New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ballot Proposal: Embracing Simple PoW and ASICs #21

Merged
merged 3 commits into from Jun 14, 2018

Conversation

Projects
None yet
10 participants
@acityinohio
Contributor

acityinohio commented Jun 5, 2018

(ballot copied here for discussion's sake)

Ballot Proposal: Embracing Simple PoW and ASICs

A Long-Term Plan to Decentralize Mining

Proposed ballot entry, and convenient TL;DR:

The Foundation should commit to migrating the Zcash protocol to a new proof of work algorithm with a hard-fork planned between September 30, 2020 and December 31, 2020, with the following goals:

- Selecting a thermodynamically efficient (not ASIC-resistant!), currently unused proof-of-work algorithm
- Hosting and building an open hardware specification for the selected PoW algorithm
- Assembling a consortium of hardware companies to build hardware against this open specification, while encouraging upstream contributions
- Building an open source, cross-platform, user-friendly, p2pool-esque piece of mining software for use with this hardware
- Manage the hard fork upgrade process across users, wallets, exchanges

[ ] Agree
[ ] Disagree

Background

With equal degree fascination and anxiety, I watched the Great ASIC Resistance Debate unfold in Zcash and other cryptocurrencies this year. On the Zcash side, the debate reached fever-pitch after Bitmain released the AntMiner Z9 mini, which resulted in our statement on ASIC Resistance and the ensuing commitment to investigate and prescribe action.

That statement sowed the seeds for this ballot proposal, and in particular this paragraph (bold parts my own):

The Foundation believes it’s important to maintain the power of GPUs in Zcash mining. However—and this nuance is important—we also recognize that ASIC resistance may be a red herring, for the health and decentralization of the protocol in the long term. Perhaps there is another path that we could take, with ample time for community buy-in—and we welcome input on getting there.
In the short term, we consider it critical to protect the community members who are building the ecosystem with us. If it’s necessary based on our evaluation of the ASICs on the network, we will hire a developer to construct and submit a ZIP to mitigate its effect on the network. If the Zcash core development team and community approves, it will ideally be deployed by late 2018.

This ballot proposal is that alternate path, one that I believe is worth discussing—one that flips the debate by embracing ASICs and simple PoW, but only so long as we can encourage open commoditization and access to mining hardware.

Full disclosure: what follows is my personal opinion, and not representative of official Foundation policy. That I am a Foundation employee should not weigh on your evaluation of this proposal, instead let the scales be tipped by the merits of the argument contained herein.

To be blunt: I do not think ASIC Resistant is a long-term, sustainable goal. I do think, based on the data available at the time, it was reasonable to make that a high priority when Zcash launched, and that it helped to encourage broader, fairer distribution of ZEC, but to me it is abundantly clear that it's not the right design goal today. With a high enough economic incentive, a hardware manufacturer will ultimately find some way to make an application-specific circuit...and if it's in a particular position, it could monopolize the development and distribution of such a circuit. That creates a dangerous environment for centralization. On the other side of the coin, if you somehow managed to make a truly ASIC-resistant PoW design (something many consider impossible, myself included), then if you are not the largest coin using general compute power you open yourself up to 51% attacks, potentially by easily-rented, virtual compute cycles.

I won't spend time re-hashing these arguments, but suffice it to say that the following articles have influenced my thinking on ASICs and PoW, and I strongly encourage anyone reading this ballot proposal (and really any cryptocurrency enthusiast) to also consider reading these articles:

Given this perspective on the inevitability of ASICs, I think it's better to consider what an ideal PoW mining environment would resemble, and what proactive steps we can take to get there.

Goals and Assumptions

Here are my explicit goals with this proposal:

  • A mining environment that favors broad distribution of rewards
  • Less centralization in hashpower (either from pools or mining farms)
  • Less centralization in hardware manufacturing (to prevent "stealth" ASIC mining and monopolization)
  • Better UX for hobbyist miners, without contributing to centralized pools, to encourage a fat tail of hashpower distribution
  • Open source components for all the pieces above, with broad upstream contributions from hardware manufacturers and software developers

And my assumptions:

  • Simple, purposeful PoW is better for the security of the network, and enables more entrants in the hardware business...
  • ...particularly if a hardware spec is open and contributed to by multiple manufacturers, and the hardware has ample time to be developed prior to PoW activation
  • Zcash remains a PoW-based cryptocurrency
  • The Foundation will be in a position to orchestrate a hard-fork upgrade with a PoW change
  • The Foundation can get hardware companies to agree to an open spec to build on this PoW
  • It's possible to build mining software that is open, easy to use, and doesn't contribute to traditional pool centralization
  • It's possible to do the above within the Foundation's budget, and without compromising the Foundation's work on supporting privacy infrastructure for the public good (a key part of the Foundation's Mission!)

Detailed Rationale

Given the goals and assumptions, let's consider each part of the proposal.

The Foundation should commit to migrating the Zcash protocol to a new proof of work algorithm with a hard-fork planned between September 30, 2020 and December 31, 2020, with the following goals:

This is self-explanatory, but why plan a PoW change with a fork so far in the future? Here's my rationale:

  • There are many, many stakeholders in the ecosystem, and giving ample warning helps them make investment decisions (e.g., not spending too much of their money on Equihash ASICs or GPUs).
  • But more importantly, a long runway until PoW change can prevent stealth mining by having manufacturers compete in earnest far before they can directly profit off a given piece of hardware through a native token reward...and may encourage them to sell the hardware sooner rather than stockpile it to accumulate hashpower, since their hardware would be sitting idle prior to activation, while other manufacturers could be generating cashflow by selling their hardware...which is the outcome we want.

I think a hasty PoW change to something more ASIC resistant is short-term beneficial, but long-term serves to widen the gap between any given hardware manufacturer's monopoly position as an esoteric ASIC manufacturer and their nearest competitor. But a long-known-in-advance PoW change could allow others to compete, particularly if the next bullet point in my proposal is met:

- Selecting a thermodynamically efficient (not ASIC-resistant!), currently unused proof-of-work algorithm

The simpler the PoW, the less likely clever hardware tricks can be used to generate competitive advantage for a given manufacturer, and the more likely—and more rapidly—the hardware will be commoditized. Combined with a long lead time to PoW change, it may be possible to have a competitive hardware market months before the fork.

The actual selection could be done like the Zcash Mining Challenge, or via an expert the Foundation hires or contracts.

- Hosting and building an open hardware specification for the selected PoW algorithm

A competitive, well-maintained, open spec would benefit everyone, particularly new entrants in manufacturing. The Foundation would have to either initiate development or—ideally—work with a number of hardware manufacturers to contribute to an open spec (see next point). This could also be run like the Mining Challenge.

- Assembling a consortium of hardware companies to build hardware against this open specification, while encouraging upstream contributions

This may be the most difficult, yet most important piece. In effect, this would be an attempt for the Foundation to act as a conduit for co-opetition between manufacturers, sharing development cost while maintaining their own manufacturing business lines. Nothing like this has been done in the mining world before, as far as I know...but that's not to say that it can't work, it's just never been attempted.

- Building an open source, cross-platform, user-friendly, p2pool-esque piece of mining software for use with this hardware

Much of this work would be for naught if it resulted in overly centralized pools; instead, we should endeavor to have this hardware work with a standard, open, decentralized-first piece of software. Again, we could use a renewed Mining Challenge to spur development, or (attempt) to build it ourselves. Even better if we could implement this directly in the Foundation's future independent node implementation. And thankfully this work can be done in parallel to the hardware development/consortium/PoW selection.

