful with my machines and helped science. I can't say that about many other coins.

[1] https://gridcoin.us/wiki/gridcoin-classic

How are those issues any different from other currencies or coins? It really comes down to trust and security, which this offers just like others do. At a high level view it's just basically bitcoin but with coins created through externally useful work.

So its just another "better" bitcoin. But bitcoin is already useless. And we already have FBA coins instead of PoW/PoS which are way more efficient. It remove the external "useful" work completely.

Such as?

FBA coin? XRP and XLM are the oldest and most well known. But there are probably dozens more by now.

>Whats the use for the coin? Its an incentive obviously but its only so because it has a price tag. Who should buy the coin from me if I "mined" one and what would he do with it?

This is the same for any crypto coin. Certainly not unique to Gridcoin.

That doesn't answer the question.

It's more a history question than a technical question. What's the use of Bitcoin or Ethereum?

Bitcoin was mean to be p2p cash. It has no legitimate use case anymore as it obviously failed to be p2p cash.

Ethereum tried to be many things mostly a decentral computer. Turned out to be a super expensive decentral computer and that it isn't really so decentral in the current version. However its technically used this way by some people so that de-facto means it has a valid use case. It can hardly compete against newer similar projects but thats another story.

The Bitcoin idea didn't fail to be cash. BTC failed to be cash because it forced a permanent 1mb block size limit. If you want to see the original Bitcoin idea working as a charm, use Bitcoin Cash (BCH).

Well if its meant to be used as p2p cash but can not be used in this manner since many years that ticks all the boxes for me to call it failed. but you are entitled to your own opinion on this.

BCH solves nothing, the larger block size may allows some more Tx but you still have 10min block times and then wait for however many confirmation blocks you want. Not exactly how I imagine p2p cash is supposed to work. and if the throughput would reach the new max with the new block size it would suffer exploding fees just like the "main" bitcoin. It does not scale better it just has a higher limit not one that would allow any meaningful throughput to use it as a global p2p cash system. no one has it to use it as p2p cash. Everyone has it to sell it for profit later on.

Or check out Monero!

If curious, past threads:

Help Take the Fight to COVID-19 with BOINC and Folding@Home - https://news.ycombinator.com/item?id=22658139 - March 2020 (61 comments)

Gridcoin: Rewarding Scientific Distributed Computing - https://news.ycombinator.com/item?id=16031912 - Dec 2017 (55 comments)

BOINC – Berkeley Open Infrastructure for Network Computing - https://news.ycombinator.com/item?id=12524921 - Sept 2016 (21 comments)

BOINC: Compute for Science - https://news.ycombinator.com/item?id=10205904 - Sept 2015 (11 comments)

Help advance science while mining cryptocurrency - https://news.ycombinator.com/item?id=8102623 - July 2014 (1 comment)

For those reading and not familiar with Gridcoin and BOINC, I should note that BOINC is separate from Gridcoin. The threads about BOINC are indeed related, but about a slightly different topic. Just wanted to note that since I have seen some confusion stemming from it in the past

Separately, would it be possible to change the submission link to something with a little more information such as gridcoin.us? I have been lurking for a few months and I notice that you have changed some links in the past. Not sure what the guidelines are for changing links, so let me know if me that's not something you think is needed or can do

Yes, URL changed now from https://en.wikipedia.org/wiki/Gridcoin. I wish I had thought of that (or seen your comment) sooner!

For most cryptocoins, you want a proof-of-work to be: (1) easy for a computer to verify, (2) hard for a computer to perform, (3) impossible to predict for a given 'block' and (4) decentralized and untrusted.

If it's a novel scientific problem it won't be all of these. An interesting exception is prime numbers. Primecoin [1] has a useful proof-of-work: it finds Cunningham chains of primes.

If you don't like the energy consumed by a proof of work, you should probably use something else like proof of stake. Any clever idea to try and steer the computational power to SETI@home or protein folding won't have the critical qualities of most cryptocoins.

[1] https://en.wikipedia.org/wiki/Primecoin

Folding can be verified easier than it can be produced.

You can verify that some fold achieves some energy state. What you cannot efficiently verify is that it's the best possible fold, achieving the global minimum energy.

> You can verify that some fold achieves some energy state.

IMO, that makes it similar to Difficulty[1] (and the related target) in Bitcoin's POW scheme.

