Happy Pi Day! This pi day in particular is a rarity. If you express the date in the American format, it creates a properly rounded value of pi this year, 3.14.16. Not only should everyone eat a pie of their choice, but anyone with a Raspberry Pi project, no matter how simple, should post a picture of it. So go ahead — #ShowUsYourPi.
My Pi project isn’t much of a hardware project, since hardware has never really been my thing. My project is an exploration into a question of scale. Is it possible to provide proof of work chains inexpensively without involving a cryptocurrency or a giant hashing farm? Yes, some are massive: just do a google image search on bitcoin mine.
So for minimal size I went with a Raspberry Pi. It is easy to integrate this relatively cheap device with my current skillset since I wanted to answer questions first and foremowst. However, it wasn’t all based on preexisting knowledge: I did have to learn how to make that top doohickey work with my program. It’s a YubiKey Neo, and it looks, smells, and acts (with some prodding) like a PKCS #11 smartcard when configured to do so.
The Test Subject
My test subject was to try and add a proof of work layer on top of a Git repository. Somehow. My solution was to poll the git repositories of interest and then get a hash of a tab separated text file, and use that as the payload. I didn’t need any fancy cryptocurrencies or scripting language because all I was looking for was a digital notary setup.
The block header was incredibly simple: previous hash, payload hash, nonce, self reported time. I also included a signature from my YubiKey and a recording of the public half of that key in the header. And it ran at an amazing 1.45 hashes per second. I wrote the miner single threaded, so it improves to 1.49 hashes per second on a Mac Pro.
For fun I pointed it at a number of Bitcoin and Ethereum related repositories on Github. Whenever I found a block I polled their branches and updated the payload to reflect this new head value. Here’s an example of one block where I found two changing repos at the same time:
Payload Change — block 369 – 332426 nonces — at Mar 9, 2016 2:05:57 PM
-> c8d2473e6cb042e7275a10c49d3f6a4a91bf0166 git://github.com/bitcoinclassic/bitcoinclassic.git develop
The rest of the log is stored as a gist on github. But unless you have reason to concern yourself with the meaning of the content this was the most exciting piece of data. Trust me.
Once I had the system ready I let it churn for a week until my SD card had an unfortunate run-in with daylight savings time. I’m not sure if it was DST that brought the ship down, but that was the last time it tried to write blocks to the card and I couldn’t recover the blocks I hadn’t hand copied to my development system.
Proof of work alone does not make a blockchain. My setup had a single source of truth for the chain. When that single source of truth went down so did all of the records and all of the security my Yubikey was providing.
It provided a window in which someone could have hijacked the system and wrote fake blocks. So the last day of readings would be suspect. But the blocks older than that were not impacted.
If my setup were more involved and included multiple miners and a gossip network for the transmission of blocks it would have been more resistant. I was also subject to the risk of power outages, Comcast outages, and children tripping on plugs outages.
For a proof of work to be a block chain there must be some network of consumers or miners sharing and building the chain. Otherwise a proof of work chain is just a cryptographically protected WORM log (write once, read many). Those things do have value, but they are not blockchains.
I’ll be writing about this more in the future. But my instinct tells me that proof of work chains (whether proper blockchains or not), properly limited in hashing power, have a great deal of potential in non-financial uses. When I say non-financial uses I mean that the payload is not directly a financial instrument or ledger of some sort but is something else. It may be tokens for digital ownership of something like in-game purchases. It may be a digital notary that people can use for proof of existence. It can also be write-once-read-many log files, to provide an tamper evident audit trail.
But unless you have a time machine (not one made of LEGO bricks, but an actual time machine) a fully compromised system would only produce a fraudulent blockchain in about as much time as it took to generate that portion of the log and all subsequent logs after it. The proof of work provides a separate mechanical witness of time that even a single party in isolation can set up.