ASIC resistance

[tarrenj]

Bitmain will begin shipping the Z9 Equihash miner soon. Let's use this thread to discuss ASIC resistance: Is it something we want to spend the time/resources to continue, or should we embrace ASICs? Staying ASIC resistant will likely require multiple updates in the future as ASICs progress, and would currently require updates to the core software, pool software, and mining software.

X16R and MTP have been mentioned several times, though the specifics of them have not yet been investigated: https://github.com/zcoinofficial/zcoin/wiki/What-is-MTP-(Merkle-Tree-Proof)-and-why-is-it-an-ideal-Proof-of-Work-algorithm%3F https://github.com/ethereum/EIPs/files/1861292/X16R-Whitepaper.pdf

NeoScrypt is another interesting option, again, it has not been investigated as a potential Equihash replacement for ZenCash: https://github.com/ghostlander/NeoScrypt

Interesting information: https://github.com/ethereum/EIPs/issues/958 https://forum.z.cash/t/let-s-talk-about-asic-mining/27353 https://github.com/ZcashFoundation/Elections/pull/1 https://github.com/amiller/Elections/commit/d0820571a359f682e519d89375dc162570361cd2 https://github.com/BTCGPU/BTCGPU/issues/308

There is also interesting discussion taking place in the #general and #mining channels of the ZenCash Discord: https://discord.gg/zTd7C5

This is not a ZenIP, just a thread to continue the discussion. Please ignore typos until I can edit them out, as I'm on my phone...

[nikmit]

I'm not a part of the development team but for what it's worth will share what I think. The thread on the z.cash forum is very good and I generally agree with the first few posts in there that ASICs are bad news. I hope ZEN will manage to remain ASIC-resistant. It is a valid point however that in the long term this will require a substantial amount of development effort - so may be moving to an alternate algo is worth considering as an alternative. My personal opinion is that in the long term PoW will die away as a wasteful algorithm and will be replaced by better ones; that said ZEN should aim for stability above all and be very careful about changing core parts of the system.

[elkimek]

I say fork it until ASIC producement is a little bit less centralized. There are good prospects with Samsung and when ASIC-market situation is better, we can fork back to ASIC algorithms for networks security and sustainability.

[tarrenj]

I say fork it until ASIC producement is a little bit less centralized. There are good prospects with Samsung and when ASIC-market situation is better, we can fork back to ASIC algorithms for networks security and sustainability.

We likely wouldn't need another fork, to enable it, we could just change our official stance and stop actively working to maintain our resistance.

[zapv0lt]

i suggest changing equihash params to use more RAM - they have suggested 144,5 on the zcash ASIC thread - https://forum.z.cash/t/let-s-talk-about-asic-mining/27353/70.

i think it will be much harder to develop an ASIC with large amounts of RAM, and parameters can also be updated again later as GPUs get more RAM

[tarrenj]

@Zapv0lt, ZeroCoin uses different Equihash params, however they also have many other changes, block header size for example. More research is needed to see if this would be a drop-in replacement, or if it would require multiple changes. Taking a look at https://github.com/zcash/zcash/issues/2715 and the referenced issues would provide some insight.

[VoskCoin]

Personally I would like to see an algorithm adjustment, even scheduling regular adjustments quarterly. This would severely diminish the interest in ASIC R&D for ZenCash, even small changes should be enough to ensure that a firmware update for an ASIC miner would not be sufficient. Cryptonight heavy and cryptonightv7 would be great cases to review as they have most recently tackled this issue.

An important note is that when XMR changed their algorithm their network hashrate dropped over 80%, in a very short period that % of their network was overtaken by these miners and thus proves the potential threat that they could be.

Full disclosure I am a GPU Miner, but I also periodically have ASIC miners and even ordered this Z9 as ZenCash is my favorite project and no matter what direction is chosen I'd like to continue to acquire Zen.