[1]: https://en.bitcoin.it/wiki/Difficulty

except that with difficulty, you know the expected effort needed to pass the threshold. with folding of arbitrary proteins, you have no idea.

I spoke briefly with Vijay Pande about this in 2011. Folding does have a lot of the right properties for a good proof-of-work system, the main exception being that the solution must be unique to the input. It may be possible to achieve this by embedding information into sets of constraints, as long as any particular set of constraints can be shown to be isoenergetic. Or perhaps by expanding the problem by adding more atoms in a way that embeds information about the inputs. Also, the solutions would be quite large. But I think he was more interested with my experience writing molecular dynamics code than blockchain, and rescinded the RA offer after this conversation, so I haven’t thought about it much since then.

Reconsidering (briefly) now, I think it can be done.

There's no points for partial credit. It cannot be decentralized, untrusted and unpredictable. If anything other than an automaton produces the PoW inputs, it's at least centralized and we must trust that no one is cheating the PoW.

No points for partial credit?? Well... if you believe that, then that makes Bitcoin suspect as well as its consensus mechanism is essentially already broken by the practical concentration of mining power in a single country with an authoritarian central government.

EDIT: Anyone using an online wallet is already compromising trustlessness. Heck, using common software packages that you didn’t personally inspect is also compromising trustlessness. But does this matter in practicality? Yes (such online wallets and even sometimes soft wallets have been compromised or have lost coins occasionally), but not enough to necessarily get rid of all of the utility of cryptocurrency.

Instead of PoS there are FBA (federated byzantine agreement) chains who are older than PoS thus better tested and arguably without any of the flaws PoS has. PoS is really a step backward and not the real successor to PoW.

Proof-of-Work only makes sense if there is an opportunity cost for mining an invalid chain.

If mining an invalid chain is "useful" in some way, the security guarantee disappears.

Can you explain why the security guarantee disappears in more detail?

I thought that the security of a block-chain comes primarily from the difficulty of rewriting the chain of blocks. To do that you will have to fork and recompute the chain from some point back in history (say 5 blocks ago). This puts at a disadvantage since the rest of the network is ahead of you by 5 blocks and will continue adding new blocks. So you will need a lot of computational power to rewrite history and also overtake the rest of the network.

Why would some additional reward for mining (by solving a useful problem) break this?

You don't actually need 51% of the mining power to perform a double-spend attack. Just by pure chance, even with 10% of the mining power, you will find 5 blocks in a row sometimes.

With a "wasteful" PoW, miners would not attempt this as they would hemorrhage money doing that.

Withe a "useful" PoW, miners could have an outside funding source like some institute that pays for protein folding. The would not lose money in their attempt to produce a minority chain (in proportion to the "usefulness" of their PoW)

The external reward in "useful" PoW is given to all miners, good and bad. So everyone is equally incentivized. In fact it should actually increase the participation in the network, e.g. those who don't care about cryptocurrency but are interested in the "useful" problem being solved.

The external reward by itself provides no competitive advantage. It reduces everyone's costs by the same amount. Rewriting history still remains difficult.

So what am I missing here?

Rewriting history needs to be expensive, not just difficult. If you decrease the cost of writing history, you decrease the penalty of participating in a minority chain.

I always understood the security of block-chains as a race between the good and the bad agents.

Both are extending their respective chains as fast as they can. A bad-agent, who wishes to double-spend has to rewrite history, and therefore has to start a few step behind the good agent. To succeed, the bad agent has to overtake the good agent.

Even if both have the same speed (i.e. 50% computational power each), the good agent will sill be a few steps ahead of the bad agent, and the system is secure. If the bad agent is faster(51%), then eventually it will overtake the good agent breaking security.

This is true even if the cost of computation is zero (e.g. the Govt. pays for all your computation cost). As long as the bad agent doesn't have 51% or more of the computational power, the system is secure.

An attacker does not have to wait in order to produce a parallel chain. He can mine his separate chain immediately after submitting the transaction.

Even with less than 50% hashrate, he is bound to find a few blocks in a row from time to time. Keep in mind that he can run the attack as often as he wants. This is why the recommendation is to wait for 6 blocks - it is very unlikely (not impossible) that somebody with a 20% hashrate ever finds 6 blocks in a row.

When an attack is successful, everybody will mine on the attackers chain - including the honest miners. The attackers chain is valid after all, it just has a different valid transaction set.