- Manage the hard fork upgrade process across users, wallets, exchanges

This is still very hard, but seemingly easier by comparison. :)

Critiques

There are many risks here, commensurate with the proposal's ambition. My assumptions might be dead wrong. Hardware manufacturers may not be interested in a consortium to build simple PoW equipment. Good UX for hobbyist mining might require centralized pieces. Stealth/more efficient mining might still happen, even if three or four hardware manufacturers agree to an open spec for which they frequently upstream contributions. Hard forks can be difficult to coordinate and organize. The challenges to create good, decentralized mining software and encourage hardware manufacturers might prove too difficult.

And ultimately, it very likely won't prevent the rise of massive mining farms on this PoW. There are huge advantages to running farms, when volume purchases on hardware, in-house hardware development, and access to utility-level electricity create economies of scale. But with the right steps, we could limit the effect those farms have on overall hash power. If the improved UX and cheaper/competitive ASIC market result in 10-20% of hashpower living on farms and 80%-90% in the "fat tail" of hobbyists/users not overly controlled by a single pool, I would consider that a success.

And despite the risks I do think it's worth suggesting this proposal, and getting feedback from the panel on whether this should be a priority for the Foundation. I eagerly look forward to your comments and the community vote.

@acityinohio acityinohio changed the title from Ballot Proposal: Embracing Simple PoWs and ASICs to Ballot Proposal: Embracing Simple PoW and ASICs Jun 5, 2018

@bitcartel

This comment has been minimized.

Show comment
Hide comment
@bitcartel

bitcartel Jun 5, 2018

The ASIC resistance ballot says:

This ballot which talks of "embracing ASICs" says:

  • "The Foundation should commit to migrating the Zcash protocol to a new proof of work algorithm with a hard-fork planned between September 30, 2020 and December 31, 2020"

Why does one ballot set general direction while the other binds to specific action?

Won't this confuse voters as to what "Agree" really means?

Given that these two ballots are related, what if they both pass?

bitcartel commented Jun 5, 2018

The ASIC resistance ballot says:

This ballot which talks of "embracing ASICs" says:

  • "The Foundation should commit to migrating the Zcash protocol to a new proof of work algorithm with a hard-fork planned between September 30, 2020 and December 31, 2020"

Why does one ballot set general direction while the other binds to specific action?

Won't this confuse voters as to what "Agree" really means?

Given that these two ballots are related, what if they both pass?

@acityinohio

This comment has been minimized.

Show comment
Hide comment
@acityinohio

acityinohio Jun 5, 2018

Contributor

All good questions @bitcartel.

Why does one ballot set general direction while the other binds to specific action?

This was up to the ballot proposers—@amiller took a general direction with his, while I thought it prudent to outline specific actions—particularly since I anticipated many in the community having a problem with this approach if I didn't outline my reasoning and offer concrete steps. I also thought it would be nice to have a more specific ballot proposal to contrast with some of the more general ones.

Won't this confuse voters as to what "Agree" really means?

In the context of both proposals, yes, but independently I thought it was clear that I was seeking approval for this specific plan...if not I can change the wording, open to suggestions there.

Given that these two ballots are related, what if they both pass?

That would be a case similar to the Condorcet paradox and one that the Board would ultimately have to resolve if they're separate ballots. @amiller and I could also choose to combine the ballots and offer multiple choices with only one selection—that may be the easier solution, prior to assembling the ballots.

Contributor

acityinohio commented Jun 5, 2018

All good questions @bitcartel.

Why does one ballot set general direction while the other binds to specific action?

This was up to the ballot proposers—@amiller took a general direction with his, while I thought it prudent to outline specific actions—particularly since I anticipated many in the community having a problem with this approach if I didn't outline my reasoning and offer concrete steps. I also thought it would be nice to have a more specific ballot proposal to contrast with some of the more general ones.

Won't this confuse voters as to what "Agree" really means?

In the context of both proposals, yes, but independently I thought it was clear that I was seeking approval for this specific plan...if not I can change the wording, open to suggestions there.

Given that these two ballots are related, what if they both pass?

That would be a case similar to the Condorcet paradox and one that the Board would ultimately have to resolve if they're separate ballots. @amiller and I could also choose to combine the ballots and offer multiple choices with only one selection—that may be the easier solution, prior to assembling the ballots.

@DavidVorick

This comment has been minimized.

Show comment
Hide comment
@DavidVorick

DavidVorick Jun 6, 2018

The best that we can hope to do is identify all of the places that manufacturers today have sturdy advantages and determine where we can erode or eliminate those advantages.

The algorithm choice greatly impacts what sorts of optimizations are available to chip teams. The optimization space even for simple chips is massive - there are full time people at AMD whose sole job is to make an AND gate faster. Every level of complexity that you layer into the chip is another tier of full time designers you can productively throw at optimization.

Memory is incredibly complicated to optimize. A lot of people don't realize, but one of the most expensive parts of chip design is moving information from one place to another. Memory is a bunch of moving things from one place to another, and if you can figure out architectures that minimize the physical distance that the data needs to travel, you can create faster and more efficiency chips. For something like equihash, the optimal architecture is very much not obvious, and that means that well funded teams with lots of people looking at every layer are going to have a much bigger advantage over smaller teams vs. a simpler chip or algorithm where the optimal design is reasonably self-evident. Bigger teams will still have a big advantage, but at least we're talking like 25-35% instead of 3x or more.

Embracing ASICs on equihash I think in the long term is going to cause a lot of issues, likely even worse than what Bitcoin is going through with Bitmain today. It's a tough algorithm to develop hardware for, and it seems like there are a very large number of advanced / non-obvious ways to optimize. That just translates to bigger moats for big teams, and bigger risks for small teams.

I support the idea of changing the PoW algorithm to something simpler. And I also strongly urge you to consult and leverage actual hardware developers and chip designers when deciding what counts as simple. A lot of things that are extremely simple in software end up being overwhelmingly difficult in hardware. Two great examples of this are addition and rotate. There are a mountain of research papers explaining how to add two numbers together in hardware when optimizing for various things. And rotates end up being a lot trickier than "just connecting wires" because of all the fancy design rules (literally hundreds of pages of rules) that tell you how close various wires of different types and sizes are allowed to be.


Anyway, I support the general idea. And I also strongly support the idea that the hardfork should happen after manufacturers have had a long time (at least 12 months) to develop hardware for the new algorithm, that way you don't get one manufacturer who is first to market and controlling everything.

DavidVorick commented Jun 6, 2018

The best that we can hope to do is identify all of the places that manufacturers today have sturdy advantages and determine where we can erode or eliminate those advantages.

The algorithm choice greatly impacts what sorts of optimizations are available to chip teams. The optimization space even for simple chips is massive - there are full time people at AMD whose sole job is to make an AND gate faster. Every level of complexity that you layer into the chip is another tier of full time designers you can productively throw at optimization.

Memory is incredibly complicated to optimize. A lot of people don't realize, but one of the most expensive parts of chip design is moving information from one place to another. Memory is a bunch of moving things from one place to another, and if you can figure out architectures that minimize the physical distance that the data needs to travel, you can create faster and more efficiency chips. For something like equihash, the optimal architecture is very much not obvious, and that means that well funded teams with lots of people looking at every layer are going to have a much bigger advantage over smaller teams vs. a simpler chip or algorithm where the optimal design is reasonably self-evident. Bigger teams will still have a big advantage, but at least we're talking like 25-35% instead of 3x or more.

Embracing ASICs on equihash I think in the long term is going to cause a lot of issues, likely even worse than what Bitcoin is going through with Bitmain today. It's a tough algorithm to develop hardware for, and it seems like there are a very large number of advanced / non-obvious ways to optimize. That just translates to bigger moats for big teams, and bigger risks for small teams.

