Cool project but... This is an egregious misrepresentation of the actual results both from significance perspective and accuracy perspective.
A. No validation is done on server side to confirm the workers are reporting correct results.
B. Increasing the limit by less than a thousandth of a percent does not make this a "world record"! If we go by that logic, I only have to validate one more example than you and claim a world record. And then you'd do the same. And then I'd do the same and we'll be playing "world record" ping pong all day!
But "B" isn't the big problem here because we have worse problems "A"! Nobody (not even the OP) can tell if the results are accurate!
No, I'm not simply dissing at a Show HN post. There are many comments here that explain these problems much better than I could.
"No one has proven it mathematically up until now" is bad grammar in relation to the intended meaning. This idiom of English conveys the meaning "it has now been proven mathematically, but never before now; this is the first time".
What Hiroaki wants here is "no one has proven it mathematically". Full stop.
Or "no one has proven it mathematically to this day", or "no one has proven it mathematically so far".
Thank you for your advice! It helped me to understand how native speakers take this sentense. I have just corrected to "no one has proven it mathematically to this day".
Not who you were replying to, but yes, it's a special case. For anything not having to do with a formal math-like proof, you want "has proven" instead of "has proved." It's super weird.
We only have a few of these in English, where one of the tenses of the verb changes depending on the subject matter, but they do exist. The only other one I can think of off the top of my head is hang: past and participle "hanged"/"have hanged" (to execute or be executed via hanging from the neck) versus "hung"/"have hung" (any other meaning).
Hope that helps!
Edit: fixed my example to better match the original text.
This doesn't match my experience, and no dictionary I've checked says the past participle depends on the context; only that "proven" and "proved" can both be used (in any context). See e.g. https://en.wiktionary.org/wiki/proven#Verb
I'm not a mathematician though, so maybe this is a genuine semantic convention that neither I nor my dictionary are aware of. Maybe it's just that some mathematical style guides say to prefer "proved", for consistency, not that it really depends on the context?
Btw despite the helpful pedanticism[1] of HN, I think your English is impeccable and idiomatically natural for someone who has probably not spent much time in immersive spoken English environments.
Does the gridbach server trust all submitted results to be correct, or can it somehow verify them (much faster than the outsourced computation) ?
I managed to contribute 2B verifications in a few minutes.
Here, _client_hash is generated by wasmHash(`{"method":"Hash"}`) in /js/worker.js (yes, the payload is a fixed string), and while I didn't try to disassemble the wasm, one can pause execution and repeatedly call wasmHash() to observe it's basically a TOTP that changes every 10s, so it doesn't carry any mathematical information.
Therefore, all the info that can be used for verification on the server is a single pair of _p and _q adding up to one number in the entire range. That's the extent of the verification.
One can of course patch the code to check a single number before reporting that the entire range has been checked. Pretty sure it's impossible for the server to detect that.
Correct me if I made a mistake somewhere.
Edit: On second thought, maybe the specific number reported back is deterministically chosen in a way that relies on finishing all the checks in the range, and thus can be compared with other reported results for the same range?
Even in that case, the server can't verify the work without repeating it. mersenne.org hands out a double checking job about 8 years later presumably to thwart determined attackers.[1]
Yeah, I mean what OP doing is statistically searching for counterexample at worst, but without verification about the completeness of the range. Only if we assign jobs randomly and multiple times, we may believe in the truth about the whole range, at least under the assumption, that there is enough people and no big enough attacker.
But you posted this to a site that is literally called Hacker News... To be clear, I am not supporting any attempt at undermining your project, but people are pointing out to you that your results will be called into question if your only defence against "hacking" is "I hope people don't figure out how to do that".
> jay_gridbach: @oefrha I am afraid I had to flag your comment.
OP! This isn't cool. @oefrha basically did a free security audit for you and instead of being grateful for that, you get defensive and flag them? How is this cool?
I also had the same question as tromp about how you're validating that clients aren't cheating. @oefrha's analysis shows you aren't validating. How can we be 100% sure that none of the clients cheated? What if there is a counterexample to the conjecture but one of your clients didn't report it because they cheated? Math results require rigor and without rigor the bold claim is only a "claim" right now, not a fact!
That is understandable, but counterproductive. Tou can’t walk away from this by pretending it doesn’t exist. It only takes one troll to ruin the achievement.
Note: The parent comment accused me of giving clues to hack the application, but that part was later edited out, making my response a bit strange.
---
This is basically a free security audit, even though I only spent like five minutes. If your application can be "hacked" so easily, it's very irresponsible to say you're "verifying" the conjecture. Removing the comment doesn't make your application any more secure.
Btw, I even helpfully pointed to prior art which you can learn from. A butthurt response is pretty sad.
At this point, I am not capable with addressing the thing you pointed out. I didn't want to
make the system closed-network nor login required. Technically, I think it is impossible to prevent reporting fake result as long as it is open network system - which means my design doesn't fit to seeking rigor.
I hope this comment answers to your question.
I will continue my project to seek meaningful purpose in some extent.
The most foolproof way to verify the results would be to have the client return all the 100 million values back to the server. This may be a bit much though, so alternatively, after submission, send a random selection of numbers in the range back to the client, which will have to return the prime summands* for those. Possibly with a time limit to prevent it from doing the calculation for only those numbers. So it probably also needs to be a fairly large selection.
Respectfully, you have put in an amazing amount of work. Unfortunately life is not so kind in other parts of the world, and people are just not nice on the Internet, and they will try and break your project just for the fun of it. It is very sad, but that is the reality of the Internet today.
That's not what's happening here. People in this thread are simply asking in good faith how the server-side verifies the results submitted by the client. It’s a fair question. And an important one. In fact, it might be the most important question when making such a bold claim.
If this isn't addressed, there's no way to know that a client didn't cheat by withholding a valid counterexample. And if even one client cheats, the entire claim made in this 'Show HN' thread falls apart.
I took it to mean that people (clients) would give the project fake data for fun. But there's no statement about how those people might find the project (basically not necessarily people from hackernews).
All I can tell here is that I do certain level of valication on server side. As one of the goals of this project is to popularize the fun of mathematics among the general public, I think I would need to avoid a open network configuration to strictly conduct academic verification. The algorithm itself is publicly opened, so anyone can verify the computation step is correct or not.
https://github.com/nakatahr/gridbach-core
It would still take a nontrivial amount of computation to do all the verification afterwards. Back of the envelope calculations suggest it should less than 100x longer to find the two primes than to verify them.
I truly hate to bring this up, knowing how much passion has gone into this project. But there's an important thread got buried due to arguments! That thread raises serious concerns about the validity of this bold claim.
As highlighted by @tromp and @oefrha (https://news.ycombinator.com/item?id=43734877) it is clear, clients can cheat. So we can't be 100% sure that none of the clients cheated. What if a counterexample to the conjecture exists, but a dishonest client simply failed to report it? Math results require rigor and without rigor no claim can be trusted. Without rigor, this bold assertion remains just that. A claim, not a fact.
OP! On top of that, you're being evasive in threads where you're being asked how your validation works and you went so far as to flag a pertinent thread. That definitely doesn't inspire confidence. Addressing the validation questions is absolutely 100% necessary if you want this to be seen as more than just a claim.
Running it now. On my phone (FairPhone 4) it took about 20 seconds for a round. On my desktop (Debian Liunux, KDE, Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz), Firefox runs a round in about 12 seconds, and Chrome in 14.
I tried running in on 4 tabs on Firefox, and it did slow down a bit (maybe 16 seconds). All 4 tabs reported the same count, and it seemed not to increment for all the tabs. Also the initializing step was very fast on the subsequent tabs, as if it was reusing some data. Each tab used 100% of CPU and was doing different calculations. Same for Chrome.
Maybe it is not designed to be run in parallel on the same browser? Now I just run it on two separate browsers, one tab each. I probably stop later today when I need the computer for something else.
(Edit: Got a bit over 100B in 3.5 hours, stopping now. Machine running a tad warm, 25% CPU use, feels normal to use, but I think the fans are working a bit harder than normal)
@londons_explore @JohnKemeny
Thanks you for your interst to my project! I have to admit the computation speed is slower than I expected. I have a plan to develop GPU version of computation client which could be much faster. Also I am happy to have feedbacks from for updating this project.
I thought the same. The resulting UX is really nice though, and the stack is interesting. If the author does publish other blog posts about the technical side, this project may help other people start their own distributed calculation project on more fruitful issues for the society, and I guess that'd be a win.
When I learned programming, one of my first programs was a (rather lame) attempt to check the Goldbach conjecture. Over the years, as I learned more programming languages (first attempt was in C), it became my go-to program to get acquainted with a new language (for a few years, anyway). I never got very far, but it was fun to see how much performance I could squeeze out of the programming in various languages.
So this tickles my nostalgia bone strongly. And maybe makes me feel a tiny bit jealous. But more excited than envious, really, to see people are still working on this problem.
Thank you for sharing your experience. It's quite moving to know that someone in another country was going through the same thing I was. I implemented Goldbach in C++, C#, Java, and Go.
I did... let me think, it's been a while... C, Python, C++, Java, Common Lisp, Ada, Erlang. Also OCaml, Ruby, Haskell, Emacs Lisp, Lua, Rust, but I don't think any of those ever reached a working state.
At this point, I am not capable with addressing the thing you pointed out - the way to block fake results in open network.
From the very beginning, I don't want to make the system closed-network nor login required as I want people to join the calculation instantly. Technically, I think it is impossible to prevent reporting fake result as long as it is open network system - which means my design doesn't fit to seeking rigor.
If someone starts another project that handles calculations in better way, I would like to learn from it.
Your project is not bad. It's the way you've worded this post and your article that comes across as misleading and deceptive.
There's no definitive proof that a world record has been set. Nor that every individual block has been processed and reported honestly. What is known is that the system provides a mechanism for volunteers to submit counterexamples if they choose to. That's something.
It's possible for clients to act dishonestly and withhold counterexamples. There's an incentive to claim independent credit. So the clients have incentive to lie.
So your project doesn't ensure that every block has been verified, it allows honest participants to report findings. That's the reality and you should frame it that way in the post and article.
Impressive work! I did my share and added one billion verified numbers to your total, now you just need to get (almost) another billion of people to do the same and you'll achieve your next goal!
I call BS on this one. Placing a penny on top of skyscraper doesn't make you a builder of highest building. Still an interesting (more than) weekend project but not a meaningful record.
Time required to compute next range grows very slowly and this project has only computed the incremental part from 4*10^18 to 4*10^18+7*10^13 . It would have taken previous record holder extra 0.002% time get those additional 7*10^13.
A meaningful record needs to either reproduce old one or beat it by significant margin. Otherwise you get meaningless +1 like this.
By my estimates (~7s to compute 10^8 large chunk) new "record" represents ~60days worth of single core compute. Run it on multiple threads and you essentially get 3-4days worth compute on single modern computer.
And it does so at rate which is much worse than previous record using 2012/2013 hardware. Previous record software was able to do 10^12 window in 48minutes on single i3 core from 2013. That's roughly 24x faster using the old software on 10year old low end computer compared to the new software on new hardware. Previous record represents ~133000 days of single core compute, probably less since majority of it likely run on something better than i3.
Unless author gets it to maliciously run on a popular website with at least 10^5 users(concurrently every minute not 10^5 unique during day), 5*10^18 doesn't seem reachable this way. Getting a data center to donate computing hours would also work, but in that case you could use more efficient native software like the one from 2013 (which was order of magnitude faster even then) or rewrite of it optimized for modern hardware. The current webassembly one only makes sense if you can get random individual volunteers do donate compute.
I absolutely agree. Not re-running the computation for the first 4*10^18 and claiming a new record is absolutely disingenuous. I could verify just a single example that hasn't been covered before and claim a new record with this logic.
That is not to say that this is not a cool project. The distributed nature and running so seamlessly directly in the browser is definitely cool and allows people to contribute compute easily.
It may be that grandiose claims of new records are needed to make people donate their computational resources but I am not a fan of deceptive claims like this.
I know there haven't been any scientific progress yet, and I must admit that I gave it an easy-to-understand title to attract visitors to the site. I originally started this project out of curiosity to see what discoveries might lie ahead. For instance, my system is collecting `p` - least primes of a Goldbach partition. I am curious if there is any p larger than 9781.
https://sweet.ua.pt/tos/goldbach.html
Thank you for your comment. I will keep going to make this meaningful in some extent. The website message itself could be overstatement, but to be honest I am not trying to compete the predecessor. I am now trying to contact the predecessor to have feedback from him.
Running this now. I like how they have a big "Number of counterexamples found: 0" in the UI. Imagine they would find a counterexample on your machine… From time to time I switch to the tab to make sure the zero is still a zero (I guess there is basically no chance, but who knows?)
Possibly, but it would join other false conjectures such as Euler's sum of powers conjecture - posed in 1769 and no counterexample found until 1966. There's only been three primitive counterexamples found so far.
I thought there'd be a plot twist by the point I read 20 seconds into the article, letting me know that the algorithm was in fact already being run on my cell phone as I was reading about it... (Which would be a fine use of HN's traffic IMO!)
Didn't seti@home get discontinued because the state of the art of computation progressed in the direction of cloud computing? Is the goal here to distribute the cost burden?
Interesting that the verified 4-quintillion range is well within 64-bit integer math range (18 quintillion or 9 quintillion signed), no need to go beyond regular 64-bit computing any time soon.
Comparing the performance of WASM Go version v.s. native Go command line version, the native code is faster. There should be certain overhead using WASM I guess.
A. No validation is done on server side to confirm the workers are reporting correct results.
B. Increasing the limit by less than a thousandth of a percent does not make this a "world record"! If we go by that logic, I only have to validate one more example than you and claim a world record. And then you'd do the same. And then I'd do the same and we'll be playing "world record" ping pong all day!
But "B" isn't the big problem here because we have worse problems "A"! Nobody (not even the OP) can tell if the results are accurate!
No, I'm not simply dissing at a Show HN post. There are many comments here that explain these problems much better than I could.
This is egregrious clickbait!
Why doesn't it?
"If we go by that logic, I only have to validate one more example than you and claim a world record."
Yes. You can argue that it's not difficult enough or interesting enough, but you can't argue that N+1 result is not a world record.
What Hiroaki wants here is "no one has proven it mathematically". Full stop.
Or "no one has proven it mathematically to this day", or "no one has proven it mathematically so far".
We only have a few of these in English, where one of the tenses of the verb changes depending on the subject matter, but they do exist. The only other one I can think of off the top of my head is hang: past and participle "hanged"/"have hanged" (to execute or be executed via hanging from the neck) versus "hung"/"have hung" (any other meaning).
Hope that helps!
Edit: fixed my example to better match the original text.
I'm not a mathematician though, so maybe this is a genuine semantic convention that neither I nor my dictionary are aware of. Maybe it's just that some mathematical style guides say to prefer "proved", for consistency, not that it really depends on the context?
Alternatively, "it has yet to be proved mathematically".
1. pedantry
To request a new batch:
returns something like which means the client should check 4000075534400000000-4000075534500000000.Once done:
Here, _client_hash is generated by wasmHash(`{"method":"Hash"}`) in /js/worker.js (yes, the payload is a fixed string), and while I didn't try to disassemble the wasm, one can pause execution and repeatedly call wasmHash() to observe it's basically a TOTP that changes every 10s, so it doesn't carry any mathematical information.Therefore, all the info that can be used for verification on the server is a single pair of _p and _q adding up to one number in the entire range. That's the extent of the verification.
One can of course patch the code to check a single number before reporting that the entire range has been checked. Pretty sure it's impossible for the server to detect that.
Correct me if I made a mistake somewhere.
Edit: On second thought, maybe the specific number reported back is deterministically chosen in a way that relies on finishing all the checks in the range, and thus can be compared with other reported results for the same range?
Even in that case, the server can't verify the work without repeating it. mersenne.org hands out a double checking job about 8 years later presumably to thwart determined attackers.[1]
[1] https://www.mersenne.org/various/math.php
OP! This isn't cool. @oefrha basically did a free security audit for you and instead of being grateful for that, you get defensive and flag them? How is this cool?
I also had the same question as tromp about how you're validating that clients aren't cheating. @oefrha's analysis shows you aren't validating. How can we be 100% sure that none of the clients cheated? What if there is a counterexample to the conjecture but one of your clients didn't report it because they cheated? Math results require rigor and without rigor the bold claim is only a "claim" right now, not a fact!
---
This is basically a free security audit, even though I only spent like five minutes. If your application can be "hacked" so easily, it's very irresponsible to say you're "verifying" the conjecture. Removing the comment doesn't make your application any more secure.
Btw, I even helpfully pointed to prior art which you can learn from. A butthurt response is pretty sad.
I hope this comment answers to your question.
I will continue my project to seek meaningful purpose in some extent.
*I had to look up that word
That's not what's happening here. People in this thread are simply asking in good faith how the server-side verifies the results submitted by the client. It’s a fair question. And an important one. In fact, it might be the most important question when making such a bold claim.
If this isn't addressed, there's no way to know that a client didn't cheat by withholding a valid counterexample. And if even one client cheats, the entire claim made in this 'Show HN' thread falls apart.
You both are agreeing with each other.
As highlighted by @tromp and @oefrha (https://news.ycombinator.com/item?id=43734877) it is clear, clients can cheat. So we can't be 100% sure that none of the clients cheated. What if a counterexample to the conjecture exists, but a dishonest client simply failed to report it? Math results require rigor and without rigor no claim can be trusted. Without rigor, this bold assertion remains just that. A claim, not a fact.
OP! On top of that, you're being evasive in threads where you're being asked how your validation works and you went so far as to flag a pertinent thread. That definitely doesn't inspire confidence. Addressing the validation questions is absolutely 100% necessary if you want this to be seen as more than just a claim.
I tried running in on 4 tabs on Firefox, and it did slow down a bit (maybe 16 seconds). All 4 tabs reported the same count, and it seemed not to increment for all the tabs. Also the initializing step was very fast on the subsequent tabs, as if it was reusing some data. Each tab used 100% of CPU and was doing different calculations. Same for Chrome.
Maybe it is not designed to be run in parallel on the same browser? Now I just run it on two separate browsers, one tab each. I probably stop later today when I need the computer for something else.
(Edit: Got a bit over 100B in 3.5 hours, stopping now. Machine running a tad warm, 25% CPU use, feels normal to use, but I think the fans are working a bit harder than normal)
And this project has increased that number to 4,000,010,000,000,000,000.
Increasing the limit by 0.00025%
Not totally sure this is a good use of the compute/brainpower...
So this tickles my nostalgia bone strongly. And maybe makes me feel a tiny bit jealous. But more excited than envious, really, to see people are still working on this problem.
At this point, I am not capable with addressing the thing you pointed out - the way to block fake results in open network. From the very beginning, I don't want to make the system closed-network nor login required as I want people to join the calculation instantly. Technically, I think it is impossible to prevent reporting fake result as long as it is open network system - which means my design doesn't fit to seeking rigor.
If someone starts another project that handles calculations in better way, I would like to learn from it.
There's no definitive proof that a world record has been set. Nor that every individual block has been processed and reported honestly. What is known is that the system provides a mechanism for volunteers to submit counterexamples if they choose to. That's something.
It's possible for clients to act dishonestly and withhold counterexamples. There's an incentive to claim independent credit. So the clients have incentive to lie.
So your project doesn't ensure that every block has been verified, it allows honest participants to report findings. That's the reality and you should frame it that way in the post and article.
Time required to compute next range grows very slowly and this project has only computed the incremental part from 4*10^18 to 4*10^18+7*10^13 . It would have taken previous record holder extra 0.002% time get those additional 7*10^13.
A meaningful record needs to either reproduce old one or beat it by significant margin. Otherwise you get meaningless +1 like this.
By my estimates (~7s to compute 10^8 large chunk) new "record" represents ~60days worth of single core compute. Run it on multiple threads and you essentially get 3-4days worth compute on single modern computer.
And it does so at rate which is much worse than previous record using 2012/2013 hardware. Previous record software was able to do 10^12 window in 48minutes on single i3 core from 2013. That's roughly 24x faster using the old software on 10year old low end computer compared to the new software on new hardware. Previous record represents ~133000 days of single core compute, probably less since majority of it likely run on something better than i3.
Unless author gets it to maliciously run on a popular website with at least 10^5 users(concurrently every minute not 10^5 unique during day), 5*10^18 doesn't seem reachable this way. Getting a data center to donate computing hours would also work, but in that case you could use more efficient native software like the one from 2013 (which was order of magnitude faster even then) or rewrite of it optimized for modern hardware. The current webassembly one only makes sense if you can get random individual volunteers do donate compute.
That is not to say that this is not a cool project. The distributed nature and running so seamlessly directly in the browser is definitely cool and allows people to contribute compute easily.
It may be that grandiose claims of new records are needed to make people donate their computational resources but I am not a fan of deceptive claims like this.
Great intuitive metaphor, btw.
---
Burj Khalifa - 828m
US Penny - 1.52mm (0.00152m)
Adding a US penny to the Burj Khalifa would therefore make it 0.000183% taller.
--
Original work - 4,000,000,000,000,000,000
OP's work - 70,000,000,000
OP's work added 0.00000175% to the current record.
---
Conclusion: adding a penny to the Burj Khalifa is actually >100x more constructive than this effort.
Many natural questions would arise, starting with “Is this the only counterexample?”
(I got that from https://math.stackexchange.com/questions/514/conjectures-tha... which features some other false conjectures that may be of interest to you)
Also likely that seti@home was killed due to bandwith cost making it uneconomical[1]. After all they were looking for aliens in the data.
This "gridbach" project is much closer to GIMPS.
[1]: even if seti@home got their server bandwidth for free, they also need to factor in the bandwidth cost of their "home" participants.
That's 4 quintillion.
"i aim to push this farther to 5 quadrillion."
Final Answer: 4.00007×10^18
:-D