Proof-of-space (PoSpace), also called proof-of-capacity (PoC), is a means of showing that one has a legitimate interest in a service (such as sending an email) by allocating a non-trivial amount of memory or disk space to solve a challenge presented by the service provider. The concept was formulated by Dziembowski et al.
in 2015. Proofs of space are very similar to proofs of work, except that instead of computation, storage is used. Proof-of-space is related to, but also considerably different from, memory-hard functions and proofs of retrievability. (The work of is titled proof-of-space, but is in fact a memory-hard proof-of-work.)
After the release of Bitcoin, alternatives to its PoW mining mechanism were researched and PoSpace was studied in the context of cryptocurrencies. Proofs of space are seen a fairer and greener alternative due to the general-purpose nature of storage the lower energy cost required by storage. Several theoretical and practical implementations of PoSpace have been released and discussed, such as SpaceMint and Burstcoin.
A proof-of-space is a piece of data that a prover sends to a verifier to prove that the prover has reserved a certain amount of space. For practicality, the verification process needs to be efficient, namely, consumes a small amount of space and time. For soundness, it should be hard for the prover to pass the verification if it does not actually reserve the claimed amount of space. One way of implementing PoSpace is by using hard-to-pebble graphs
. The verifier asks the prover to build a labeling of a hard-to-pebble graph. The prover commits to the labeling. The verifier then asks the prover to open several random locations in the commitment.
Proofs of space could be used as an alternative to proofs of work in the traditional client puzzle applications such as anti-spam measures and denial of service attack prevention. Proof-of-Space has also been used for malware detection, by determining whether the L1 cache of a processor is empty (e.g., has enough space to evaluate the PoSpace routine without cache misses) or contains a routine that resisted being evicted .
PoSpace has been used in the Burstcoin cryptocurrency founded in August 2014. Burstcoin claims to have a green algorithm that favors smaller miners by design, making transaction costs cheaper and the network more decentralized.
In 2015, a paper proposed a cryptocurrency called SpaceMint . It attempts to solve some of the practical design problems associated with the pebbling-based PoSpace schemes. In using PoSpace for decentralized cryptocurrency, the protocol has to be adapted to work in a non-interactive protocol since each individual in the network has to behave as a verifier. The SpaceMint of SpaceCoin also explained their process of designing the source of the puzzle challenge for their PoSpace cryptocurrency. The simplest solution is to assume an unpredictable beacon which broadcasts a random value every minute. The next step is to replace the beacon with a value derived from the blockchain's previous block. That leaves the problem of miners mining on low quality chains without being penalized. A solution is to make it so the value is not derived from the previous block but from a block at a certain depth in the blockchain. There is also a more complicated approach of having miners ask other miners to provide a challenge. This solution is inspired by Proof-of-Stake mechanisms, and miners who provide a challenge would get a cut of the block reward. The inventors of SpaceMint also address some problems called the "nothing-at-stake" problems. This is because of the cheaper mining costs of mining with proof-of-space. Malicious users can try to take advantage of this by mining on multiple chains or trying multiple blocks per chain. When miners mine on multiple chains simultaneously it takes longer to achieve consensus and might enable double-spending attacks. SpaceMint tries to avoid this problem by including a punishment transaction that includes a proof of the misbehaviour of a specific miner. The punishment transaction removes some amount of money from the malicious miner and transfers a portion to the publisher of the transaction as a reward for catching the perpetrator. The authors of Spacemint evaluated their cryptocurrency through game theory, which could also be used to analyse other cryptocurrencies. The objective is to model the network as being a game (in this case an extensive game with chance) and the miners as the participants and verify that it has strong equilibrium properties and that the best strategy for miners is to behave according to the rules.