I support the idea of changing the PoW algorithm to something simpler. And I also strongly urge you to consult and leverage actual hardware developers and chip designers when deciding what counts as simple. A lot of things that are extremely simple in software end up being overwhelmingly difficult in hardware. Two great examples of this are addition and rotate. There are a mountain of research papers explaining how to add two numbers together in hardware when optimizing for various things. And rotates end up being a lot trickier than "just connecting wires" because of all the fancy design rules (literally hundreds of pages of rules) that tell you how close various wires of different types and sizes are allowed to be.


Anyway, I support the general idea. And I also strongly support the idea that the hardfork should happen after manufacturers have had a long time (at least 12 months) to develop hardware for the new algorithm, that way you don't get one manufacturer who is first to market and controlling everything.

@jordanmack

This comment has been minimized.

Show comment
Hide comment
@jordanmack

jordanmack Jun 6, 2018

@acityinohio Very glad to see some alternative thinking emerging on this topic. Below are some of the concerns that come to mind.

Selecting a thermodynamically efficient (not ASIC-resistant!), currently unused proof-of-work algorithm

While I would love to see something that is thermodynamically efficient, I believe this may also be long-term unsustainable. PoW is competition by its very nature. This always forces scale. PoW creates security through economic incentive. Because mining rewards are relatively constant, the amount of PoW generally follows the market capitalization. The primary costs to miners are equipment and energy, and it should be assumed that they will be utilized to their limits within the market cap. As the market cap grows, so will the amount of hardware running on the system. It will only stop once it becomes unprofitable.

If the equipment is expensive you immediately alienate a large population of small miners. If the equipment is cheap you may end up better distribution initially, but in the long term, miners will utilize more equipment and therefore more electricity. The efficiency of the equipment does not matter since this is ultimately a system of economics.

If PoW is continued to be used, I believe that it should be assumed that massive amounts of power will always be utilized. The next best scenario is that all this computation power is co-opted and utilized for a productive purpose; possibly in mathematics or science.

Assembling a consortium of hardware companies to build hardware against this open specification, while encouraging upstream contributions

Would the primary purpose of this be to prevent a monopoly by a single manufacturer? This may be successful in the short run, but again, I have concern for the long term. Without oversight, competition between manufacturers will likely end with a single market dominator. This seems to be one of the most common scenarios in markets without a geographic constraint. This could be dealt with through some form of a governance model, but IMO this means the purpose of the system has gone astray since it ultimately relies on external trust factors.

jordanmack commented Jun 6, 2018

@acityinohio Very glad to see some alternative thinking emerging on this topic. Below are some of the concerns that come to mind.

Selecting a thermodynamically efficient (not ASIC-resistant!), currently unused proof-of-work algorithm

While I would love to see something that is thermodynamically efficient, I believe this may also be long-term unsustainable. PoW is competition by its very nature. This always forces scale. PoW creates security through economic incentive. Because mining rewards are relatively constant, the amount of PoW generally follows the market capitalization. The primary costs to miners are equipment and energy, and it should be assumed that they will be utilized to their limits within the market cap. As the market cap grows, so will the amount of hardware running on the system. It will only stop once it becomes unprofitable.

If the equipment is expensive you immediately alienate a large population of small miners. If the equipment is cheap you may end up better distribution initially, but in the long term, miners will utilize more equipment and therefore more electricity. The efficiency of the equipment does not matter since this is ultimately a system of economics.

If PoW is continued to be used, I believe that it should be assumed that massive amounts of power will always be utilized. The next best scenario is that all this computation power is co-opted and utilized for a productive purpose; possibly in mathematics or science.

Assembling a consortium of hardware companies to build hardware against this open specification, while encouraging upstream contributions

Would the primary purpose of this be to prevent a monopoly by a single manufacturer? This may be successful in the short run, but again, I have concern for the long term. Without oversight, competition between manufacturers will likely end with a single market dominator. This seems to be one of the most common scenarios in markets without a geographic constraint. This could be dealt with through some form of a governance model, but IMO this means the purpose of the system has gone astray since it ultimately relies on external trust factors.

@joshmh

This comment has been minimized.

Show comment
Hide comment
@joshmh

joshmh Jun 6, 2018

I also agree that this is the right way to look at it.

A mining environment that favors broad distribution of rewards

This isn't discussed much here but it seems to me that pursuing this goal has more to do with the expected number of rewards issued per day than with the mining algorithm. For instance, if a blockdag is used and blocks are mined many times a second, a solo miner with modest hash power could expect to see some rewards in a reasonable amount of time (perhaps a few days). This is the main reason I'm interested in blockdags.

joshmh commented Jun 6, 2018

I also agree that this is the right way to look at it.

A mining environment that favors broad distribution of rewards

This isn't discussed much here but it seems to me that pursuing this goal has more to do with the expected number of rewards issued per day than with the mining algorithm. For instance, if a blockdag is used and blocks are mined many times a second, a solo miner with modest hash power could expect to see some rewards in a reasonable amount of time (perhaps a few days). This is the main reason I'm interested in blockdags.

@bitcartel

This comment has been minimized.

Show comment
Hide comment
@bitcartel

bitcartel Jun 6, 2018

Given economies of scale, there will probably only ever be a handful of competitive manufacturers who dominate.

Consider the market for memory chips which are built to an open specification.

image
https://www.statista.com/statistics/271726/global-market-share-held-by-dram-chip-vendors-since-2010/

When there are only a few players, its easy to collude:

Collusion also occurred, when smaller players were still in the market:

  • "Nine of ten chip makers have received substantial fines from the European Unions over four years of DRAM price fixing... Between 1998 and 2002 all the companies were in contact with each other secretly allowing them to fix the pricing on chip sales boosting profits, and stifling competition. That in turn led to manufacturers paying higher prices for the chips, and therefore consumers also paying more for products."
    https://www.geek.com/chips/eu-fines-nine-chip-makers-for-dram-price-fixing-1252231/

So the end result of this proposal may be no different than what we see with the SHA256 market.

bitcartel commented Jun 6, 2018

Given economies of scale, there will probably only ever be a handful of competitive manufacturers who dominate.

Consider the market for memory chips which are built to an open specification.

image
https://www.statista.com/statistics/271726/global-market-share-held-by-dram-chip-vendors-since-2010/

When there are only a few players, its easy to collude:

Collusion also occurred, when smaller players were still in the market:

  • "Nine of ten chip makers have received substantial fines from the European Unions over four years of DRAM price fixing... Between 1998 and 2002 all the companies were in contact with each other secretly allowing them to fix the pricing on chip sales boosting profits, and stifling competition. That in turn led to manufacturers paying higher prices for the chips, and therefore consumers also paying more for products."
    https://www.geek.com/chips/eu-fines-nine-chip-makers-for-dram-price-fixing-1252231/

So the end result of this proposal may be no different than what we see with the SHA256 market.

@DavidVorick

This comment has been minimized.

Show comment
Hide comment
@DavidVorick

DavidVorick Jun 6, 2018

So the end result of this proposal may be no different than what we see with the SHA256 market.

That's going to happen no matter what approach you take. A sha256 chip might see 5 or 6 viable competitors (like DRAM), a complicated equihash chip is more likely to only have 2. (like CPUs and GPUs).

It's important to understand where companies are able to build their moats, how they are able to keep startups and other competitors from entering the market, and understanding what needs to be done to minimize those forces. A simple algorithm with an obvious hardware implementation can weaken or eliminate a lot of the centralization strategies employed by companies like Intel and Nvidia, and where we can get a few easy wins, we should.

DavidVorick commented Jun 6, 2018

So the end result of this proposal may be no different than what we see with the SHA256 market.