The significance of the 51% hashpower is that the attacker is guaranteed to succeed over a long-enough time horizon.

Reducing or removing the costs of mining a parallel chain (even for miners with 20% hashpower) reduces their cost to mine a parallel chain and weakens the security guarantee. If a miner can work on a side chain and get paid for protein folding at the same time, he can keep doing it without losing money on electricity. When he finally succeeds, he will also cash in the mining reward.

Ok that makes sense.

But I wonder why doesn't this problem also arise in the current Proof-of-Work system. A sufficiently well-funded group, with about 20% hash-rate can try to extend the current head of the blockchain by 6 fake blocks at every time. If they succeed, i.e. all 6 fake blocks are mined before the real network mines 6 real blocks, then they can publish their parallel chain with the fake transactions and it would be longer than the real chain.

This is equivalent to the expected number of coin tosses to get 6 consecutive heads, where the coin is heads with probability 1/5. Here, heads means that a fake block is mined before the corresponding real block is mined. This number is less than 20000, which corresponds to about 6 months of time. This is expensive, but not infeasible. They just need to remain solvent until they succeed and then easily cover the costs.

Yup, this is indeed a weakness of the current PoW system.

People often misunderstand it to be completely secure if no attacker has more than 50% hashrate.

In reality (and as described in the whitepaper), the 51% limit is described as the state where no number of confirmations is sufficient.

If an attacker has less than 50% hashpower, you can plug in some numbers like hashpower and cost of attack and come up with a number of confirmations that is likely to be secure.

It seems to me that even in the PoW is useful, then both the honest and the dishonest miners will be able to get outside funding (from the perspective of the research institute after all, they are doing the same task). So the opportunity cost for dishonest mining is exactly the same - you miss out on the block reward more often.

If you had 10% of the network the odds of that would be only 1/100K right? Or is that not how this works?

If you use a money with an issuance scheme that doesn't derive from pure costs (useless things like hashing), the underlying incentives of that money will seed its own destruction.

What happens if you have a coin based on "useful work" and you "solve" the problem you were hoping to solve. Now a lot of "miners" leave the network, presumably because they were only there to help solve that particular problem. Now you have a weak system, and a system subject to 51% attacks by adversarial miners, and therefore not a good money/coin.

I don't see how HN commenters (in large part) don't get this. It's the Single-responsibility Principle, just in a different context.

There's plenty of usefull work that we won't run out of.

SAT solving is the prime candidate, because we have A LOT of NP hard problems in our day to day lives.

Weather simulations are another one, drug research is another one.

For the latter I'd argue that if we're at a point where we've erredicated all disease, we've also transcended as a society to a point where money has become obsolete.

This is besides the point, and the parent didn't quite explain it correctly.

If there is no opportunity cost for mining, there is no penalty for mining an invalid chain therefore no security.

Can you explain this in more detail or point me to something that does?

There is a penalty for producing an invalid fold. Folds are validated.

I understand that the desire for a Proof of Work to be useful is strong and that's what is the appeal for these kinds of things. You should know that everyone would be totally onboard if there were a way to keep critical cryptocoin properties AND make the computation useful. The naysayers here don't dislike folding or any other useful computations. They just have experience with the cryptocoin design elements.

There's some subtleties to how a cryptocoin works that aren't obvious and they're absolutely critical to making it work. Bitcoin can have competing chains of blocks that eventually get orphaned. And it's because there's this race condition while block solutions are propagated across the network. Eventually, after enough blocks the network agrees on which chain wins. But imagine if you could know how the next block would start - what its inputs would be. You could start solving that block now.

That would only help you if you had a novel, valid folding solution.

A miner can secretly build a blockchain that reverses transactions with little cost. He'll still get rewarded for correct protein folding.

A penalty mechanism is possible that disincentives such behavior and makes it impractical. Filecoin has such a system. But a powerful enough mining pool (China has 65% of mining power) can also do this for Bitcoin.

Yeah, just last night I was curious about any blockchain approaches that might be out there that try and do something more useful and found people trying to use SAT solving as the base. This paper in particular seemed pretty interesting and I do hope we get to a place where we can at least be working on NP hard problems while transacting on a blockchain: https://dl.acm.org/doi/abs/10.1145/3297280.3297319

Satoshi was correct to assume that the most useful work is securing the network

How is it verified? I thought the problem with doing useful work instead of normal PoW was that producing and verifying are equally hard, while Bitcoin's PoW scheme is hard to produce but easy to verify (so other miners can easily see that you've actually found the hash without doing any computations themselves).