While GPU mining is not perfect and not entirely decentralized it is massively more-so than ASIC miners (almost entirely produced by one central entity ->Bitmain)

I also created a livestream on the VoskCoin YT channel about this miner / potential impact

https://www.youtube.com/watch?v=vnbkbbu6z2Q

[A-RK6]

This new miner is either an FPGA with on board RAM (quite likely) or a full blown ASIC with some kind of very fancy (and expensive) linked memory module. If it's an FPGA we're dealing with, finding an algorithm that you couldn't just reprogram the FPGA to mine will be extremely difficult. If it's an ASIC, the task of creating some kind of incompatibility by modifying or switching algo's would obviously be considerably easier.

Problem is, we have no technical specs for the Z9 so we could potentially put a load of effort into something that would only take a few days to reconfigure the Z9 to mine...

So I think we should spend some time trying to figure out what we're actually up against before trying to formulate a plan.

[tarrenj]

@A-RK6 Great point. If we decide to maintain our ASCI resistance we'll need to understand the Z9 better to accurately resist it. Changing the EH params might not be sufficient...

Does anyone have any more information on the Z9, or any ideas on how to get it?

[Sto1cNate]

As much as I do like the benefits ASICs can bring to help solve problems of block time variance and a few other benefits, I have a hard time making those pros out weight the giant con of a single manufacturer and distributor having so much control and influence. A new, unique to zen algorithm could also bring some nice attention to ZenCash as a project committed to decentralization. Don't we aim to be the most decentralized crypto? Maybe we can attract all the GPU hash power from Zcash? This is a very difficult problem that needs some serious thought into finding a long term solution. It has me thinking of closing down one of my secure nodes just to secure one of these ASICs as my GPUs will no longer be profitable for my power costs.

Full disclosure for myself. I run a small mining operation at home. Just sold off a 6 card 1070 rig and was recently shafted by Zotac in failing to deliver a 12 card order of 1070tis from an order in January. Now looking to expand and upgrade to many 12 card 1170 rigs when they are released this summer. I run many secure nodes and am looking to add at least one super node this summer. All my mining and node income goes back into the network to expand on nodes.

[elkimek]

@tarrenj My friends who are ASIC and GPU engineers can be very helpful with that matter. They are also working on new algo which might be difficult for ASICs to adapt. I've just connected them with Rolf via mail. Let's be little bit patient I have good faith with these guys, they can actually help.

[blockops1]

For large decisions that can have significant effects, I like to do a worst case/best case exercise. Identify the worst outcome of a decision, and balance it against the best case of the decision. It helps to actually quantify things in doing this as well.

Furthermore, part of this decision should be reviewing what the goals of the ZenCash project are and how the decisions to be made are consistent with the goals.

There are people making hardware purchasing decisions about this, and if too much of the entrenched hashrate comes from miners running ZenCash ASIC's then over time there will be a group of people wanting to maintain that hashrate. Making a decision on the direction to go is something that should be made withing a reasonable time period.

Choices under discussion so far that I have seen:

• Do not change ZenCash Equihash algorithm
• Modify the ZenCash Equihash algorithm to require more memory by changing parameters
• Change the ZenCash algorithm to a different one already in use
• Change the ZenCash algorithm to a completely new one

One of the things I have noticed as a cryptocurrency miner is that the cryptocurrency that is the first to have a new algorithm in many cases becomes the lead of that mining class. It may be because the ones that have their own algorithms also have developers that continue to create and improve the cryptocurrency, so it may be more due to the long term effect of active developers, and the same effect could be obtained by continued active development on the project.

[blockops1]

Some of the best discussion I have seen on the zcash github is in this issue https://github.com/zcash/zcash/issues/1211

[blockops1]

@bitcartel created a branch of zcash that allows for testing of different Equihash parameters, which would probably be useful to review. I will quote what he said in that zcash issue: ----begin quote

To help answer this ticket, I spent a few hours on the weekend and have a prototype based on v1.1.0-rc1 which allows equihash parameters to be changed for each network upgrade.

