Gold collapsing. Bitcoin UP.

[freetrader]

@Norway: While the coming roundtable already has a reasonably good list of confirmed attendees, I find it a little unfortunate that in terms of Bitcoin dev, only Core is represented (Gavin and Jeff technically being there not under Classic banner, XT not having any rep there AFAICT, likewise Unlimited).

@theZerg: any plans on someone from BU attending?

Also, while this is a roundtable in North America, I hope that it gets a little balance from the Asia Pacific region (big mining), and that it can shed its somewhat closed-off image in favor of a more open forum in future. We don't need a G8 meeting for crypto.

 

[rocks]

@freetrader ASICs significantly increase the security of any proof of work network. Since they massively increase the hashing power way beyond anything CPU or GPU are capable off. This makes it much harder to attack from any outside source. Governments for instance tend to have a large amounts of CPU power at their disposal, which makes such cryptocurrencies vulnerable to attack by such an entity. If they had to construct their own ASICs instead, to compete with other ASICs it would make it much more expensive to carry out such an attack.

Increasing the hashing power essentially means increasing the security, which gives back increased value, which in turn increases the security again, a virtues cycle.

Initially when a currency is first launched it is good that there is a high degree of ASIC resistance in the algorithm, this does bring about a fairer distribution in this initial phase. While the currency is still small it can not sustain a diverse ecosystem of chip manufactures, therefore the use of standard equipment makes sense, since at this stage it would also benefit mining decentralization.

This process towards ASICs can be seen as an evolution towards a more advanced and mature ecosystem. As mining becomes a more professional industry spread around the world in many jurisdictions with competing manufactures, it actually becomes more anti fragile because of its shear size and sophistication.

Bitcoin is interesting as a form of democracy, because it is different to modern state democracies in that it places positive incentives on a select group which essentially votes in the interests of the economic majority, almost the opposite of how modern state democracies work lol. The point being however is that I can actually see an advantage to the miners being even more professional, invested and by extension you would hope better informed. This should strengthen the incentives and the actions of the miners in reflecting the will of the economic majority.

I understand that some of these points that I am making do seem to be somewhat at odds with recent developments, but I do have any reason to think why this theory is not correct. It could be that either the mining industry is not mature enough to deal with such an existential governance issue or that they will eventually still make the right decision. There are also a number of different factors which can influence this as well or it could just be that this will take longer to play out then we would expect. This is after all one of the fundamental premises that Bitcoin rests upon.

It is good to point out here that I do consider the biggest threat to mining centralization today actually to be centralization of manufacturing. It could even be argued that the model that I am discussing might not even work if manufacturing is not sufficiently decentralized.

It could be that in terms of the evolutionary growth of cryptocurrencies that we are still at the dangerous transitional phase between the comparatively more distributed late GPU/CPU mining phase and the early ASIC mining.

It is also not any more or less efficient doing CPU/GPU mining over ASIC mining because in essence all proof of work is arbitrary. It is more about equipment cost and electricity consumption. A one megawatt mine full of CPU miners compared to a one megawatt mine full of ASIC miners is not that different presuming the former is done on an ASIC resistant cryptocurrency.

In the specific case we where discussing the infrastructure and manufacturing for ASICs already exists, since much of the initial distribution for Bitcoin has already taken place it makes sense to leverage the advantages that such a large mining industry affords. Even in the case of a minority fork if we did change the algorithm it would mean that the SHA256 chain will have far greater security. The minority fork would most likely take a long time to develop the infrastructure to equal the proof of work security the longest SHA256 chain in this case would afford.

This development of ASICs is a part of Bitcoin and it can be considered that any chain fork of Bitcoin should be able to leverage this advantage for themselves and compete with the longest chain over the hashpower. We could even imagine a future with multiple chain forks of Bitcoin, each using the same hashing algorithm, however all combined contributing to the decentralization of manufacturing ensuring a healthy ecosystem for all.

I do not see much credence in the idea that the minority chain will be attacked to its destruction by the longest chain and that therefore only one chain with the same hashing algorithm can exist. I think the altcoin space actually serves as a good counterfactual to this claim, since there are even altcoins out there that use the same algorithm as Bitcoin, it is not a problem, the market finds its own equilibrium based on mining profitability.

A bit of a wall of text I know, but that was a great question, thanks. One positive thing about this whole blocksize debate and existential crisis of Bitcoin is that it is making us ask a lot of interesting questions and exploring concepts that we might not have otherwise explored in such depth.

My hope is that what we are going through is Bitcoin coming to understand itself, as it grows up, acquiring more self knowledge and self awareness. An awakening even, my hope is that we will all come out of this stronger and wiser.

The way I see it ASICs increase the hash rate number, but do not add security. Security is obtained due to the cost/difficulty of the total hashes, not by the number of hashes.

For example let's say we have two separate chains with different POW algorithms. Chain A has ASICs and a total hash rate of 1billion/sec at a total cost of $10K per day (total cost amortizing everything from equipment to electricity). Chain B has an ASIC resistant POW and a much lower total hash rate of 1thousand/sec at a total cost of $10K per day.

It might look as if Chain A is more secure because it has a billion hashes per second, but the reality is they both are equally secure since they are both backed by $10K per day in spending. That is the real metric, how much money/resources are being spent to protect the network.

To me the main characteristic to look for in a POW algorithm is what are the component of the costs. SHA256 as we have seen enables cost components that are dominated by electricity, which means competition in mining is not fair or balanced but based on access to cheap electricity.

I spent the first half of my career as a hardware and software architect and have ported many algorithms from software implementations in to hardware/ASIC implementations, and understand this process very well.

There are very solid ASIC resistant options available that even after being fully optimized will keep capital costs as the dominate factor and remove competitive advantages from having access to cheap electricity. I think this enables a more fair and distributed mining ecosystem and prevents what we just saw last week.

It is an extensive topic and one I'm happy to have in another thread to keep from cluttering this thread, but an ASIC resistant POW that has better economics even after full optimization is possible. The problem for SHA256 and Litecoin's scrypt implementation is two fold: 1) The data sets are small enough to be stored on a single chip 2) the hash kernel is simple enough to be able to be converted into a HW implementation. The problem for litecoin was it set the dataset size much too small, and the scrypt algorithm itself was not ASIC resistant. Litecoin relied solely on the dataset size and the dev picked one too small.

A POW algorithm which 1) requires a dataset much too large to be stored on a single chip and 2) has a core algorithm with enough variability that it can not be effectively mapped to hardware, will remain as a CPU only mining ecosystem with very different characteristics from Bitcoin's current ecosystem. What is more you can design the algorithm to be dominated by data movement and not a core computation which burns electricity more.

I am becoming very serious about putting a full fork client out there. One that activates in let's say 5-months. It would participate on the current Bitcoin P2P network and be visible to everyone. If it gets some traction (let's say 500 nodes) it would be launch with a decent size.

Most importantly just as litecoin has it's position simply by being the first genesis block fork, Satoshi's Bitcoin would have a leadership position as the first chain fork. The potential for this is why I am not selling more coins after the recent miner/core "consensus".

 

[cypherdoc]

1083 Classic nodes. Onwards & upwards!

 

[lunar]

@rocks

would it be possible to design a chip that had two hashing functions on it? Once enough were in distribution the chips and users could switch Hash mode.

 

[bitcartel]

@rocks I have a draft proposal for a new memory-hard PoW (where memory requirements are tied to network difficulty) and it has already had some discussion here: https://bitco.in/forum/threads/buip015-decentralize-mining-with-the-fair-pow-algorithm-and-an-user-configurable-pow-setting.809/

You're correct that Litecoin's usage of Scrypt was flawed as they picked a static and very low figure for the memory requirements.

Putting a fork out there to restore decentralization could work. With a fixed go live date, and sufficient notice, if word gets out there that once again you can mine Bitcoin with a home computer, I would hazard a guess that the number of nodes would be in the tens of thousands.

 

[AdrianX]

@bitcartel shouldn't the memory requirement be a factor related to mem pool size, if we see some sort of hastate increase like we've seen in bitcoin it doesn't take much imagination to think that a comprable amount of energy will be used to validate the memory in relation to actual hashing?