It uses Proof-of-stake and not Proof-of-work to secure the block chain.

Additionally it has a Proof-Of-Research layer on top that reward the scientific research processing.

Each whitelisted project gets its chare of a set amount of Gridcoins that in minted and distributed to the individual contributors. The amount is currently distributed equally across whitelisted project. So more project the less will be given to a potentially fraudulent project.

How each project verify the tasks is more or less up to the project to handle. The individual Boinc project has incentives to do this as they use the result in their scientific report (falls result will be bad for them).

One solution to this problem is to have multiple crunchers do the same task and compare results, if the tasks is distributed randomly then an increase in the number of equal tasks can be used to increase confidence in the result. Eg a monte carlo simulation can be bone multiple times and the result can be compared, if it is within a given threshold. (this part is the responsibility of the individual project)

Other tasks might have hard to compute result that are easy to verify for the host similar to Prof-Of-Work on other blockchains.

More Boinc project will help to decentralize the reward, limit the risk of running out of research to do, and if one malicious project by chance get whitelisted then the impact will be limited.

The contributors contribution to each project is gathers by Oracles that compares their findings and this result is committed to the superblock.

Even if you have people doubling or tripling up the work on something useful, the end result is infinitely more useful than bruteforced hashes.

Don't forget that the usefulness of brute forced hashes is that it lets you have decentralized trust, so, you may be off by a factor of infinity.

Decentralized trust on Bitcoin is an illusion in practicality. There are trust bottlenecks all over the place when most people go to use it.

It’s ultimately a quixotic goal. So compromising a bit on mathematical decentralized trustlessness to accomplish some of the other goals of cryptocurrency while addressing the massive waste is a valid goal IMHO.

It depends on out-of-loop review of the oracles by people, to ensure they stay honest, and that new oracles are honest.

Over time, as problems come and go, I assume oracles will be added and retired, so this coin will require manual maintenance. A necessary cost of being interesting?

Folding can be and is verified, however.

I tried out Gridcoin a few years back in it's $0.05 days, its at ~$0.01 now - at the time you had to "buy in" about $100 USD to have enough collateral to work solo (stake to get credit rewards), otherwise you had to join a mining pool to just get paid your meager credits. A basic $5 cloud server cannot generate enough GRC credit to pay for itself at 5 cents.

>A basic $5 cloud server cannot generate enough GRC credit to pay for itself at 5 cents.

This is totally expected because of how the economics of mining works. If it were profitable to mine with a $5 cloud server then everybody would jump on, difficulty would increase, and it wouldn't be profitable anymore. The miners you're competing against are hobbyists with much cheaper access to compute than you, eg. they've already bought a threadripper workstation for work related purposes and they're just using the spare cycles.

> profitable

...I'd settle for "break even" and have it simply pay for itself to perform the scientific work. My personal choice is to participate in the World Community Grid and I tried everything from a cloud server to a 20-core dual E5-2660v2 (rented) and even that amount of power cannot pay for it's monthly (super cheap, $75) rental fees. A laptop with an i5-3320 (something like that) cannot even pay for it's electricity use generating GRC.

Not profitable, just break even - that's all a guy like me asks for; it's more efficient if I take cold hard cash and donate it to a comparable cause than it does to run WCG nodes and expect GRC to just cover the electricity cost, ignore the hardware. I don't want to be profitable, just have any rig pay for it's electricity use - that's it. GRC cannot even cover that spread in finances.

> profitable

Similar to what stonesweep said, some people have different economics. For example, I have an old computer sitting around. And my home heats by electricity in the winter. Therefore any time I need to heat my home it's 0 marginal cost to instead do mining (of any kind). IMO this is the real future of green efficiency, finding the places where the energy was already "spent" on a high value task, and add a low value task in the chain. Another example could be server farms could water cool and use waste heat for elec generation, low temp plastic melting, or residential hot water...

I've been trying to bring attention to this project for years. It directly addresses the whole "proof of work is proof of waste" problem. Some of my earliest submissions to HN were about GridCoin, and they largely went compeletely ignored, glad to finally see it on the front page. At least with BOINC you end up with something more worthwhile than just bruteforcing hashes.

