Posting this mainly because I hate how shit reddit has become and it’s a good thing we’re migrating here. Some good information is stuck there, however.

The original question: Can anyone explain “shares”¿ …how does pool operator know that I really tried to mine the coin

Answer, from reddit user _nak: Sure. I’ll make sure to prime you on the basics and then it’ll fall into place.

We need to be aware what a block is: A block is a list of transactions paired with a hash. That hash is calculated based on the byte value of those transactions, plus some additional “stuff” the miner throws in there. One of the reason there is additional “stuff” in there, is because a hashing function will always generate the same output for the same input, so if there were only one transaction and you couldn’t put additional stuff, you could only generate one hash and there would be no mining going on. Now what that stuff is, is largely dependent on the miner. Everyone throws random garbage together with the transaction data into their hashing function and looks at the so called quality of the resulting hash. This quality needs to be above the so called difficulty. If your hash is high enough in quality, you broadcast it to the network and every node validates it, then puts those transactions, the stuff and the hash together as the new block.

That’s the basics right there. Now we’ll look at stuff. If you’re mining on a pool, then that stuff is only partially controlled by you. In fact, even the transactions that get put into your attempt of making a block is dictated to you by the pool. That’s the so called block template. A pool sends you the template, containing a bunch of transactions and part of the stuff, you then add the rest of the stuff to your liking and run your hashing function.

Now you will almost never find a hash of high enough quality so that you can make the next block, but all your hashes can still be verified in the sense that anyone can look at your chosen transactions, your stuff and your hash and validate that the latter is a result of hashing the former. So you can prove that you did work. That’s where the name comes from, by the way, Proof of Work. We’ll call low-quality hashes “block attempts” for convenience.

Obviously if you would send all of your block attempts to the pool and they could then validate it and know that you did hash it, but the issue is that validating it means repeating the hashing, so they would have to do all your work again - useless. The good thing is just that we can look at the quality of your block attempt and estimate how many hashes you had to try to get a block attempt of this specific quality.

Quick example: If I tell you to roll a die until you get a 6, I know that it will take you, on average, roughly six attempts to do so. So if you show me the result of your latest roll and it’s a 6, I can reasonably assume that you rolled that die six times. That means that you only need to show a pool a couple of hashes for the pool to know how many hashes you calculated in total. What hashes you show to the pool depends on the custom difficulty. On some pools it’s 100k, on others it’s “vardiff” and adjusts with your hash rate, but the idea is that the pool only needs to repeat a tiny fraction of your work to validate all of it.

So, a share is a block attempt with high enough quality to satisfy what you and the pool agreed on, but it’s not high quality enough to become a block - most of the time; and if it is, the payout goes into the pool’s wallet, because they gave you the template, remember?, and named themself the recipient in it. So the pool gets the funds and the pool knows how many hashes everyone contributed and pays everyone accordingly. Or runs of with the funds because nobody can force them to pay you.

If you want me to explain p2pool shares and how that avoids pool operators from running off with your money, but still make sure that no miner can run off with a block they found, let me know. It’s similar in terminology, but works quite differently. I just don’t want to add another four paragraphs to this looooong comment without the need for it.

Edit: p2pool explanation

The most important difference is that p2pool is not in control of the block template. That means that the miner has full control over what transactions to include and what stuff to throw in the mix, so the “pool operator” is not getting the block reward send to his wallet. Now, with full control over the block template, how does p2pool make sure that all miners don’t just pretend to be mining on p2pool, sending the failed block attempts to the pool and broadcasting their successfully found blocks to the network? Because in order for their failed block attempts to count for p2pool and be put into the PPLNS window, their block attempt needs to include every single miner that currently has a share in the window. And since you can’t change a block attempt after it has been hashed, and the recipients of the reward must be included in the transactions before it’s hashed, p2pool and everyone on it can immediately see if you tried to scam them and will decline any block that either doesn’t list everyone in the PPLNS window or where the hash doesn’t match the block. Now, why does that work, exactly? Because of how the so called coinbase transaction works. (Note that it’s a technical term and not related to the exchange). The coinbase transaction is a special transaction included in every block that comes with no sender and the miner can write his own address as the recipient. That’s how XMR is generated, that’s where the reward comes from. A solo miner would put his own address, a pool miner would be forced through the template to put the pool operator’s address and on p2pool? XMR allows multiple recipients per transaction, and that includes the coinbase transaction, so a p2pool miner writes everyone with a share in the window into the coinbase transaction before hashing. So, once the block is hashed, everyone gets paid by the blockchain itself, nobody can run away with the funds. And as to shares, they’re similar to any other pool, except that it’s publicly being kept track of, instead of being stored privately by the pool operator, and that keeping track happens with the side chains: p2pool, p2pool mini or an side chain set up by anyone who wants to. Now, the PPLNS share window of 2160 shares is nothing but the latest 2160 blocks on the side chain and that’s how everyone knows whom to include. And the p2pool side chains behave just like other blockchains, distributed ledger, difficulty increases as network hash rate increases and vice versa, the only real difference is that the side chain itself cannot generate XMR (only the main chain can) and that transactions included in a side chain block neither move funds, nor are they removed from the global transaction pool*, because only transactions that make it into a main chain block are actually being carried out by the main network. Honestly, it’s so simple and elegant I can’t get over it. When I learned about all this, I kept going “oh, of COURSE”, because it just makes so much sense. *transaction pool being the technical term for where your transactions go before they are mined into a block. It’s part of the protocol and just unfortunately also called “pool”, just as mining pools are.

  • tusker@monero.town
    link
    fedilink
    arrow-up
    2
    ·
    5 months ago

    Good info. Anyone with significant amount of hashrate should only be solo mining or using p2pool. The centralized pool operators could be skimming 5% and you would never really be able to know.

    • aldalire@lemmy.dbzer0.comOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      5 months ago

      Isn’t p2pool pplns as well? How is it different

      Edit: went back to the reddit post and the guy actually explains it. I’ll edit the post to include this :)