That's going to happen no matter what approach you take. A sha256 chip might see 5 or 6 viable competitors (like DRAM), a complicated equihash chip is more likely to only have 2. (like CPUs and GPUs).

It's important to understand where companies are able to build their moats, how they are able to keep startups and other competitors from entering the market, and understanding what needs to be done to minimize those forces. A simple algorithm with an obvious hardware implementation can weaken or eliminate a lot of the centralization strategies employed by companies like Intel and Nvidia, and where we can get a few easy wins, we should.

@acityinohio

This comment has been minimized.

Show comment
Hide comment
@acityinohio

acityinohio Jun 6, 2018

Contributor

To add to @DavidVorick's point, it appears that the SHA256 market is indeed showing signs of a competitive resurgence, which is an argument in favor of a simpler PoW scheme IMHO:

https://www.coindesk.com/1999-gmo-reveals-details-of-its-new-7nm-bitcoin-miner/

Your point is well taken @bitcartel (and echoed by @jordanmack)—that with a limited number of hardware manufacturers, collusion becomes more probable, and monopolist or duopolist behavior might emerge. The crux of this proposal is an attempt to structurally engineer a competitive marketplace as possible, and reinforce it through open IP and collaborative hardware efforts.

Contributor

acityinohio commented Jun 6, 2018

To add to @DavidVorick's point, it appears that the SHA256 market is indeed showing signs of a competitive resurgence, which is an argument in favor of a simpler PoW scheme IMHO:

https://www.coindesk.com/1999-gmo-reveals-details-of-its-new-7nm-bitcoin-miner/

Your point is well taken @bitcartel (and echoed by @jordanmack)—that with a limited number of hardware manufacturers, collusion becomes more probable, and monopolist or duopolist behavior might emerge. The crux of this proposal is an attempt to structurally engineer a competitive marketplace as possible, and reinforce it through open IP and collaborative hardware efforts.

@prestwich

This comment has been minimized.

Show comment
Hide comment
@prestwich

prestwich Jun 6, 2018

It seems important to point out the distinction between ASIC manufacturer collusion, and ASIC operator (miner) collusion. We care about manufacturer collusion only as much as it causes miner collusion.

Miner collusion is easy when there are few manufacturers. You get vertically integrated companies like Bitmain, preferential pricing deals, and manufacturers colluding to fix prices and squeeze out new miners.

Miner collusion is hard when there are many competitive manufacturers because new miners can enter the market on even footing. Capex of new mining operations is lowered as manufacturer margins get trimmed. Miners compete on opex, rather than manufacturer capture.

It follows that we should bias towards algorithms that permit many manufacturers. This is how we prevent miner collusion. "Memory-hard" algorithms run on hardware which has been shown in practice for decades to permit few manufacturers. Nvidia has a slight leg up on AMD, and nobody else even tries. On the other hand, Double-SHA256 has an early mover (Bitmain), and upcoming competitors (Halong, GMO). Follows that we should avoid memory-hard algorithms, and research ways to create more easily commoditized ASICs.

prestwich commented Jun 6, 2018

It seems important to point out the distinction between ASIC manufacturer collusion, and ASIC operator (miner) collusion. We care about manufacturer collusion only as much as it causes miner collusion.

Miner collusion is easy when there are few manufacturers. You get vertically integrated companies like Bitmain, preferential pricing deals, and manufacturers colluding to fix prices and squeeze out new miners.

Miner collusion is hard when there are many competitive manufacturers because new miners can enter the market on even footing. Capex of new mining operations is lowered as manufacturer margins get trimmed. Miners compete on opex, rather than manufacturer capture.

It follows that we should bias towards algorithms that permit many manufacturers. This is how we prevent miner collusion. "Memory-hard" algorithms run on hardware which has been shown in practice for decades to permit few manufacturers. Nvidia has a slight leg up on AMD, and nobody else even tries. On the other hand, Double-SHA256 has an early mover (Bitmain), and upcoming competitors (Halong, GMO). Follows that we should avoid memory-hard algorithms, and research ways to create more easily commoditized ASICs.

@bitcartel

This comment has been minimized.

Show comment
Hide comment
@bitcartel

bitcartel Jun 6, 2018

It seems important to point out the distinction between ASIC manufacturer collusion, and ASIC operator (miner) collusion. We care about manufacturer collusion only as much as it causes miner collusion.

I think people also care about an oligopoly of manufacturers inserting backdoors and kill switches into the silicon.

bitcartel commented Jun 6, 2018

It seems important to point out the distinction between ASIC manufacturer collusion, and ASIC operator (miner) collusion. We care about manufacturer collusion only as much as it causes miner collusion.

I think people also care about an oligopoly of manufacturers inserting backdoors and kill switches into the silicon.

@bitcartel

This comment has been minimized.

Show comment
Hide comment
@bitcartel

bitcartel Jun 6, 2018

As revealed exclusively to CoinDesk today, however, Vorick intends to begin developing proof-of-work algorithms for new cryptocurrencies. That project, called Launchpad, expects teams developing new cryptocurrencies to hire Obelisk to design a custom proof-of-work algorithm as well as the ASIC hardware that works on that algorithm – all in secret.

Shortly before the coin launches, Obelisk will turn the ASICs over to the team behind the cryptocurrency, who will distribute the hardware to the community so that no one party controls too much mining power, and so that most of the mining power is held by small players.

https://www.coindesk.com/secret-asics-people-obelisk-reveals-plan-fight-big-miners/

So which is better?

  • Openly publish a simple PoW for all manufacturers to build on

  • Secretly develop a custom proof-of-work with ASICs manufactured by Obelisk (@DavidVorick's company)

bitcartel commented Jun 6, 2018

As revealed exclusively to CoinDesk today, however, Vorick intends to begin developing proof-of-work algorithms for new cryptocurrencies. That project, called Launchpad, expects teams developing new cryptocurrencies to hire Obelisk to design a custom proof-of-work algorithm as well as the ASIC hardware that works on that algorithm – all in secret.

Shortly before the coin launches, Obelisk will turn the ASICs over to the team behind the cryptocurrency, who will distribute the hardware to the community so that no one party controls too much mining power, and so that most of the mining power is held by small players.

https://www.coindesk.com/secret-asics-people-obelisk-reveals-plan-fight-big-miners/

So which is better?

  • Openly publish a simple PoW for all manufacturers to build on

  • Secretly develop a custom proof-of-work with ASICs manufactured by Obelisk (@DavidVorick's company)

@boxalex

This comment has been minimized.

Show comment
Hide comment
@boxalex

boxalex Jun 6, 2018

about: https://www.coindesk.com/secret-asics-people-obelisk-reveals-plan-fight-big-miners/

It sounds indeed interesting, and it’s maybe a niche he found but it raises again some general concerns in my opinion:

  • Will these units be good enough to compete with later competitors/manufactors? Or is it just a some time a given project safes until other Asic producers come and could make better and more Asic efficient miners?

  • I doubt he is doing that for free. Pretty sure this will cost the projects a good sum of money. I doubt obelisk will invest some 10M$ for R&D just in good faith and trust…

  • While in theory and on first read it sounded good on second read i immediatly thought about what if the devs/company just go hand in hand with obelisk? From not selling all hardware to the community up to having obelisk stealth mining… (including selling the miners intern only, selling them on highest bidder, selling them to friends or related groups, you name it)

  • Would such project not again somehow discourage smaller manufactors. In my opinion small manufctors would be discouraged that way as they could again not beat bitmain as exactly bitmain would be most likely to be the 2nd producer that can come up with the next miner again outperforming all others.