If you use a money with an issuance scheme that doesn't derive from pure costs (useless things like hashing), the underlying incentives of that money will seed its own destruction.

What happens if you have a coin based on "useful work" and you "solve" the problem you were hoping to solve. Now a lot of "miners" leave the network, presumably because they were only there to help solve that particular problem. Now you have a weak system, and a system subject to 51% attacks by adversarial miners, and therefore not a good money/coin.

I don't see how HN commenters (in large part) don't get this. It's the Single-responsibility Principle, just in a different context.

Considering the number of supercomputers that have been constructed since the days of ENIAC, I don't think we'll be running out of scientific computing problems any time soon. And if we somehow do manage to run out of computing problems, then I guess we've already succeeded.

But can you change the task underlying your cryptocurrency without breaking the network?

If the network has been designed for this in the first place – why shouldn't you be able to?

With Gridcoin you can participate in a number of eligible BOINC projects [1] and get rewards for computing on any of them. The network can add or remove projects.

[1]: https://gridcoin.ddns.net/pages/project-list.php

I'm wondering why you think supercomputers are actually built for. Besides that, the type of computational problems that are submitted to and that BOINC helps solving are different to those that a supercomputer solves. The former (known as High Throughput Computing, HTC) is concerned mainly -- as the name suggests -- with throughput, while the latter (High Performance Computing, HPC) with speed/latency.

There is a reason why Cloud providers do not yet have "real" HPC offerings (i.e., performance-wise), even though with all the marketing they do to appear otherwise..

Sorry I didn't specify. There's still plenty of demand for HTC:


Same, I even bought some back in... 2014 I think?

I'm yet ambivalent on if it's a factor on why it hasn't been able to attract serious attention, but I've heard the argument that doing calculations that have external value outside of PoW breaks the incentive mechanisms.

To me, merge mining on Bitcoin[0] and MEV on Ethereum[1] are evidence against that argument, since we already have those forces in play today. So Gridcoins concept should work.

[0]: https://blog.bitmex.com/the-growth-of-bitcoin-merge-mining/

[1]: https://arxiv.org/abs/1904.05234

How can regulations can make alternative, less climate-harming projects such as this more attractive over bitcoin? Would crypto-currency income taxes or perhaps data center laws (similar to cyber-crime laws) be a useful tool? Or would that only favor lightning networks/PoS and those not declaring earnings.

Your aim is off, bitcoin using energy is fine just like any other use of energy is fine, part of the free market of ebergy. It’s production of energy from fossil fuels that isn’t fine.

I don't think that's really true. There are plenty of cases where we can decide collectively as a society that a thing is valuable or not-valuable and intentionally set a particular price for it. As an obvious example, no one would argue that hospitals in Texas should have been paying the "market rate" for electricity last week, and conversely, it would have been a scandal if someone had been mining bitcoin on the Texas grid, no matter what price they were paying per kWh.

A similar thing happens with water, where people are asked not to use their sprinklers during a dry spell. They can _afford_ to buy a lot of water at the market rate, and raising the price might not even change that (besides being super unfair to someone else who then might struggle to afford even enough water to drink).

So yeah, I think it's fair for us to say as a society that turning electricity into heat in the form of bitcoin mining is a gigantic and unacceptable waste of a resource that we'd like to use for other things.

> we can decide collectively as a society that a thing is valuable or not-valuable and intentionally set a particular price for it

yeah, that's exactly what's happening to bitcoin for last 10 years.

> turning electricity into heat in the form of bitcoin mining is a gigantic and unacceptable waste of a resource that we'd like to use for other things

first of all, heat is a sign of inefficiency, the better bitcoin mining gets the less heat it will produce. second - it's a gigantic and unacceptable waste of resources in your opinion, personally i very much disagree and think the opposite: decentralized financial security expressed directly in terms of energy required to subvert it is the largest discovery in financial theory since the concept of money itself, it is extremely valuable.

> turning electricity into heat in the form of bitcoin mining is a gigantic and unacceptable waste of a resource that we'd like to use for other things

Hi I live in a cold place! Interestingly, bitcoin mining is an electric space heater with 100% efficiency. I could theoretically heat my home. Currently I use natural gas (which emits CO2 aka a greenhouse gas). The furnace runs at 95% efficiency I think. If my electricity can be generated with less CO2 emissions than my furnace via nuclear, solar, wind, then it would be quite desirable wouldn't it? Would it be fair to say electric heaters are a giant unacceptable waste of compute?