The code is in commit bitcartel/zcash@02397b6 on my branch here: https://github.com/bitcartel/zcash/tree/equihash_upgrade_parameters

Here is the output of solutions when switching parameters in regtest mode: https://gist.github.com/bitcartel/49d1d028e31c482028327ae95debf045

Example usage in regtest mode:

./zcashd -nuparams=5ba81b19:10 -eqparams=5ba81b19:96:5 This activates branch 5ba81b19 at block 10, at which point the equihash parameters switch from (48, 5) to (96, 5). I also tried switching to (144, 5) and using -equihashsolver=tromp which appears to work fine, as does getblocktemplate.

The code should be useful for the community to build on and experiment with different solvers and parameters. ----end quote

[blockops1]

Here is an interesting experiment. Fork of zcash with different equihash parameters: https://bitcointalk.org/index.php?topic=1796036.0

Current bitcointalk page: https://bitcointalk.org/index.php?topic=3310714.msg34560204

website: https://zerocurrency.io/

[Sto1cNate]

@blockops1 If we presuppose that it is possible that we are currently bearing some ASIC hash rate from Bitmain on our network, I would think the most pragmatic thing to do in this situation, would be to modify the existing equihash algorithm in the short term. Once too much hash rate comes onto the network from the ASICs, it will become increasingly difficult to fork away to being ASIC resistant again. Once that has been accomplished, you can have some breathing room to develop a more comprehensive, in house POW algorithm. Perhaps look into what POW would provide the least amount of performance BIAS from either AMD or NVIDIA cards. Having more options for miners to support the network will help greatly. Maybe we could attract the hashing power from ETH and ZEC if we go this route?

[cryptomosk]

My bet is that the last four memory intensive machines will all be based on the same chip architecture (ETHASH, EQUIHASH, CRYPTONIGHT, BYTOM). Since they have advertised Sophon, their own AI architecture, I would say they are utilizing that. And I would further point out that forking to a similar cryptographic algorithm would have only a delaying effect on the adaptation of "ASIC" machines.

[bicheichane]

Personally, I believe the biggest issue here is not so much ASIC's in general, but the fact that currently Bitmain is holding the ASIC monopoly. The way I see it, the argument against ASIC's would not be as central if there were several companies on the market competing between each other.. So I would propose striving to maintain ASIC resistance until that happens. What do you guys think of this?

[Sto1cNate]

@bicheichane Totally and completely agree. There is also another argument for availability to small miners. Distribution of these machines also has a great affect on how smaller miners acquire hardware. If you want to maintain a decentralized POW system, you need to think about the possibility of pushing small miners out of the market. Its not like I can go to my local computer hardware store, Best Buy, or Microcenter and pick up an ASIC any time soon. This may not apply in some of the Asian markets where they can do OTC sales of mining hardware. The limits ASIC manufacturers push on their customers (one per) really end up hurting smaller miners. Larger operations are given priority and access to make high volume orders of these machines. If the manufacturing and distribution of ASICs can be sorted out, then it would indeed be preferable to use ASICs. Slowly starting to see this get solved in ASICs for Bitcoin, but still a long way from distribution reaching a level the GPU market has been able to reach.

[aleqx]

Staying ASIC resistant will likely require multiple updates in the future as ASICs progress, and would currently require updates to the core software, pool software, and mining software.

Categorically against ASICs ... why is this even a question in the current context, particularly for a coin that has "anonymity" as part of its principles? Yes, it's going to take effort to fight them, obviously, but let's please not get complacent here if you care about the crypto space. Make it harder for the immoral ASIC manufacturers, not easier. The core idea was to take back control from banks and governments ... surely we remember that?

Mining with ASICs is no different. I'm talking about the current ASIC mining. Communism was also a good idea theoretically (those who raise an eyebrow should actually read about that), but all its implementations suck(ed) big time. With ASICs for mining currently we have manufacturers who:

• first mine for themselves privately until it becomes less profitable than selling (see Monero's case).
• then they first sell privately in huge volumes to a few key players.
• then finally they sell "world-wide" to a few remaining schmucks who can barely get any after waiting for months.

Wasn't Zen in its inception days also touting "ASIC resistance? Are we now entertaining the option of giving that up because it's too much of a hassle and it's bound to happen sooner or later? It's certainly bound to happen if we remain idle. Complacency and paths of least resistance is how banks became so powerful over our lives over time.

It shouldn't be an option when "embracing" ASICs now would mean we'd put the coins we love at the behest of a single/handful of corporations and corrupt (+ totalitarian) government(s). We all kind of have a duty to uphold the opposite.

I won't beat the "centralization" drum. But chinese and russian centralization are worse than the average person knows it, including the average crypto person. Those who have contacts in China could attest to the astounding levels of corruption and how chinese energy companies are now the ones who mine, i.e. who own farms and Bitmain products. A lot of other chinese farms are getting energy for cheaper than market price from their energy company buddies. Regulators sometimes pretend to flex some muscle and ask farms to close, and then parse the spectacularly corrupt hierarchical tree of officials down to local officials, in bed with the farms, who simply reply "Uhmm, we have no farms here", or "We have shut it down" only to flip the switch back after 24h. Even if for some misguided reason we were to believe in the idea of benevolent centralization (as in benevolent dictatorship), the chinese or russian one are certainly not it. I'm not even going to mention the history of bad faith shown by ASIC manufacturers, or the callback home feature accusations, or comanies like Genesis Mining (and the likes) and their grotesque and imoral business model who have already affected both ASIC and GPU markets and are ripping customers off.

There's also the nonsense from the people touting ASICs are more energy efficient and thus more environmentally friendly (like this expert: https://download.wpsoftware.net/bitcoin/asic-faq.pdf). ASICs offer a benefit in Hashes/watt, but no fundamental benefit. That H/watt advantage only works if everyone else is on cpus/gpus. If everyone moves to ASICs then no benefit is gained at all. The Hashes/coin would rise astronomically and the same energy would then be burnt.

I would be very disappointed if the Zen team didn't make the effort to implement countermeasures, (whenever necessary) as long as we're in this ugly context described above. That founders fee it has enjoyed until now from all GPU miners would effectively turn into an endowment from Bitmain. Ughhh ...

[jpradotx]

I really applaud 'aleqx' words.
There is not economic neither moral reasons to leave ZEN as bitmain-friendly. One of the main reasons for development of asic-resistant algos is to lower the entry barrier for the common guy, so the so called 'progress' in crypto is from asic-friendly (sha256) -> to asic-resistant (not the other way around), and that created HUGE value. If ZEN mantains his asic-resistant principle, it is a huge opportunity to take market from ZEC. Community will stay together. If ZEN becomes asic-friendly, it is very likely to split the community (fork).

Aleqx exposed very important principles and moral arguments to stays asic-resistant: ASIC manufactures are totally in bed and controlled by the totalitarian Chinese govertment. Which in turn support modern Tiranies worldwide like in Venezuela, where asic-mining is forbidden for the little guy and totally controlled by the Goverment, which is building mining farms to circunvent international sanctions. The citizens can only do GPU/CPU mining cause it is harder to be identified and controlled by the goverment.

[moyumz]

I'd also like to add to the discussion the issues we will face with accessibility if we were, as a community to allow Bitmain ASIC's into the network.

We will certainly be excluding a lot of potential participants whom are interested in ZEN and also burning existing contributors that have continued to support the network over the entirety of the project by essentially raising the cost of entry in order to mine, in excess of $2300USD and further factoring in powers costs as opposed to an individual purchasing consumer grade hardware which is much more affordable and accessible to many people around the world.

It would be in the community's best interest to fork against the Z9 Mini from Bitmain and continue being persistent in regards to ASIC Resistance so we can continue to enjoy diversity when it comes to consensus mechanisms and by not allowing one entity to essentially gain a monopoly over the network, which further solidifies their position and provides them with additional resources and capital to continue exploiting other networks and in particular our own.

In the spirit of decentralisation and fair mining, we should fork against the ASIC.

Please do right by those that have shown the community and network a commitment, support and valuable contributions.

[rocknet]

I guess I'll have to be one of the few dissenters. My thoughts are pretty perfectly reflected in this blog post, so I urge the anti-ASIC folks to read and consider this: https://pdaian.com/blog/anti-asic-forks-considered-harmful/.

If a project is profitable to mine, specialists will specialize. Why is no one upset about GPUs vs CPU mining anymore? That was truly one-cpu-one-vote if we want to be decentralization purists. Let's be perfectly honest that most pro-fork people are protecting their own interests. That's not a judgement, it's rational human nature, but I think it's a bit short-sighted.

I could run one of these with much less specialization than I currently had to do for my 8 GPU rig, and by the way, I can't even buy any for reasonable prices from NVidia (the "centralized" provider for Equihash). I wouldn't need a 240V line and the noise should be much less than your typical ASIC due to the fact they are only dissipating 300W.

I've never understood hurling the way-too-often-used "decentralization" maxim as an argument against more efficient mining. Bitmain is offering to sell these to people, one per person, for much less money and operating costs for the same hashrate. What would be centralized is if they didn't offer to sell them. A result which is much more likely if they know projects will fork when they offer them publicly.

I would much prefer the dev team to keep their eye on the ball and continue to deliver on adding value to the actual platform, the reason the project exists. I don't think a lot of time should be spent playing whack a mole.

[10kinds]

I tend to agree with rocknet on several points here. 10 kH/s at 1/5th the price of a GPU rig is lowering the barrier to entry, not raising it. Bitmain has done some shady stuff, no doubt, but their objective is to release hardware and profit from it... not dictate direction for projects (except maybe BCH and now BTM).

Whether or not ZEN forks won't matter to Bitmain. There will be a handful of Equihash coins that won't fork and those Z9 minis will be pointed there, and those projects will benefit from it. The question becomes, "How does ZEN get ready for the future?" Does the Z9 mini help ZEN get there? I think yes, but I realize that's not a popular thought.

[jordanmack]

ZenCash absolutely should not fork in response to Bitmain's announcement. A fork is an action that should not be taken lightly or as a knee-jerk reaction to the natural progression of technology. There is nothing inherently bad about ASICs. Every single GPU is technically an ASIC. Bitmain has simply produced a piece of hardware that is more efficient at the task than those currently in use. Why shouldn't Bitmain be allowed to compete with nVidia and AMD?

Efforts to promote decentralization are not without merit. It is known that CPUs and GPUs are more widely available than specialized ASIC hardware for numerous reasons. An effort towards decentralization in the form of accessibility is an approach that may warrant the effort. If algorithm changes are to occur specifically to promote decentralization, then should occur on an expected schedule, not in response to technical advancement.

ZenCash is already conducting research in DAG based technology. Since this will undoubtedly change the way the PoW system works, and algorithm change would be a more natural addition at that time. Efforts could also be made to investigate alternative PoW based systems which utilize the computing power for math or science in addition to securing the chain. There are already numerous papers that exist, but few have been implemented. Adopting this direction would undoubtedly be an advantage for the ZenCash ecosystem as a whole.

tldr; Bitmain's ASICs are not a problem. Don't rush out an algo change. If you want to promote decentralization, do it right, or don't do it at all.

[igorvoltaic]

If we do not accept ASICs Nvidia and AMD will never improve their equipment or even might do that on purpose to have good profits with every new release of their GPU hardware. Bitmain is just a third player here no more no less. It might be that they already do have their own ASIC hardware which is not to be sold, isn't it?