Just some thoughts, but why not, we will see how such projects work…

boxalex commented Jun 6, 2018

about: https://www.coindesk.com/secret-asics-people-obelisk-reveals-plan-fight-big-miners/

It sounds indeed interesting, and it’s maybe a niche he found but it raises again some general concerns in my opinion:

  • Will these units be good enough to compete with later competitors/manufactors? Or is it just a some time a given project safes until other Asic producers come and could make better and more Asic efficient miners?

  • I doubt he is doing that for free. Pretty sure this will cost the projects a good sum of money. I doubt obelisk will invest some 10M$ for R&D just in good faith and trust…

  • While in theory and on first read it sounded good on second read i immediatly thought about what if the devs/company just go hand in hand with obelisk? From not selling all hardware to the community up to having obelisk stealth mining… (including selling the miners intern only, selling them on highest bidder, selling them to friends or related groups, you name it)

  • Would such project not again somehow discourage smaller manufactors. In my opinion small manufctors would be discouraged that way as they could again not beat bitmain as exactly bitmain would be most likely to be the 2nd producer that can come up with the next miner again outperforming all others.

Just some thoughts, but why not, we will see how such projects work…

@DavidVorick

This comment has been minimized.

Show comment
Hide comment
@DavidVorick

DavidVorick Jun 6, 2018

The general idea behind launchpad is that the first-mover for ASICs is going to have a hardware monopoly regardless. Especially for smaller projects, it's basically guaranteed that the coin will go through a phase where exactly one manufacturer is making hardware, and most of the manufacturers out there today are very clearly aligned towards profit, vertical integration, secrecy, and centralization as opposed to more open ideals.

If you are going to be saddled with that anyway, you might as well choose which manufacturer gets to be first to market, and you might as well choose a manufacturer with a strong reputation for transparency, open-ness, and being coin focused.

Most early coins can only support a single ASIC manufacturer. As we saw with Sia and Decred, it's very foolish for a startup to go after an early coin, because the execution risk is immense. Zcash is in a bit of a stronger position actually. Zcash block rewards are high enough that it's reasonable to fathom 2 or 3 manufacturers making hardware if you announce a fork date with 12 months lead time. The block rewards are high enough to support multiple tape-outs. But you still aren't likely to see any of them open-source the hardware, and you are likely to see them forming preferential deals with mining farms of larger scale and better connections. I'm not sure if Launchpad is the right choice for Zcash, the key factor there absolutely being the heavy scale of the Zcash block reward.

Obelisk's preferred margin is 20% of the hashrate. We do everything at cost, then we keep some of the hashrate for ourselves. Other forms of profit-taking are negotiable, we don't have to follow that model if that's not what is preferred. Obelisk does not provide the $10mm, the developers (or investors for the developers) do. Everybody is comfortable with something different, and we are willing to be flexible based on that.

A 22nm ASIC will be within 3x of what a 7nm ASIC is capable of. It'll be able to be made obsolete the same way that the S9 made the S7 obsolete - that is, many people continued mining them even a year after it was no longer worth manufacturing more. If you have the capital, we can make a 7nm ASIC as well, and it will be within reasonable distance of what Bitmain can achieve (because the algorithm is simple and obvious to implement in hardware).

DavidVorick commented Jun 6, 2018

The general idea behind launchpad is that the first-mover for ASICs is going to have a hardware monopoly regardless. Especially for smaller projects, it's basically guaranteed that the coin will go through a phase where exactly one manufacturer is making hardware, and most of the manufacturers out there today are very clearly aligned towards profit, vertical integration, secrecy, and centralization as opposed to more open ideals.

If you are going to be saddled with that anyway, you might as well choose which manufacturer gets to be first to market, and you might as well choose a manufacturer with a strong reputation for transparency, open-ness, and being coin focused.

Most early coins can only support a single ASIC manufacturer. As we saw with Sia and Decred, it's very foolish for a startup to go after an early coin, because the execution risk is immense. Zcash is in a bit of a stronger position actually. Zcash block rewards are high enough that it's reasonable to fathom 2 or 3 manufacturers making hardware if you announce a fork date with 12 months lead time. The block rewards are high enough to support multiple tape-outs. But you still aren't likely to see any of them open-source the hardware, and you are likely to see them forming preferential deals with mining farms of larger scale and better connections. I'm not sure if Launchpad is the right choice for Zcash, the key factor there absolutely being the heavy scale of the Zcash block reward.

Obelisk's preferred margin is 20% of the hashrate. We do everything at cost, then we keep some of the hashrate for ourselves. Other forms of profit-taking are negotiable, we don't have to follow that model if that's not what is preferred. Obelisk does not provide the $10mm, the developers (or investors for the developers) do. Everybody is comfortable with something different, and we are willing to be flexible based on that.

A 22nm ASIC will be within 3x of what a 7nm ASIC is capable of. It'll be able to be made obsolete the same way that the S9 made the S7 obsolete - that is, many people continued mining them even a year after it was no longer worth manufacturing more. If you have the capital, we can make a 7nm ASIC as well, and it will be within reasonable distance of what Bitmain can achieve (because the algorithm is simple and obvious to implement in hardware).

@bitcartel

This comment has been minimized.

Show comment
Hide comment
@bitcartel

bitcartel Jun 6, 2018

Obelisk's preferred margin is 20% of the hashrate. We do everything at cost, then we keep some of the hashrate for ourselves. Other forms of profit-taking are negotiable, we don't have to follow that model if that's not what is preferred. Obelisk does not provide the $10mm, the developers (or investors for the developers) do.

So the basic pricing model is that Obelisk charges $10 million and also gets 20% of the hashrate from the initial batch?

bitcartel commented Jun 6, 2018

Obelisk's preferred margin is 20% of the hashrate. We do everything at cost, then we keep some of the hashrate for ourselves. Other forms of profit-taking are negotiable, we don't have to follow that model if that's not what is preferred. Obelisk does not provide the $10mm, the developers (or investors for the developers) do.

So the basic pricing model is that Obelisk charges $10 million and also gets 20% of the hashrate from the initial batch?

@jordanmack

This comment has been minimized.

Show comment
Hide comment
@jordanmack

jordanmack Jun 7, 2018

if a blockdag is used and blocks are mined many times a second, a solo miner with modest hash power could expect to see some rewards in a reasonable amount of time (perhaps a few days).

@joshmh This is exactly what ZenCash is doing with their Spectre research partnership with IOHK. This could eliminate the absolute necessity of pools for small mining operations and lead to much higher decentralization.

It seems important to point out the distinction between ASIC manufacturer collusion, and ASIC operator (miner) collusion. We care about manufacturer collusion only as much as it causes miner collusion. Miner collusion is easy when there are few manufacturers. You get vertically integrated companies like Bitmain, preferential pricing deals, and manufacturers colluding to fix prices and squeeze out new miners.

@prestwich It's also important to point out that this may have happened during the GPU shortage of 2017. I have a source that informed me that GPU manufacturers cut deals with certain large scale mining operations which gave them a 6 month lead on the rest of the industry.

I think people also care about an oligopoly of manufacturers inserting backdoors and kill switches into the silicon.

@bitcartel Any type of backdoor or kill switch should be of concern, but mitigation of this is difficult. They can exist in any CPU or the firmware of a peripheral device. IMO the danger is compromise of a backdoor by a malicious party, not the manufacturer themselves. If a manufacturer was to maliciously use backdoors they would risk discovery, and destroy their market reputation.

So which is better?
Openly publish a simple PoW for all manufacturers to build on
Secretly develop a custom proof-of-work with ASICs manufactured by Obelisk (DavidVorick's company)

@bitcartel Monopoly vs monopoly. I'd like to see a few more options here. 😛

jordanmack commented Jun 7, 2018

if a blockdag is used and blocks are mined many times a second, a solo miner with modest hash power could expect to see some rewards in a reasonable amount of time (perhaps a few days).