 

[rocks]

@AdrianX
The memory requirements should be based on expected HW chip technology capabilities with the goal of requiring off chip communication for POW computation. It is orthogonal to the men pool. Insidently on chip data has already stalled.

@bitcartel
Thanks for the link, am busy with work today and tomorrow but will check that out this week. I think a real peer reviewed POW plus a bitcoin chain fork could capture a lot of attention and adoption.

 

[Justus Ranvier]

"PoW that encourages decentralization" is a dead end and waste of time.

Economic specialization is not something that you can wish away, and fighting it works about as well as any other form of central planning.

 

[VeritasSapere]

The way I see it ASICs increase the hash rate number, but do not add security. Security is obtained due to the cost/difficulty of the total hashes, not by the number of hashes.

For example let's say we have two separate chains with different POW algorithms. Chain A has ASICs and a total hash rate of 1billion/sec at a total cost of $10K per day (total cost amortizing everything from equipment to electricity). Chain B has an ASIC resistant POW and a much lower total hash rate of 1thousand/sec at a total cost of $10K per day.

It might look as if Chain A is more secure because it has a billion hashes per second, but the reality is they both are equally secure since they are both backed by $10K per day in spending. That is the real metric, how much money/resources are being spent to protect the network.

In this example, can it not be argued that the $10k per day is not the only relevant metric. Since it would be much more expensive for an outside force to build or purchase the ASIC's for an attack on Chain A, compared to simply utilizing already existing hardware for an attack on Chain B?

The difficulty of having to compete with other ASIC manufactures and the need to develop the most cutting edge chips in order to attack Chain A, does that not make an attack on Chain B much more expensive? Therefore making the chain supported by ASIC POW the more secure chain in this example.

 

[satoshis_sockpuppet]

"PoW that encourages decentralization" is a dead end and waste of time.

Economic specialization is not something that you can wish away, and fighting it works about as well as any other form of central planning.

But the choice of pow can have an influence on the type of specialization. Todays pow in btc heavily privileges cheap energy.
I don't think the pow implementation itself is as important as the precedence of making all mining hardware expensive scrap metal overnight.
After the last bad news I thought about altcoins and if there is a better alternative to bitcoin. It's very likely that altcoins would face the same problems someday which suggests, that the system itself is flawed and that the incentives aren't working as we thought they would.
But if you think about it, a fork of the existing blockchain with a new pow might be the necessary weapon for the users and companies to get things back on track. Furthermore it would create a precedence to force miners to behave which would make the necessity of making another pow fork less probable.

The mining centralization in china is a huge problem imho and I have to admit that I was one of the people who ignored it as long as everything was working more or less fine.

A 51% Attack was the only realistic possible attack to this day (That I know of) and it's exactly what happened. Not exactly by a malicious miner but by proxies of a malicious company and incomprehensible stupidity. A 51% stupidity attack. Somehow funny that this is exactly the problem we are facing.

Btw: Hello everybody and a huge thank you to all the guys working on BU!!

 

[solex]

Jeff Garzik's "Economic Change Event" has begun. For the first time ever the average block size over seven days exceeds 0.75MB. I called this the "Brownout" level, which we should never be seeing happen.

https://bitcointalk.org/index.php?topic=1010569.0

 

[rocks]

"PoW that encourages decentralization" is a dead end and waste of time.

Economic specialization is not something that you can wish away, and fighting it works about as well as any other form of central planning.

What can be done is to design a POW such that after full economic specialization is done (at any scale) the economics work out such that there is more equal access to mining than there is today.

A POW that even fully optimized both still runs on standard hardware and is capital cost intensive creates a level playing field for mining.

If you think i am suggesting a POW that hopes econmic specialization won't happen that is wong. I am suggesting a POW that is constrained technically based on known hardware limitations that forces economic specialization to optimize in a direction that is more equitable.

This is possible and the attempts done so far such as litecoin were done by people who clearly don't understand the technologies involved, thus the need for peer review.

 

[Justus Ranvier]

I am suggesting a POW that is constrained technically based on known hardware limitations that forces economic specialization to optimize in a direction that is more equitable.

Good luck with that.

