It’s not the layman’s explanation because the average person doesn’t encounter mathematical problems being solved by a brute force lottery.
In high school math, problems are solved by choosing the right formula and plugging in the right variables. Throwing the dice trillions of times isn’t what people imagine when they hear “solving a complex mathematical problem.” That framing is designed to make PoW more acceptable to laypersons, as it sounds like the computation is useful or at least clever rather than intentionally designed to waste energy.
The average person doesn’t encounter mathematical problems -- full stop. They have no reference point between one algorithm and the next.
Heck, I understand well how POW works, and even I think of it as solving a "complex mathematical problem"... the inherently difficult problem of prime factorization.
> Heck, I understand well how POW works, and even I think of it as solving a "complex mathematical problem"... the inherently difficult problem of prime factorization.
???
Factoring is not a common problem for proof of work. In fact im not sure how you could even make that work in a way that ensures participants arent cheating.
All cryptography exploits the inherent difficulty of factoring integers. POW requires brute force precisely because the underlying hashing algorithms are built around large primes.
This is, actually, how I layperson-explain cryptography: there’s no fast or easy way to take any huge number and know what two numbers mutiplied to make it, and this mathematical property is what makes (good) passwords hard to crack.
That is simply not how cryptographic hashes work. They have nothing to do with primes, and having a quick way to factor large numbers would do nothing to impact the security of the PoW part of Bitcoin (I believe it may affect the security of your wallet, though, but that is an entirely different attack).
Note that even being able to quickly reverse the hash function for Bitcoin wouldn't do anything to the PoW security.
The only thing that matters for PoW as implemented in Bitcoin is that there is no way to predict the value of the hash of a block + nonce faster than computing the hash. This doesn't rely on integer factorization difficulty in any way, it simply relies on a construction that uses many one-way functions.
Only RSA is built around factoring. I suppose if you consider discrete log to also be factoring related, some other public key & key agreement algs are also.
Hash functions and symmetric algorithms are not based around factoring.
Any person who thinks that a computer is going through symbolic formulas and selecting which one to substitute in to find a hash function nonce doesn't know a whole lot about what a blockchain fundamentally is and how computers make it possible. That's either the fault of the explanation they read\are reading (if it was falsely advertised) or the fault of the person (if they're biting on explanations beyond their level) or nobody's fault really because somewhat-hard concepts are somewhat-hard.
Any explanation of PoW worth its salt no matter how basic should - and does in my experience - repeatedly drive home the idea that PoW is inefficient, it's literally right there in the name, Proof of Work, jumping through hoops as an algorithm. If somebody doesn't understand that PoW is extraordinarily inefficient, they don't understand blockchains and why they are cryptographically secure modulo implementations and social engineering.
Nothing new is added or said by emphasising how inefficient PoW is, that's the entire point, that's why it's secure. The comment that started this chain basically said that in very simple terms, and the comment I replied to expressed disapproval about a very minor issue with the terms then re-said what its parent already said in more words that don't add any clarity.
Will people see 'mathematical' and assume the computer is integrating dy/dx by parts to get the next nonce ? You can assume that the average HN reader knows that when we say a computer is 'solving math' it's meant that it's crunching an aweful lot of binary strings. That's why we call classic AI "classic" or "symbolic". Everything a computer do is crunching numbers brute-force style except when said otherwise.
Why are we explaining in layman's terms on hacker news? Maybe i'm being pretensious, but surely we all know what sha256 is. Its used pretty constantly everywhere, long before bitcoin was a thing.