@joshmh This is exactly what ZenCash is doing with their Spectre research partnership with IOHK. This could eliminate the absolute necessity of pools for small mining operations and lead to much higher decentralization.

It seems important to point out the distinction between ASIC manufacturer collusion, and ASIC operator (miner) collusion. We care about manufacturer collusion only as much as it causes miner collusion. Miner collusion is easy when there are few manufacturers. You get vertically integrated companies like Bitmain, preferential pricing deals, and manufacturers colluding to fix prices and squeeze out new miners.

@prestwich It's also important to point out that this may have happened during the GPU shortage of 2017. I have a source that informed me that GPU manufacturers cut deals with certain large scale mining operations which gave them a 6 month lead on the rest of the industry.

I think people also care about an oligopoly of manufacturers inserting backdoors and kill switches into the silicon.

@bitcartel Any type of backdoor or kill switch should be of concern, but mitigation of this is difficult. They can exist in any CPU or the firmware of a peripheral device. IMO the danger is compromise of a backdoor by a malicious party, not the manufacturer themselves. If a manufacturer was to maliciously use backdoors they would risk discovery, and destroy their market reputation.

So which is better?
Openly publish a simple PoW for all manufacturers to build on
Secretly develop a custom proof-of-work with ASICs manufactured by Obelisk (DavidVorick's company)

@bitcartel Monopoly vs monopoly. I'd like to see a few more options here. 😛

@DavidVorick

This comment has been minimized.

Show comment
Hide comment
@DavidVorick

DavidVorick Jun 7, 2018

So the basic pricing model is that Obelisk charges $10 million and also gets 20% of the hashrate from the initial batch?

The pricing is flexible, but we have to make profit somewhere. If we aren't allowed to keep 20% of the hashrate we make, we'll have to increase the ticket price because $10 million to bring a 22nm chip to market really doesn't leave anything for us, even at dirt cheap prices.

@bitcartel Monopoly vs monopoly. I'd like to see a few more options here. stuck_out_tongue

Most coins can't afford to pre-pay multiple manfuacturers, because that $10m price is per-manufacturer. For Zcash though, the block reward is large enough that there actually is enough room for multiple manufacturers, potentially even at the 7nm level. And, as long as you give enough R&D lead time, you don't have to worry about keeping the algorithm secret either, just make sure that the hardfork date is sufficiently far in the future that everyone can have machines ready to go when the fork triggers.

The risk you run there is that someone like Bitmain goes ahead and produces enough hardware to make sure that nobody is profitable, sells it off by flooding a la how they did with Dash and Sia, and then also has specs that are 20-30% better than everyone else because they have the resources to go and chase optimizations that nobody else can afford to. (even on a sha256 chip those types of optimizations exist). If you keep the algorithm private, you can do a controlled start that makes sure your diverse manufacturers at least break even on the hardware that gets produced, if it's a completely open start there's a risk that some of your manufacturers end up with craters in their pockets.

@joshmh This is exactly what ZenCash is doing with their Spectre research partnership with IOHK. This could eliminate the absolute necessity of pools for small mining operations and lead to much higher decentralization.

DAGs I'd say are off topic here, but I'll drop a link to my two favorite DAG papers. Fair warning about DAGs, the vast majority of them are complete garbage, though they are really cool and I really do think are superior to the standard nakamoto consensus.

http://fc15.ifca.ai/preproceedings/paper_101.pdf

https://eprint.iacr.org/2013/881.pdf

@prestwich It's also important to point out that this may have happened during the GPU shortage of 2017. I have a source that informed me that GPU manufacturers cut deals with certain large scale mining operations which gave them a 6 month lead on the rest of the industry.

Also worth noting that there are fewer GPU manufacturers than there are sha256d chip manufacturers. And the margins on those GPU chips are very high - if Nvidia for example decided to start mining Zcash or Ethereum (and also Zcash and Ethereum were properly ASIC-resistant), they would be able to do so at probably around half of the capex of other mining farms, simply because they don't have to pay their own margins when buying chips. That would centralize mining under the existing giants very quickly.

This is also a concern with Intel actually. Intel owns their own foundries. If Intel decides to start mining, they don't have to pay foundry margins either, and they also get the benefit that their process technology is just simply 15%+ better than everyone else, meaning Intel would likely have the best and cheapest chips. Though, I don't think Intel would be able to compete with the datacenters in terms of electricity cost.

DavidVorick commented Jun 7, 2018

So the basic pricing model is that Obelisk charges $10 million and also gets 20% of the hashrate from the initial batch?

The pricing is flexible, but we have to make profit somewhere. If we aren't allowed to keep 20% of the hashrate we make, we'll have to increase the ticket price because $10 million to bring a 22nm chip to market really doesn't leave anything for us, even at dirt cheap prices.

@bitcartel Monopoly vs monopoly. I'd like to see a few more options here. stuck_out_tongue

Most coins can't afford to pre-pay multiple manfuacturers, because that $10m price is per-manufacturer. For Zcash though, the block reward is large enough that there actually is enough room for multiple manufacturers, potentially even at the 7nm level. And, as long as you give enough R&D lead time, you don't have to worry about keeping the algorithm secret either, just make sure that the hardfork date is sufficiently far in the future that everyone can have machines ready to go when the fork triggers.

The risk you run there is that someone like Bitmain goes ahead and produces enough hardware to make sure that nobody is profitable, sells it off by flooding a la how they did with Dash and Sia, and then also has specs that are 20-30% better than everyone else because they have the resources to go and chase optimizations that nobody else can afford to. (even on a sha256 chip those types of optimizations exist). If you keep the algorithm private, you can do a controlled start that makes sure your diverse manufacturers at least break even on the hardware that gets produced, if it's a completely open start there's a risk that some of your manufacturers end up with craters in their pockets.

@joshmh This is exactly what ZenCash is doing with their Spectre research partnership with IOHK. This could eliminate the absolute necessity of pools for small mining operations and lead to much higher decentralization.

DAGs I'd say are off topic here, but I'll drop a link to my two favorite DAG papers. Fair warning about DAGs, the vast majority of them are complete garbage, though they are really cool and I really do think are superior to the standard nakamoto consensus.

http://fc15.ifca.ai/preproceedings/paper_101.pdf

https://eprint.iacr.org/2013/881.pdf

@prestwich It's also important to point out that this may have happened during the GPU shortage of 2017. I have a source that informed me that GPU manufacturers cut deals with certain large scale mining operations which gave them a 6 month lead on the rest of the industry.

Also worth noting that there are fewer GPU manufacturers than there are sha256d chip manufacturers. And the margins on those GPU chips are very high - if Nvidia for example decided to start mining Zcash or Ethereum (and also Zcash and Ethereum were properly ASIC-resistant), they would be able to do so at probably around half of the capex of other mining farms, simply because they don't have to pay their own margins when buying chips. That would centralize mining under the existing giants very quickly.

This is also a concern with Intel actually. Intel owns their own foundries. If Intel decides to start mining, they don't have to pay foundry margins either, and they also get the benefit that their process technology is just simply 15%+ better than everyone else, meaning Intel would likely have the best and cheapest chips. Though, I don't think Intel would be able to compete with the datacenters in terms of electricity cost.

@acityinohio

This comment has been minimized.

Show comment
Hide comment
@acityinohio

acityinohio Jun 7, 2018

Contributor

Really appreciate the discussion here everyone; this is exactly what I wanted to see coming from this proposal. 🙌

Wanted to highlight one of the things that @DavidVorick mentioned in his last reply that I think is crucial:

And, as long as you give enough R&D lead time, you don't have to worry about keeping the algorithm secret either, just make sure that the hardfork date is sufficiently far in the future that everyone can have machines ready to go when the fork triggers.

