The general idea of reusing proof-of-work such that the computational effort invested may also serve to verify a separate computation was first introduced by Jakobsson and Juels under the term bread pudding protocols in 1999. The selected terminology points towards the main idea of the scheme: reuse computation by-products to minimize wasted resources. In the context of proof-of-work, this means to recycle unused or stale computations and utilize them as proof-of-work for other tasks.
It is, however, necessary to differentiate between the concept of reusing the properties of the performed proof-of-work in a self-contained manner and without modification thereof, and approaches which introduce new proof-of-work algorithms capable of fulfilling tasks other than securing consensus in a permissionless system. We shall refer to the latter concept as proof-of-work re-purposing.
In three separate articles, we will take a closer look how the idea of proof-of-work reusing is applied to PoW cryptocurrencies by the concepts of:
- Merged mining (read article)
- Subchains (read article)
- and the decentralized mining pool P2Pool (read article)
The idea of utilizing the resource intensive computations of PoW for more “useful” application has been a topic of active research in the past years. Thereby, the proof-of-work mechanism is adapted to serve more purposes than leveraging consensus in the respective blockchain/system.
A first approach was introduced by Dwork and Naor, who proposed a scheme for combating junk mail in 1992 by requiring the sender of a message to provide a proof-of-work solution as attachment. Hashcash, first described in 1997 and further extended in 2002 followed a similar motivation when introducing the idea of hash based proof-of-work. Juels
et. al. apply the concept of proof-of-work as mitigation for denial-of-service attacks.
A further approach to re-purpose proof-of-work was introduced in the RPOW project by Finney in 2004, aiming at allowing third parties to remotely verify what programs are running on the server hosting RPOW. The RPOW prototype was planned to be the first of a series of so called Transparent Servers, which publish their source code for review and are able to prove they are running the program built from the published code. More recently, Permacoin and its extension Retricoin introduced the idea of re-purposing proof-of-work for data preservation. Thereby, the proof-of-work mining process as known from Bitcoin is replaced by so called proofs-of-retrievability, where miners are required prove to the network that they are storing some large amount of data. A further interesting approach is presented in Primecoin where the search and discovery of long sequences of prime numbers is used as proof-of-work, although the economic applicability may appear less valuable when compared to other concepts.
Repurposing of proof-of-work differs from proof-of-work reusing in terms of the modification of the underlying proof-of-work itself. While PoW reusing approaches aim at reusing proof-of-work in a self-contained manner without changing the underlying mechanism, repurposing concepts ultimately represent new proof-of-work mechanisms.
(Disclaimer: The text in this article is an edited excerpt from my Thesis: “Merged Mining: Analysis and Implications”, A. Zamyatin, MSc Thesis, TU Wien, 2017, PDF available here)