<div dir="ltr">Ups, I forgot that you take the midstate which of course depends on the version number. So forget everything I said about the version bits. You are right. But why take the midstate? It can be any hash of the first chunk. So you probably want to take a hash function that's available in standard software libraries. And I suppose midstate() is not.<div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, May 11, 2016 at 11:28 AM, Timo Hanke <span dir="ltr"><<a href="mailto:timo.hanke@web.de" target="_blank">timo.hanke@web.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Sorry, you must have meant all 12 bytes. That makes finding a collision substantially harder. However, you may have to restrict yourself to 10 bytes because you don't know if any hardware does timestamp rolling on-chip. Also you create an incentive to mess around with the version bits instead, so you would have to fix that as well. So it basically means a new mining header with the real blockheader as a child header. </div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Wed, May 11, 2016 at 9:24 AM, Timo Hanke <span dir="ltr"><<a href="mailto:timo.hanke@web.de" target="_blank">timo.hanke@web.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Luke, do you mean to replace the first 4 bytes of the second chunk (bytes 64..67 in 0-based counting) by the XOR of those 4 bytes with the first 4 bytes of the midstate? (I assume you don't care about 12 bytes but rather those 4 bytes.)<div><br></div><div>This does not work. All it does is adding another computational step before you can check for a collision in those 4 bytes. It makes finding a collision only marginally harder.</div></div><div><div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, May 11, 2016 at 7:28 AM, Luke Dashjr via bitcoin-dev <span dir="ltr"><<a href="mailto:bitcoin-dev@lists.linuxfoundation.org" target="_blank">bitcoin-dev@lists.linuxfoundation.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Wednesday, May 11, 2016 12:20:55 PM Sergio Demian Lerner via bitcoin-dev<br>
wrote:<br>
<div><div>> On Tue, May 10, 2016 at 6:43 PM, Sergio Demian Lerner <<br>
> <a href="mailto:sergio.d.lerner@gmail.com" target="_blank">sergio.d.lerner@gmail.com</a>> wrote:<br>
> > You can find it here:<br>
> > <a href="https://bitslog.wordpress.com/2014/03/18/the-re-design-of-the-bitcoin-blo" rel="noreferrer" target="_blank">https://bitslog.wordpress.com/2014/03/18/the-re-design-of-the-bitcoin-blo</a><br>
> > ck-header/<br>
> ><br>
> > Basically, the idea is to put in the first 64 bytes a 4 byte hash of the<br>
> > second 64-byte chunk. That design also allows increased nonce space in<br>
> > the first 64 bytes.<br>
><br>
> My mistake here. I didn't recalled correctly my own idea. The idea is to<br>
> include in the second 64-byte chunk a 4-byte hash of the first chunk, not<br>
> the opposite.<br>
<br>
</div></div>What if we XOR bytes 64..76 with the first 12 bytes of the SHA2 midstate?<br>
Would that work?<br>
<br>
Luke<br>
<div><div>_______________________________________________<br>
bitcoin-dev mailing list<br>
<a href="mailto:bitcoin-dev@lists.linuxfoundation.org" target="_blank">bitcoin-dev@lists.linuxfoundation.org</a><br>
<a href="https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" rel="noreferrer" target="_blank">https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev</a><br>
</div></div></blockquote></div><br></div>
</div></div></blockquote></div><br></div>
</div></div></blockquote></div><br></div>