Combined with an open hardware spec and encouraged collaboration, IMHO it's this inherent delay that offers the best chance at a competitive manufacturer market at hard fork date; regardless of whether the Foundation or Company partners with a particular manufacturer to start. And despite the risks of this approach (e.g. Bitmain/others chasing crazy optimizations) outlined by @DavidVorick, I'm not sure I'd want the Foundation to operate secretly in something so prominent as a point of policy.

I also tend to agree that AMD/Nvidia have a duopoly on GPU mining, and Intel/AMD have a duopoly on general compute (at least with x86), and that long term they will take advantage.

Contributor

acityinohio commented Jun 7, 2018

Really appreciate the discussion here everyone; this is exactly what I wanted to see coming from this proposal. 🙌

Wanted to highlight one of the things that @DavidVorick mentioned in his last reply that I think is crucial:

And, as long as you give enough R&D lead time, you don't have to worry about keeping the algorithm secret either, just make sure that the hardfork date is sufficiently far in the future that everyone can have machines ready to go when the fork triggers.

Combined with an open hardware spec and encouraged collaboration, IMHO it's this inherent delay that offers the best chance at a competitive manufacturer market at hard fork date; regardless of whether the Foundation or Company partners with a particular manufacturer to start. And despite the risks of this approach (e.g. Bitmain/others chasing crazy optimizations) outlined by @DavidVorick, I'm not sure I'd want the Foundation to operate secretly in something so prominent as a point of policy.

I also tend to agree that AMD/Nvidia have a duopoly on GPU mining, and Intel/AMD have a duopoly on general compute (at least with x86), and that long term they will take advantage.

@jordanmack

This comment has been minimized.

Show comment
Hide comment
@jordanmack

jordanmack Jun 8, 2018

@DavidVorick

if Nvidia for example decided to start mining Zcash or Ethereum (and also Zcash and Ethereum were properly ASIC-resistant), they would be able to do so at probably around half of the capex of other mining farms, simply because they don't have to pay their own margins when buying chips.

If nVidia or AMD wanted to move into mining ASICs they could do so fairly easily. IMO the reason they have not entered the space is because there is limited benefit. They are selling their GPUs as fast as they can make them, and at a premium. In the past they've seen the mining markets capitulate repeatedly, so the investment may not be worth the gamble.

@acityinohio

Combined with an open hardware spec and encouraged collaboration, IMHO it's this inherent delay that offers the best chance at a competitive manufacturer market at hard fork date; regardless of whether the Foundation or Company partners with a particular manufacturer to start. And despite the risks of this approach (e.g. Bitmain/others chasing crazy optimizations) outlined by @DavidVorick, I'm not sure I'd want the Foundation to operate secretly in something so prominent as a point of policy.

I see the operating openly as being an important aspect to any decentralization policy. If it's developed in secret and released to a single manufacturer for an intentional monopoly, it is operating in a traditional centralized model. While I see the obvious benefits from a business perspective, it seems that an important aspect of decentralization is lost. The basis for PoW is economic competition, but this is intentionally anti-competitive.

I've also considered that policy viewpoints are a red herring in the overall picture. If policy is enough to make or break the PoW system then it may be flawed to begin with. If you are ultimately forced to rely on external trust factors, then why even use PoW?

@acityinohio

I also tend to agree that AMD/Nvidia have a duopoly on GPU mining, and Intel/AMD have a duopoly on general compute (at least with x86), and that long term they will take advantage.

Due to the subtle differences between algorithms in PoW GPU mining, certain chips have historically had clear advantages. In the early Bitcoin days AMD had a clear advantage in SHA256 GPU mining. With Ethereum (Ethash) the AMD chips again dominated in 2016/2017. With Zcash (Equihash) nVidia is the dominant chip. You could argue that single manufacturers already have monopolies over certain coins.

jordanmack commented Jun 8, 2018

@DavidVorick

if Nvidia for example decided to start mining Zcash or Ethereum (and also Zcash and Ethereum were properly ASIC-resistant), they would be able to do so at probably around half of the capex of other mining farms, simply because they don't have to pay their own margins when buying chips.

If nVidia or AMD wanted to move into mining ASICs they could do so fairly easily. IMO the reason they have not entered the space is because there is limited benefit. They are selling their GPUs as fast as they can make them, and at a premium. In the past they've seen the mining markets capitulate repeatedly, so the investment may not be worth the gamble.

@acityinohio

Combined with an open hardware spec and encouraged collaboration, IMHO it's this inherent delay that offers the best chance at a competitive manufacturer market at hard fork date; regardless of whether the Foundation or Company partners with a particular manufacturer to start. And despite the risks of this approach (e.g. Bitmain/others chasing crazy optimizations) outlined by @DavidVorick, I'm not sure I'd want the Foundation to operate secretly in something so prominent as a point of policy.

I see the operating openly as being an important aspect to any decentralization policy. If it's developed in secret and released to a single manufacturer for an intentional monopoly, it is operating in a traditional centralized model. While I see the obvious benefits from a business perspective, it seems that an important aspect of decentralization is lost. The basis for PoW is economic competition, but this is intentionally anti-competitive.

I've also considered that policy viewpoints are a red herring in the overall picture. If policy is enough to make or break the PoW system then it may be flawed to begin with. If you are ultimately forced to rely on external trust factors, then why even use PoW?

@acityinohio

I also tend to agree that AMD/Nvidia have a duopoly on GPU mining, and Intel/AMD have a duopoly on general compute (at least with x86), and that long term they will take advantage.

Due to the subtle differences between algorithms in PoW GPU mining, certain chips have historically had clear advantages. In the early Bitcoin days AMD had a clear advantage in SHA256 GPU mining. With Ethereum (Ethash) the AMD chips again dominated in 2016/2017. With Zcash (Equihash) nVidia is the dominant chip. You could argue that single manufacturers already have monopolies over certain coins.

@trustfarm-dev

This comment has been minimized.

Show comment
Hide comment
@trustfarm-dev

trustfarm-dev Jun 8, 2018

https://forum.z.cash/t/let-s-talk-about-asic-mining/27353/3335?u=trustfarm-dev

I've mentioned shortly.

"I think on this time hard fork to A(144,5) 704MB and ready for next hard fork in further future A(192,7) 4.2GB plan is better strategy."

It means now Asic miner is so abrupt and miner provider's are almost monopoly,
So, Now We need a time , for 1~2 years.

Finally, Zcash also move to PoW and POS hybrid mode or any newer fantastic consensus algorithm.
But, Now most of miner's and other's not ready to adapts newone.

Basically, make strategies for Preventing ASIC first way. until complete more good way of mining decentralization and miner provider decentralizations.

if PoW will go on, We never preventing ASIC or FPGA. but several provider's on the market.
then GPU is migrated to ASIC / FPGA Slow slope. and It will prevent decentralization of mining.

I think OpenSource / Open Specification , any who provider mining devices who run company sell miners.

But, Now, ASIC miner providing company is so dominant and Stiff change to GPU investors to failed to get reward for PoW blockchain security contributions.

So, I mean make a some time. until newer good ways comeout.

trustfarm-dev commented Jun 8, 2018

https://forum.z.cash/t/let-s-talk-about-asic-mining/27353/3335?u=trustfarm-dev

I've mentioned shortly.

"I think on this time hard fork to A(144,5) 704MB and ready for next hard fork in further future A(192,7) 4.2GB plan is better strategy."