> Interestingly, bitcoin mining is an electric space heater with 100% efficiency.

Technically you can get greater than 100% with electric heat pumps. But you're correct if you're marginally comparing just a space heater with/or without a CPU inside it.

A fair point, but in reality almost all of the Bitcoin heat is vented to the environment— no one is seriously capturing it for reuse at this point.

Also important to note that resistance heating ("100%") is in fact not the most efficient way to use electricity for warming a space. The most efficient is with a heat pump, where you're actually moving the heat from outside to inside.

This is an excellent point IMO. Unregulated central institutions (such as currency) lead to anarchy, in which public interest is not aligned with benefits. For example, pure Bitcoin serves only Bitcoin, with disregard for laws about, say, money laundering. If you can find a way to make it work for you, great — but that will only align with the public good by chance.

GridCoin seems like an attempt to mitigate that with internal regulation — it seems like the assumption is that GridCoin commits to proof-of-work tasks that are publicly beneficial.

We need to stop trying to shoehorn the state into places where it doesn't fit or belong.

I can't think of anythink more suitable for state intervention than solving the coordination problem to ensure the continued habitability of planet Earth.

Oh heck yeah. Climate justice is the issue of our age. I'm not saying not to take it seriously (few are anymore, right?).

However, choosing a PoW algorithm is unrelated to this task (and also risks giving cosmetic satisfaction while solving nothing).

Continued habitability of planet Earth is made dramatically more likely by supplanting monetary systems which:

* encourage people to treat money like a hot potato, better swapped for cheap plastic crap

* Make wars (the absolutely King Kong of carbon emission among human activities) much less expensive at the margins by slushily funding industrial complexes.

Regulation worked for the ozone hole and river pollution. Nothing else did.

So let's crack the fuck down on externalities of power generation and consumption. Ban fossil fuels on an aggressive timeframe. Make car-free cities everywhere. Stop all wars right now today.

But those things are orthogonal (and not even adjacent) to selecting an algorithm for PoW consensus.

I also want to caution against circlejerking over clean water and ozone restoration. Things on a global scale are still pretty dire; the solution is ahead of us, not behind, and it's not clear what it will be.

Not to be that guy but did anyone read the 2 sentence wiki?

"Gridcoin attempts to address and ease the environmental energy impact of cryptocurrency mining through its proof-of-research and proof-of-stake protocols"

Feels like a quarter of the comments are complaining about PoW ...

Because it doesn’t ‘address’ any of that. It’ vanilla PoS. Still a good idea for other reasons.

So what's the point of complaining about PoW as if Gridcoin used that when literally 1 of the 2 sentences in the wiki says it uses PoS?

Does anyone still own this? It came out awhile back and Bittrex dropped it in like 2018.

A lot of people are still running BOINC and getting Gridcoins in return. The difficulty of staking has increased a lot since 2018.

This seems like a great way to get fools to trade something valuable (the electricity they pay for to run arbitrary computation) for something worthless (a new crypto currency).

If you think of electricity as fuel for computers, similar to fuel for a semi, then this scheme seems analogous to an attempt to get truck drivers to drive your stuff to it's destination at their upfront cost in exchange for an IOU that has no backing.

Whenever a new coin shows up, the only interesting question is whether it’s a scam, a joke, or an earnest yet ridiculous attempt to solve a problem that blockchains in no way solve.

New? Gridcoin has been around since 2013.

I actually emailed someone at BOINC in July 2015 regarding exactly this, I see the paper came out in December 2015 with the idea. Glad to see it finally becoming a reality.

Gridcoin was launched on October 16, 2013 https://gridcoin.us/wiki/

The whole point of Bitcoin is that attacking it is costly... don’t fall prey to these cash grab pump and dump projects. Buy Bitcoin or monero.

This is one of my favorite cryptocurrencies. The process of solving a real world problem is very useful in the long run.

Well, one area that Gridcoin isn't / hasn't been availed for is the fact that it (like folding@home) has projects that helped do research on COVID. Although folding@home didn't provide any monetary reward - at least Rosetta@home is a supported GRC project. Obviously the token price would need to be higher to make the break even cost of the servers & mining feasible, but it is a neat project.

Url changed from https://en.wikipedia.org/wiki/Gridcoin, which has almost no information.

Applications are open for YC Summer 2021

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact