the proofs are in the pudding
you are looking at the first ever ehash tokens
LET'S GO BABY!
Discussion
just pushed this commit to remote, you can try it out yourself: https://github.com/vnprc/hashpool
1) install nix and devenv
2) clone the repo
3) run `devenv shell` then `devenv up`
4) ...
5) profit!
Let me know if you have any problems. You could be the first beta tester! 😀
The proof is the combination of an unblinded secret and unblinded signature from the mint. This is an ecash token. It is "proof" that the mint signed a piece of data.
In order to generate this proof I had to initialize a cashu mint on pool startup, encode the keyset (list of pubkeys the mint uses to sign with) into custom Sv2 types and send it downstream to the proxy server. The proxy server then generates a blinded secret when a share is found that exceeds the pool difficulty threshold and sends it upstream to the pool to sign. The pool validates the proof of work mining share, signs the blinded secret, and sends the signature back downstream to the proxy. The proxy receives the blinded signature, unblinds it, unblinds the secret, and combines these two pieces of data into a "proof" or an ecash token. Or in this case, an ehash token.
All of the communication of ecash structures is done with custom encodings. This was the real lift here. Lots to do still. I need to push all of the proxy cashu state into the wallet. I also need to figure out how to encode multiple keys in a keyset. I was stuck on that for a while but gave up and just pared it down to a single key to get proofs working.
SRI encodings are very confusing. They support serde and no_serde, fixed length types, and variable length types, but for some reason you can't mix and match. You can't just write a to_bytes() function either if you want it to play nice with existing messaging, which I do because I want the mining share and ecash primitives to be atomic. You have to implement all these encoding traits that are frankly hard for me follow in the code because I suck at rust. This is all expected. You gotta walk before you run. This screenshot is like baby's first steps.
Once it's working cleanly with the wallet I might try to integrate it into a real cashu mint and start generating tradable ehash tokens. I think it would be pretty rad to be able to mine up some ehash tokens and send them to people. Once people see it in their wallet they will have a much easier time understanding what I'm trying to build. It's totally a shitcoin until I build redemptions, but definitely a good marketing tool.
I love you for this. I really hope this takes off. Ecash benefits from Bitcoin, but this is how Bitcoin benefits from ecash.
This brings me so much joy. Please keep on going 🙏
Id zap and explanation that helps me understand how to understand this so that I can understand how to be excited too.
Now I'm excited.
Me too!
My scheme is a little different. The mining pool doesn't hold on to the blinded secret in my design. The pool returns the blinded signature to the miner right away. This is a new ecash asset different from bitcoin-backed ecash. It is actually backed by the proof of work share instead. It's called ehash.
Ehash tokens have basically two phases of life: the maturity period and redemption period. During the maturity period the ehash token gains a little bitcoin value each time the pool finds a block. During this period, tokens are tradable so people can speculate on them or sell for a fixed price, whatever floats your boat.
After some time, maybe a few weeks, the maturity period ends and the ehash token stops growing in value. Now it can be redeemed for actual bitcoin-backed ecash tokens, or maybe a lightning payout, or if you are a big miner you can probably afford an on-chain payment.
It's super early. All you can do right now is collect ehash tokens because I haven't coded up the maturity period or redemption period stuff yet. That's all coming. It's gonna be a little while. This stuff takes time to build.
The coolest part is that with Hashpool you not only get all the privacy benefits Calle discussed but it also creates a super efficient bitcoin futures market and a global, KYC-free bitcoin onramp. If you want to stack corn without doxxing yourself, just buy some ehash tokens and wait. You'll actually be paying the seller of the tokens to assume the risk of a lower-than-expected payout so it's a win-win. They get a steady payout and you get a privacy benefit.
Since the token isn't backed by Bitcoin, but by the PoW associated with each miner, how does the miner convert the eHash to eCash (bitcoin)?
Good question!
When the maturity period expires and the redemption period begins the pool/mint begins exchanging ehash tokens for ecash tokens backed by bitcoin. Once in the redemption window, ehash tokens can no longer be swapped for other ehash tokens, they can only be redeemed for ecash (or another payout method such as lightning or on-chain). This a limited time window so you want to dump all your ehash from this tranche for real bitcoin before they expire. When the redemption window closes the mint is no longer guaranteed to redeem them.
One way to think about it is that instead of horizontally stratified user accounts, the mining pool keeps track of vertically stratified tranches of ehash token assets. This is a fundamentally more private arrangement because the pool doesn't know or care about individual users, it's only looking at the bitcoin value of ehash tokens. Ehash can be traded in a peer-to-peer fashion through any medium, and ultimately redeemed by anyone in the world. The pool doesn't need to care about any of that.