It means now Asic miner is so abrupt and miner provider's are almost monopoly,
So, Now We need a time , for 1~2 years.

Finally, Zcash also move to PoW and POS hybrid mode or any newer fantastic consensus algorithm.
But, Now most of miner's and other's not ready to adapts newone.

Basically, make strategies for Preventing ASIC first way. until complete more good way of mining decentralization and miner provider decentralizations.

if PoW will go on, We never preventing ASIC or FPGA. but several provider's on the market.
then GPU is migrated to ASIC / FPGA Slow slope. and It will prevent decentralization of mining.

I think OpenSource / Open Specification , any who provider mining devices who run company sell miners.

But, Now, ASIC miner providing company is so dominant and Stiff change to GPU investors to failed to get reward for PoW blockchain security contributions.

So, I mean make a some time. until newer good ways comeout.

@DavidVorick

This comment has been minimized.

Show comment
Hide comment
@DavidVorick

DavidVorick Jun 9, 2018

If nVidia or AMD wanted to move into mining ASICs they could do so fairly easily. IMO the reason they have not entered the space is because there is limited benefit. They are selling their GPUs as fast as they can make them, and at a premium. In the past they've seen the mining markets capitulate repeatedly, so the investment may not be worth the gamble.

This more or less matches my understanding as well. Entering mining is currently risky, the industry has only been "high value" for a little while, and as far as the bigger companies are concerned, it's not even that high value. They'd rather (at least for now) earn margins by selling the rigs as opposed to running them.

Though there's another component. If one of the major GPU manufacturers were mining themselves, would we know? Would it be advantageous for them to disclose that, or would it be safer to operate in secret, not letting people realize that there's another player in the market with an extremely unfair advantage?

DavidVorick commented Jun 9, 2018

If nVidia or AMD wanted to move into mining ASICs they could do so fairly easily. IMO the reason they have not entered the space is because there is limited benefit. They are selling their GPUs as fast as they can make them, and at a premium. In the past they've seen the mining markets capitulate repeatedly, so the investment may not be worth the gamble.

This more or less matches my understanding as well. Entering mining is currently risky, the industry has only been "high value" for a little while, and as far as the bigger companies are concerned, it's not even that high value. They'd rather (at least for now) earn margins by selling the rigs as opposed to running them.

Though there's another component. If one of the major GPU manufacturers were mining themselves, would we know? Would it be advantageous for them to disclose that, or would it be safer to operate in secret, not letting people realize that there's another player in the market with an extremely unfair advantage?

@bitcartel

This comment has been minimized.

Show comment
Hide comment
@bitcartel

bitcartel Jun 9, 2018

If one of the major GPU manufacturers were mining themselves, would we know? Would it be advantageous for them to disclose that, or would it be safer to operate in secret, not letting people realize that there's another player in the market with an extremely unfair advantage?

Yes, we would probably know, as most of the major manufacturers are public companies (listed on a stock exchange) which makes it difficult (perhaps illegal) for officers of the company to hide a secret mining operation from investors, auditors, board of directors, etc.

bitcartel commented Jun 9, 2018

If one of the major GPU manufacturers were mining themselves, would we know? Would it be advantageous for them to disclose that, or would it be safer to operate in secret, not letting people realize that there's another player in the market with an extremely unfair advantage?

Yes, we would probably know, as most of the major manufacturers are public companies (listed on a stock exchange) which makes it difficult (perhaps illegal) for officers of the company to hide a secret mining operation from investors, auditors, board of directors, etc.

@boxalex

This comment has been minimized.

Show comment
Hide comment
@boxalex

boxalex Jun 9, 2018

Yes, we would probably know, as most of the major manufacturers are public companies (listed on a stock exchange) which makes it difficult (perhaps illegal) for officers of the company to hide a secret mining operation from investors, auditors, board of directors, etc.

Actually that's not how it works in bigger corporations/companies that are public.
Only the board of directors would initially know, investors/share holders, officers and audit eventually at a way later stage.

First of all IF they would setup some mining operation like that it wouldn't be under Nvida directly, makes no sense and that's the reason they (bigger companies) outsource or make sperate companies for a given task. "All" they had to do is to finance a sister company with some millions and write in the Books/Papers something like "Invetement into Blockchain Research", "Testing Facility", whatever and it would be mostly for longer be hidden. Not even talking making it a private company without capital from investors/share holders..... It would take ages to find out ....

Such facilty most likely would be based in china again in my opinion which wouldn't make things more easy to discover. There are soo many examples on big companies doing something without the direct knowledge of Investors/share holders/audit or disguise it so good that it's hard to find out. Normally such "more secret operations" are found out if it's against some law (see Facebook, VW/Audi, for example) while as long as it's law confirm nobody is even on the tracks of the bigger companies......

Just theory and my opinion....

boxalex commented Jun 9, 2018

Yes, we would probably know, as most of the major manufacturers are public companies (listed on a stock exchange) which makes it difficult (perhaps illegal) for officers of the company to hide a secret mining operation from investors, auditors, board of directors, etc.

Actually that's not how it works in bigger corporations/companies that are public.
Only the board of directors would initially know, investors/share holders, officers and audit eventually at a way later stage.

First of all IF they would setup some mining operation like that it wouldn't be under Nvida directly, makes no sense and that's the reason they (bigger companies) outsource or make sperate companies for a given task. "All" they had to do is to finance a sister company with some millions and write in the Books/Papers something like "Invetement into Blockchain Research", "Testing Facility", whatever and it would be mostly for longer be hidden. Not even talking making it a private company without capital from investors/share holders..... It would take ages to find out ....

Such facilty most likely would be based in china again in my opinion which wouldn't make things more easy to discover. There are soo many examples on big companies doing something without the direct knowledge of Investors/share holders/audit or disguise it so good that it's hard to find out. Normally such "more secret operations" are found out if it's against some law (see Facebook, VW/Audi, for example) while as long as it's law confirm nobody is even on the tracks of the bigger companies......

Just theory and my opinion....

@autotunafish

This comment has been minimized.

Show comment
Hide comment
@autotunafish

autotunafish Jun 10, 2018

I greatly look forward to the results of the research committed to "ASIC resistance: advantages, disadvantages and potential implementation paths" as stated (the mining research was very informative), for I feel without it, we dont know if its the just path and cannot procede, in so as such de lege ferenda, ex aequo et bono. Ergo, delegatus non potest delegare

autotunafish commented Jun 10, 2018

I greatly look forward to the results of the research committed to "ASIC resistance: advantages, disadvantages and potential implementation paths" as stated (the mining research was very informative), for I feel without it, we dont know if its the just path and cannot procede, in so as such de lege ferenda, ex aequo et bono. Ergo, delegatus non potest delegare

@trustfarm-dev

This comment has been minimized.

Show comment
Hide comment
@trustfarm-dev

trustfarm-dev commented on 1a05eca Jun 12, 2018

Thumb up

@acityinohio acityinohio merged commit e5d2194 into ZcashFoundation:master Jun 14, 2018

@howardscottj

This comment has been minimized.

Show comment
Hide comment
@howardscottj

howardscottj Jun 27, 2018

@acityinohio I see lots of alignment with this proposal and the one ePIC submitted. As an ASIC Design House we are keen to contribute our hardware design expertise to the communities debate on how to deliver the most secure, decentralized and scalable PoW hardware solution. I am just looking for direction on how to be most useful. Thanks

howardscottj commented Jun 27, 2018

@acityinohio I see lots of alignment with this proposal and the one ePIC submitted. As an ASIC Design House we are keen to contribute our hardware design expertise to the communities debate on how to deliver the most secure, decentralized and scalable PoW hardware solution. I am just looking for direction on how to be most useful. Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment