What is a midstate? How does using a midstate speed up hashing?

1

People often talk about SHA256 like it's a single operation, but it isn't. Rather, the input is broken up into 64-byte chunks, and then each chunk is put into a compression function. The state of the hash partway through hashing something does not depend on future parts of the data. Since the nonce is found in the second chunk, changing the nonce doesn't change the the state of the hash function after hashing the first chunk.

This is useful in other applications. For example, if you're hashing a large file, it means that you can hash it without loading the entire file into memory at once or loading it from disk multiple times.

The practical consequence of this for Bitcoin miners is that 99.99999998% of the time, you only need 2 iterations of the SHA256 compression function to check a possible block solution, instead of 3. In other words, you can mine 50% faster. Of course, since everyone else does this, that just means that the difficulty is higher for...

0 0
2

I think Satoshi was not aware that the hashing routine could be optimized by the use of a midstate when he first created bitcoin.

If you look here, you can see that the first version of bitcoin that had the midstate optimization built into the miner was version 0.3.5 (it says 0.3.6 in the post, but you can see where someone quoted him that the post first read 0.3.5). He also says that it was implemented by someone called tcatm.

Also in 0.3.6, faster hashing:

- midstate cache optimisation thanks to tcatm

Satoshi mentions tcatm again here when trying to encourage people to upgrade to 0.3.8 by telling them they will get a better hash rate.

It's possible he knew it was possible and just didn't have time to implement it, I guess we'll probably never know for certain. But Gavin Andresen gave a talk on what Satoshi didn't know, and he speculated that Satoshi wasn't a very advanced cryptographer, based on some of the decisions made in bitcoin. As such,...

0 0
3

An RPC method used by a miner to get hashing work to try to solve. It has mostly been superceded by the newer getblocktemplate mining protocol, but the data format is still often used internal to some miner structures.

Protocol

getwork is a JSON-RPC method sent over a HTTP transport. It accepts one optional parameter; if provided, this must be the "data" provided by a prior request modified to meet the server's proof-of-work requirements.

getwork without arguments provides a block header for a miner to find a solution for:

Because the data key has been preprocessed, if you have a generic SHA256 function you must first reverse the pre-processing. This is two steps:

Because getwork provides the data in little endian, and SHA256 works in big endian, for every 32-bit chunk you need to swap the byte order Chop off the SHA-2 padding; for Bitcoin, you can just take the first 80 bytes, but otherwise you can find the correct length (in bits) as the last 64...
0 0