It's like a rolling window of contracts. All ehash tokens issued in a single time period will have the same bitcoin/difficulty value as every other token in the same tranche. As time rolls on new contracts are created and old ones mature and expire. The specific valuation of each contract is variable, depending on how lucky or unlucky the pool was during that maturity period. This is what speculators will be gambling on, and the risk that some miners will pay to offload. Simulated FPPS payouts. 🤙
This is fucking fascinating.
Seems like if a pool went with this, in addition to greater privacy, individual miners would get to choose FPPS-like payouts (smoother) if they want, or some proportion between 0-100%, by selling ehash tokens on the market that forms.
Just wanna make sure I’ve got it right
You got it!
If miners want to cash out immediately they will need a taker to buy their ehash tokens. Maybe the pool will do this. This would mimic the existing mining pool industry but with better privacy. I think a more optimal solution would be for a class of professional hash traders to develop a high level of expertise at pricing this risk.
Everyone wins when markets are efficient. 🤙
Look forward to following progress. FPPS stuff, from what little I’ve heard about it, seems inefficiently priced and rather prevalent.
I don't think existing pools price hashrate poorly but the existing model creates a moral hazard that is an existential risk for all of bitcoin. Vertically integrated pools centralize block template production into the hands of a few pool operators. When a handful of people dominate the production of block templates, all of bitcoin is at risk.
Hashpool creates an economic incentive to put the pricing of hashrate and the production of block templates into the hands of other parties. This is the most important thing to fix IMO. In this model the large pools become dumb aggregators that collect hashrate, produce blocks, and feed block rewards to a bunch of small client pools. The client pools produce block templates and the free market prices hash. Every player has one job to do. Moral hazard fixed.
You prolly have a lot going on, so thanks for all the explanations. 🙏
NP! Thanks for all the questions!
But in order to get there we need a PPLNS pool with enough hashrate to regularly produce blocks. Right now nostr:nprofile1qqsq9k04vahllseell55m74n3047y88pzlr0z5yany32st29fapqmgsppemhxue69uhkummn9ekx7mp0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qgawaehxw309ahx7um5wghxy6t5vdhkjmn9wgh8xmmrd9skctc87ckyu is the only game in town. DEMAND pool is ramping up. Can't wait for those guys to launch!
It will be a tougher sell to get an existing large pool on board but I am hopeful that we can talk some sense into them. If we can get Foundry to offer PPLNS services it's game over for Antpool.
I expect a KYC PPLNS system will be essential to get a large public mining pool on board. Great news! The cashu community is already building this capability. I think we're winning. 😎🤙
Thank you for taking the time to answer my question and explain the mechanics. I'm excited to see where this goes. I think your work is going to have the potential to revolutionize the mining payout system, a lot of people are going to find a lot of value in it.
Have you already been in contact with some of the mining pool operators to get their feedback? In my experience, people are usually more open to change in what they consider their arena when they're brought in and consulted so they can perceive some small measure of ownership and control. It's basically a psychological sales technique.
I have not. It's very early and I'm busy sprinting to get a prototype working. I will keep this in mind, though!
yes sir!
Rock the hell on, nice work
just bought a couple bitaxes to try this out
BULLISH AF
Damnnnnn it’s here already!!!! 🩷🩷🩷🩷
This is the easy part. Redemption will be a lot harder.
Wow!
Wow I saw your talk at TABCONF congrats!!!
Does this mean someone could basically make a clone of nice hash with no accounts and potentially allow the user to select usd, btc, xmr, etc for payout?
> Does this mean someone could basically make a clone of nice hash with no accounts
Yes. I want to make it self-hostable so that anyone with an umbrel or start9 can offer a similar service to Nicehash.
It's a different architecture, though. Nicehash reroutes hashrate through a proxy. In order to "trade" hashrate you are basically redirecting the firehose in real time. This process is kind of messy and error-prone. Not very efficient. Hashpool consumes the hashrate and generates tokens that can be traded in a much more lightweight fashion. It's a much simpler and more scalable architecture that should hopefully lead to much more efficient hashrate markets.
> and potentially allow the user to select usd, btc, xmr, etc for payout?
You'll need a third party to offer money exchange services. Or you could self-host that too but I'm not aware of a software stack that can do that out of the box.
Someone should build it.
I just read ebash 😅
#linux
Looks sexy m8