20220518, 23:25  #23 
If I May
"Chris Halsall"
Sep 2002
Barbados
2^{5}×331 Posts 
For those who are serious, this is what is known as the Scientific Method.
A bit like a game of Rugby, where you try to disable your opponent on the field, and then you laugh about it while you buy each other beers and laugh about it after the game. Or, a bit like a game of Go, where everything is fun and games until someone loses an eye... Perhaps. But, clearly not today. 
20220527, 15:43  #24  
Feb 2022
2^{4}·3 Posts 
Quote:
The whitepaper is here (https://fact0rn.io/FACT0RN_whitepaper.pdf). Does this count as a contribution? @chalsall 

20220527, 16:59  #25  
Apr 2020
1456_{8} Posts 
Quote:
1. For the sizes that you're interested in, what increase in bitlength corresponds to a doubling of the factoring effort required? (Hint: it's nowhere near 64 bits.) 2. Just how common are what you call "strong semiprimes", or base2 brilliant numbers as they are otherwise known? (Hint: they're probably rarer than you think. With your interval sizes, most intervals won't contain one.) Can these issues be sorted out? Of course. They just don't inspire confidence. Last fiddled with by charybdis on 20220527 at 16:59 

20220527, 17:06  #26 
6809 > 6502
"""""""""""""""""""
Aug 2003
101×103 Posts
10100110001111_{2} Posts 

20220527, 19:07  #27  
Feb 2022
2^{4}×3 Posts 
Quote:
What you, Sir, seem to understand is that the reward function should grow exactly like this. What you fail to understand is that there is a whole other area of study called economics that plays into this. It is not just theoretical math  you know, an interdisciplinary thing. Go tell bitcoin their reward function should scale with the difficulty of hashing...see how that goes. Or any other PoW blockchain for that matter. I defined what "strong semiprime" means exactly for this reason. To avoid confusion, then again, reading the actual whitepaper might help. Who knows? Please, do indicate how these issues can be sorted out. I am interested. Incidentally, starting the response with "I know next to nothing about blockchain, but" I thought was funny. Your observations are very much welcomed nonetheless. @Unwilly, there is no winning, uhm... I mean contributing, with you. Last fiddled with by factorn on 20220527 at 19:09 Reason: Fix spacing. 

20220527, 20:14  #28  
Apr 2020
32E_{16} Posts 
Quote:
I understand that there is more than just mathematics involved here, but this is what's confusing me: Quote:
FWIW, difficulty doubles roughly every 1718 bits for numbers with degree 5 GNFS polynomials, i.e. about 360720 bits. Also: Quote:
**clearly whoever decided to use this word in this context wasn't British. I'm reminded of when the dreadful Last Airbender movie became an accidental comedy in the UK. 

20220527, 20:25  #29 
"Carlos Pinho"
Oct 2011
Milton Keynes, UK
2·3^{2}·281 Posts 
Regarding the white paper:
1) You call figure (1) to a table and figure (2) to an equation. 2) Please define what's a table, a figure and an equation. 
20220527, 20:55  #30  
Feb 2022
110000_{2} Posts 
Quote:
I think it is far more productive for everyone reading to explain two general concepts associated with PoW blockchains than it is to answer your questions directly...because the answers might raise more questions still. There is a "thing", it just a number, that is called the difficulty level. I say a "thing" because its meaning may change across blockchains, but it is just a number. In our case, that is the number of digits a strong semiprime must have for the blockchain to accept it as valid for solving a block. This "thing" updates every 672 blocks on FACT0RN  the 672 to be explained later. If the mining is "fast", it will go up and make it harder to factor. If the mining is slow, it will lower it and make it easier to factor. In the FACT0RN blockchain the starting difficulty level was 230 bits, and as of right now it is 253bits. It has gone up 23 digits since launch date: 4/20/2022. (Yes, because 420 and memes.) What determines whether it will go up or down? There is a "thing", called the 'target block time', which is just a number. The blockchain takes this 'target block time' number and computes the average time it took to solve a block for the past 672 blocks  let's call this quatinty avg_solve. In FACT0RN, if avg_solve < 28 minutes the difficulty goes up by 1 binary digit, and if avg_solve > 31 minutes it goes down by 1 binary digit. The target block time is between 2831 minutes per block. The actual target is 30 minutes. Heuristically the above setting should get us close to that. There might be something better. Would be good to know. Research area. Turns out the hardest part is not factoring....its finding what to factor....but the cheapest way to do it is to factor everything until you find a strong semiprime. Lots of good opportunities for mathematical improvements with sieving in this area. Bitcoin, and every PoW, do this. Their "difficulty level" number means something different, but the idea is the same. The update happens roughly every two weeks, with a 30 minutes 'target block time', that is 672 blocks. Two weeks because that is how bitcoin and every PoW chain does it, so I follow what has worked for everyone else. The opportunity cost part, and bitcoin, takes awhile to explain. I am skipping that one for now. On the ECM thing....yes, you are technically correct. The best kind of correct. Out here, in the real world however, things have to work and an approximation will do, even a bad approximation. Also, given the reason the blockchain uses this it only matters that the function is strictly monotonically increasing and the derivative be somewhere in the vicinity of marginal factoring cost any exponential or subexponential function will do really. This function is used to measure the work done for every block....its call a blockchain because there are tonnes of blocks connected together and because there can be many chains....how does the system choose the 'true" chain from all them?...well, imagine a partially order set that is also a Directed Acyclic Graph (DAG)...the blockchain takes the chain along the path in the DAG that has the highest cumulative work...add up all the measures of work for every block along that path...that becomes the "blockchain". I hope this clears up stuff. Do let me know if you have any more questions. Last fiddled with by factorn on 20220527 at 21:09 Reason: Fix spacing. 

20220527, 21:03  #31 
Feb 2022
30_{16} Posts 

20220527, 21:12  #32 
If I May
"Chris Halsall"
Sep 2002
Barbados
2^{5}×331 Posts 
It does.
I have skimmed your paper twice now. It is formatted very professionally. Is that produced by LaTeX? I have nowhere near the level of number theory needed to critique your paper in that domain. I will leave that to the able hands of others here. I understand the theory of CC; I have thought about it a lot. And, my opinion is that ***no*** PoWbased cryptocurrency (CC) can scale. Not even if can somehow be used to "help researchers by finding factors...". Proof of Stake (PoS) /might/ be workable... But even then you risk the 51% attack... And one step back from that we're back to fiat. A few questions for you on your paper... 1. Why do you include a "Tip Jar Address" at the bottom of page 2? 2. Do You have a thought as to how many transactions per hour your proposed system would be able to support? 2.1. This, of course, will be a function of how many "miners" are in the swarm. I do sincerely thank you for sticking with this. It shows character and resolve. Never be afraid to stand alone. But always be ready to admit when one is wrong. 
20220527, 21:33  #33 
Apr 2020
2×11×37 Posts 
Thanks factorn, you've cleared up a lot of things. The one thing that still bugs me a bit is how strict you made the definition of "strong semiprime", as in practice it means many (often >100) QS/NFS jobs per block, with the associated geometric distribution and its long tail. Don't see what would be wrong with loosening it to, say, the lengths being within 20% or even 50% of each other. Sieve algorithms will still be much better than ECM. You wouldn't have to worry about that evenodd 60to40 parity issue either. (22ln(2) to 2ln(2)1 in the limit, I guess 6040 is more readerfriendly haha)
Addressing some of the things mentioned earlier in this thread: given the ubiquity of RSA, there are huge practical and moral issues associated with publishing a new fasterthanNFS factoring algorithm. Anyone who finds one would have to be extremely careful to avoid criminals taking advantage of it before everyone who uses RSA can increase their key sizes as necessary. In particular, putting one on arXiv one day without any prior announcement would be an extremely bad idea! Anyone who finds one is in a bit of a sticky situation: don't alert the US government and you probably find yourself under investigation, alert the US government and you probably still find yourself under investigation... 
Thread Tools  
Similar Threads  
Thread  Thread Starter  Forum  Replies  Last Post 
Why integer factorization is in P/FP?  tetramur  Factoring  4  20190123 20:51 
Integer factorization?  bearnol2  Information & Answers  7  20101209 02:50 
Integer factorization with q < 2p  mgb  Math  36  20091107 15:59 
Integer Factorization  mgb  Math  16  20071217 10:43 
Integer Factorization 2  mgb  Math  5  20070723 12:55 