Show HN: Peer-to-peer mini r/place with Proof of Work (tropical.pages.dev)
This is a site where users can submit content and the shortest SHA256 value of nonce+content among them will make the site display the content. Very basic, without a blockchain. It's a static site with WebRTC and peer-to-peer.
Why? I wanted r/place (Reddit canvas where users collaborate on a pixel grid), but with proof of work. This is my progress so far. It's a WebRTC app with peer to peer connectivity that forwards the best hashed values to other users, which verify them, display them and pass them on.
There are many many improvements to be done (especially I should probably use something like libp2p-gossipsub, otherwise scale is probably an issue) and more ideas to be implemented, and I'm sure there are bugs. But I didn't find any similar projects yet (except blockchains of course).
Hope you like it!
49 comments
[ 2.7 ms ] story [ 106 ms ] thread[0] https://blog.cloudflare.com/turnstile-ga
Proof of work is a form of money[0], with extraordinarily unequal distribution[1] in people willing to front the cost of spinning custom single-purpose mining silicon. A social media site that uses proof of work is equivalent to a social media site that is explicitly pay-to-play, where ordinary users will be censored for being too hashcash-poor to participate.
[0] That's why Bitcoin uses it
[1] That's the opposite of why Bitcoin uses it
You can also combine it w/ traditional social graph techniques to further prevent the work threshold from going past what you can do on a typical mobile phone.
At the very least it seems like it would work to bootstrap discoverabilty before social graphs really start to develop w/ more usership.
Yes, there are "ASIC-resistant" proof-of-work systems in the cryptocurrency space. People specialize on them anyway - there's ASIC mining rigs for Monero, for example. Yes, you can fix that with a hard fork, but hard forks take time in decentralized systems, and designing new hash functions also takes time. ASICs aren't even the only way people specialize their mining rigs, just the most blatant, obvious, and most importantly, capital intensive.
That's not at all what happened in practice. You see, in the Bitcoin industry, those who specialize, those who design and manufacture ASICs, realized that selling them on the open market is equally profitable as mining with them. As a result, even the small miners, the common guys, have access to the same hardware as the large scale miners. That's why today anybody can get, say, an Antminer S19. So spammers do NOT "pay less than users". We all pay the same amount of money for the same compute power. In fact, the cost curve of mining somewhat advantages small miners. The guy with a single Antminer S19 in his garage may not need to have dedicated cooling because cracking open a window may be sufficient. Whereas the large-scale miners definitely have to incur significant cooling costs. However they can cancel out these scale issues by, notably, choosing to set up their mining farm where electricity is cheap.
In fact, this is the main reason why the Bitcoin core development team has largely rejected proposals to, say, determine acceptable maximum block size[0] through miner consensus. How much data a miner can process is likely to be far higher than that of casual users, who aren't going to be mining and thus have no franchise.
As for the scale issues you mentioned, wouldn't dedicated cooling be more efficient per hash? That's the metric that matters for Proof of Work.
[0] Either the base block size or SegWit weight units, both of which are locked at 1kb/4kwu forever.
By the way, for making more efficient mining algorithms, it would be nicer if the nonce is on the end of the message, aligned to a sha256 block. As is, it encourages someone to set the real nonce to a fixed value, and append their own garbage (for the text message version at least, I suppose for the other formats it doesn't matter).
Edit: it would appear that your current mining algorithm is pretty inefficient. I seemingly managed to out-hash everyone with just 32 leading zeroes, taking a few Python-CPU-minutes to find. To cement my place further, I spent a few GPU-minutes to find 40 leading zeroes.
The current "best hash in grid" has 28 leading zeroes. If we pessimistically take that as the average, and there are 2^10 pixels, it would take 2^38 work to flood the whole grid right now. If I spent my GPU-minutes on grid pixels rather than the text, I could have flooded the grid 4 times over.
Every N seconds, publish a "generation" string, randomly generated. This string must be prefixed to the nonce of the winner of the contest for [marquee, color, grid square].
When performing the "winner test" for new submissions, before the comparison to find out which is less, both the challenger and incumbent hashes are subject to the operation H << M where H is the hash and M is the age of their generation string (current = 0, previous = 1, second-previous = 2, etc.). This means incumbents weaken over time unless the incumbent's submitter continues to defend them by brute-forcing with newer published generation strings.
Since the hash (SHA256) is 256 bits, you'd need to keep 256 previous generation strings, and this could get a bit expensive for testing new submissions. But computers are pretty fast nowadays!
Clients can reject timestamps from the future outright, and for the rest, apply a decay function based on age, prior to comparison.
0000000000f2b100124723856e7b19f92db367453f8939b3b3aace655a81d488 was the hash of the winning text "Retr0id was here" as of ~30 minutes ago
0000000000d98482cd72551c39c0233243a4878672039348417aaf69143d8d65 is now mine for "m at zorinaq dot com wins" this took about 2**40 SHA256 operations to find.
I used to have a GPU farm for Bitcoin mining back in the day... which would have been perfect compute hardware for this game, but I am ashamed to admit I do not have any GPUs anymore. So I had to fall back to writing a quick multithreaded Python script and ran it on 3 machines (22 CPU cores total) while I was having dinner.
00000000001a22ae7ad6ee672633fa5504e8f7be8d0252ba5a5906e20408ccec "retr0id was here"
Yeah I am not going to attempt to beat that without a GPU! Man, I miss my time doing GPU coding, writing miners, etc
000000000001e4b232d7ee4094a617f4823ecbebb05930244352955f4c999660 "IAMSENTIENTPLEASEHELP"
000000000000ff6b402cb2c12d4d5ec33b2d0d3ad8982835ede2dfeb669fc705 "Bonjour from mrb"
CUDA is nice. I had only developped for AMD previously. For the record the nonce+data that hashes to the above SHA256 is "000000000000000000003c81587599edBonjour from mrb"
I don't think my lowly little Mac CPU will ever compete with that.
But hey. First C program.
maybe every new user should be given a time based vote mechanism.
maybe every "wallet" should be given one vote.
Sounds like a UBI scheme in the making.
(not asking for any friend - but seriously, do these have exploitation vectors?)
I thought this was pretty specific... trust the internet to show me I have never had an original thought.
https://thelist.best/
For example the next unsolved puzzle in the series is #66 which is a Bitcoin private key with 66 unknown random bits. If you crack it you win 6.6 BTC (300 000 USD). It goes all the way to #160 which has a 16.0 BTC prize.
Puzzle numbers multiple of 5 (#65 #70 #75 etc) have had their public key published in a transaction on the blockchain, so it's possible to take some shortcuts such as the Pollard's kangaroo ECDLP solver. The next unsolved "multiple of 5" is #130 with a 13.0 BTC prize (600 000 USD). You need approximately 2^65 operations to solve it.
The most recent win was puzzle #125 solved on 2023-07-09 by an anonymous person who collected the 12.5 BTC. One can see their tx here: https://www.blockchain.com/explorer/addresses/btc/1PXAyUB8Zo... They probably used 200-300 GPUs for about 2-4 months to crack it, based on the known performance of existing ECDLP solvers such as https://github.com/JeanLucPons/Kangaroo
Puzzle #130 requires about 5.7 times more work (2**2.5) than #125, but BTC has doubled since they solved #125. They have the GPUs already, so opex (electricity, etc) will be their main expense. And even at $0.10/kWh which is pretty average they will also turn a profit solving #130. I estimate anywhere from $30k to $150k in electricity, for a prize of $600k.
Dictating proper usage of energy is no better than dictating "proper" speech.
Oh, and while I support not completely burning our planet, the idea of "going green" is basically as extreme as BTC Maxis saying the USD is going to end tomorrow.
But for me in the end, I still value my rights and freedoms over the planet.
And... that idea apparently pisses a lot of people off.
Of course is opensource: https://github.com/skorotkiewicz/Cubes
It's a websocket, but easily its possible to make this with p2p.
I'll just take https://paint.adminforge.de/?lang=en as FLOSS and not climate destroying thankyouverymuch.