 

[Richy_T]

specialized hardware always > generalized hardware when it comes to such things. Even if you came up with something that was absolutely ASIC resistant, gains could still be had vs a general computer system by tearing out everything else that is irrelevant to the job at hand and bundling 100 of what's left on a die, 100 to a board.

If ASICs hadn't have come along, it would have been GPU farms. If GPUs had not been viable, it would have been CPU farms. There was, and is, just too much money on the table.

 

[cypherdoc]

"PoW that encourages decentralization" is a dead end and waste of time.

Economic specialization is not something that you can wish away, and fighting it works about as well as any other form of central planning.

Yes, because the way it's being discussed here is based upon an assumption that the POW is centralizing around cheap electricity, which may or may not be true.

 

[VeritasSapere]

What can be done is to design a POW such that after full economic specialization is done (at any scale) the economics work out such that there is more equal access to mining than there is today.

A POW that even fully optimized both still runs on standard hardware and is capital cost intensive creates a level playing field for mining.

If you think i am suggesting a POW that hopes econmic specialization won't happen that is wong. I am suggesting a POW that is constrained technically based on known hardware limitations that forces economic specialization to optimize in a direction that is more equitable.

This is possible and the attempts done so far such as litecoin were done by people who clearly don't understand the technologies involved, thus the need for peer review.

Is this not already happening now with SHA256 ASICs, I do not see what this has to do with the algorithm itself since the energy spent and calculations made are all arbitrary anyway. In the end of the day electricity cost and equipment cost is all that matters. I do not see how changing the POW algorithm would change that, we would most likely see the same thing happening that has already happened to Bitcoin. If anything it makes more sense to keep the current algorithm because it leverages the current mining industry creating a more "fair" or "equal" access to mining. I think if that is our goal then we should keep SHA256 since I think this "fairness" or "equal" access to mining is best served with an increased decentralization of chip manufacturing, resetting the algorithm would put this progress back significantly and we would still need to go through the dangerous transition periods again.

 

[rocks]

@rocks

would it be possible to design a chip that had two hashing functions on it? Once enough were in distribution the chips and users could switch Hash mode.

You can design a chip to do anything, $100 buys you billions of transistors at scale today. I'm not sure how this would help.

I think what you are getting at is a dynamically changing POW that makes specialization hard. There was exploration of this in the alt space and there are methods. I think the right approach is not a fixed algorithm change which can be pre optimized for, but a dynamically changing algorithm based on the hash of the previous block which makes changes unpredictable. This plus off chip communication would create a very different econimc situation than we have today.

 

[VeritasSapere]

Just in case anyone feels like bumping heads with some of the small blockists, explaining economics 101. I think I have argued on that front myself enough for one day. I like to keep it simple, I have always believed that the basic Socratic method cuts through most of the bullshit of this world.

https://bitcointalk.org/index.php?topic=1330553.msg13976548#msg13976548

Pretty ridiculous actually, still arguing that an increase to two megabytes is possible, they keep talking past me saying that Bitcoin can not scale to the whole world today, therefore we should not scale it directly at all. Classic engineers nirvana fallacy. I suppose I have failed today to get my ideological opponent to acknowledge this, hopefully my audience can learn more from this discussion.

 

[bitcartel]

@VeritasSapere One argument, which you allude to, is that commodification of ASIC mining chips will decentralize mining because the chips will become cheap enough that anyone can buy one. However, we already have commodity technology in the form of general purpose home computers - why would we want to reject this in favor of proprietary/closed hardware which can easily be backdoored?

 

[VeritasSapere]

@bitcartel The reason is that mining will evolve towards ASICs anyway, it is inevitable. Unless an algorithm can be developed that is completely ASIC proof, I would change my position if that was the case but as far as I understand that is theoretically impossible. Therefore we need to embrace this as part of what a proof of work cryptocurrency is.

It is the transitional period that is the most dangerous for decentralization, why go through that again when it is already partially developed in Bitcoin and we can leverage that network effect. Especially if if one of the main forces for mining centralization is centralization of manufacturing. I could imagine that a more ASIC resistant algorithm might even have more centralization issues when going into the ASIC stage because of a lack of competition due to a higher barrier of entry of actually manufacturing these chips.