George Kadianakis:
2.Client computes POW. Do{ Generates random 8 bytes key (ClientKey). Generates hash(sha512/256 or sha3??) of hash(IPKey + ClientKey) } while (hash does not start with "abcde")
That looks like a naive PoW scheme. It would perhaps be preferable to try to find a GPU/ASIC-resistant or memory-hard PoW scheme here, to minimize the advantage of adversaries with GPUs etc.? Are there any good such schemes?
It may be worth looking at Argon2 [1] which is designed to maximize the cost of password cracking on ASICs based on memory-hard functions. A different approach is the input-dependent use of several different hash functions (cf. e.g. [2]).
[1] https://www.cryptolux.org/images/0/0d/Argon2.pdf [2] https://www.pascalcoin.org/storage/whitepapers/RandomHash_Whitepaper.pdf
Also services should definitely be able to configure the difficulty of the PoW, and IMO this should again happen through the descriptor.
yes