[nikmit]

@rocknet I thing you missed what for me was the main argument in the @aleqx post: the unfair access and distribution of ASICs. As they are specialised for mining and most of the time offer huge advantages for miners using them, there is always the incentive to keep new products secret and accessible to select few and thus cheat the vast majority of the mining community. There is no comparison between GPUs and ASICs there, not because the Chinese (or Russians for that matter) are worse than anyone else but mainly because the advantage the next model of card offers over the previous one is much smaller, so the incentive is not there. I also fully agree that ASICs are in no way more environmentally friendly. The only way to become environmentally friendly is to move away from PoW.

[PeaStew]

@rocknet I'm agnostic, but the efficiency argument goes out the window when the difficulty increases due to the increased hashrate from the ASICs, effectively it is a zero sum game, as it was intended to be. The difference being that if the large miners are using ASICs and they are switched between different blockchains (opportunistic mining) as we have experienced recently with ZenCash, if all that is left is GPUs we will potentially have even longer blocks as a result and larger oscillations in difficulty, hashrate and therefore blocktime.

[NagyGa1]

Sorry for the off, just a short note. Communism was never a good idea even theoretically, read up on the clear explanation by Ludwig von Mises some 100 years ago. Was clearly spelling out what is going to happen and why - no coincidence it happened that way.

[aleqx]

@NagyGa1 you're still discussing the implementation (at the time, future implementation given current context and predictions), not the idea. Self-policing works great in Switzerland, but would be a catastrophe in Somalia. Current ASIC "market" if further encouraged/embraced would be a similar catastrophe for crypto.

[NagyGa1]

Self-policing works great in Switzerland, but would be a catastrophe in Somalia

Agree. But communism still necessarily does not work anywhere. :)

[aleqx]

Agree. But communism still necessarily does not work anywhere. :)

You're still missing the point, no offense ...

[NagyGa1]

Sorry, I was really off, I did not mean to weigh in on the ASICs discussion, was purely commenting on Communism. Now I am so off that I better off.

[ebadiere]

Should this be put to a vote on the blockchain?

[koljenovic]

ASIC resistance is a myth at best, mining itself has an inherent vulnerability, a looming threat that will not be removed by fighting either a single entity or technology. I am looking forward to seeing Innosilicon, Baikal and Halong ASIC miners with even better performace. Not keeping up is a much bigger threat, as it leaves the network weak in a relative sense and nobody can prevent a malicious actor from developing stealth ASIC and taking over the network. True competition is the only way to true decentralization. Resisting any kind of progress has never really worked, and Bitmain is not really important here, there will always be opportunists where there are opportunities, forking them off just gives them another opportunity to do the same thing over again (and take more ZEN in the process - it will happen with XMR for sure), giving the tech to everybody leaves Bitmain the option to do what? Go quantum? True competition is the only way, and stifling it is a sad path to take.

Even changing algo every 15 minutes is not the solution, the only reason to do that is to protect existing GPU mining interests. Zooko said it well, whoever wants GPU interests protected should mine Monero, apparently that's the way they chose. Expending efforts to fight the inevitable progress to defend a temporary GPU miners interests is not worth fighting a losing battle for, it could turn up to be much more costly than we can imagine at this moment. I have to note that I myself am a mid-size GPU miner mining ZEN and equihash for a considerable period of time, but nobody promised me that it will last forever, there are many other opportunities for GPU mining propping up everywhere, and honestly GPU mining is much more essential there as these projects are much more volatile and usually require many changes to the core algo to iron out the bugs, that is not the case with equihash, time to pass the torch and sit at the grownups table guys. Thanks for your consideration.

[Sto1cNate]

Playing devils advocate here. If you setup the paradigm that your project will continuously fork to break ASICs and your project is popular with a lot of economic value up for grabs to entrepreneurs, you will actually create an incentive for companies like Bitmain to secretly develop ASICs for themselves and never release them to the public. This would stifle innovation and competition between ASIC manufacturers, and will ultimately hurt GPU miners. You would be fighting an enemy you cannot see. What would it mean to market stability to constantly be forking POW? With machine learning and advanced AI, you are resisting an increasingly indomitable force.

[ebadiere]

Okay, so I assume that those arguing for not forking have already put in their order's for the Z9.

[aleqx]

Quoting a project lead who doesn't care where the hashrate comes from but takes a whopping 20% founders fee (please don't bring up the fact that it drops to a very low value, that's in 20+ years time) and accuses those against ASICs that they are just trying to protect their GPU interests is hardly a rational rhetoric. The reverse accusation could be made and would be just as twisted and unhelpful.

I haven't read any compelling rational argument. "It's going to happen sooner or later" is not a rational argument but a lazy one. ML and AI have nothing to do with POW-dedicated ASICs - in fact, they are obviously an argument against rigid ASICs for mining rather than pro.

I keep reading comments from folks who obviously have little to no idea about hardware manufacturing yet continue to incessantly throw statements around. Developing ASICs based hardware (in high enough volumes to matter) requires a lot of resources, access to foundries and long-term high-volume contracts with several different corporations, etc. If anyone could do it then you'd see hundreds of companies. Ask yourself why that hasn't happened, or why are there only two companies in the CPU and GPU world.

GPUs are sufficiently general purpose yet they still became unavailable due to cryptominers, and it's only been 1 year since that acute shortage started ... dedicated hardware would make that worse, not better. Why? Because the route to financial gain is single-hop and there is essentially no barrier to entry: dumb non-entrepreneurial individuals exploiting corrupt contexts gobble hashrate ... it's inviting corruption and monopoly, see China (*). Cryptocurrency, with its potential to be the future of finance, is not the same as a CPU or GPU market. You are sadly misguided if you think you'd stimulate innovation by supporting ASICs for mining cryptocurrency as it currently stands and is predicted to develop ... a lot of things would have to change for that to become a healthy stance.

[PeaStew]

@ebadiere Actually many of us are arguing against the concept of continuous hard forking and the ensuing troubles related to that to fight this non-static and adaptable threat (it's possible this is in fact an FPGA and not a static ASIC). Nothing to do with protecting or discriminating against mining interests on either side but rather protecting the the stability of the rest of the project.

[PeaStew]

@alexq actually I do work in the semicon industry and plenty of "stealth ASIC" development happens all the time.

[aleqx]

@PeaStew you may be talking about prototype FPGA based solutions. Certainly not high volume ASIC solutions that can cause actual concern. A handful of pieces of kit isn't the problem here.

[PeaStew]

@alexq I am not saying the "stealth ASIC" development that I am aware of is for crypto, I'm just saying it is an industry phenomena that such development occurs. The majority of development is not done in hardware but rather simulation anyway.

[aleqx]

@PeaStew I knew what you meant and my point still stands: it's not high volume enough to actually matter (if it was it wouldn't be stealth, not for long anyway).

[koljenovic]

The only interest I am arguing in favor of is long term stability and viability of ZenCash and cryptocurrency space itself, in the best way I see fit given my very pronounced human limitations, which I aplogize for. I myself am as I have already mentioned a GPU miner, operate among other things 5 ZenCash nodes for myself, and 3 for my family and friends. I am perfectly aware that a lot of people have much bigger investments in the space, but please bear in mind that all this is a very risky endeavor, a global socioeconomic experiment of sorts, we all signed up for it more or less knowingly.

I would refrain from ad hominem. Please understand that we are dealing with a problem category here, ASIC and Bitmain being current manifestations of a technology and an entity. Blaming is not going to get us anywhere, as it turns out, ASICs are a matter of reality, and however hard you try you cannot wish them away or "fork them out" as some suggest. We can wait and see what happens to Monero (there are already 4 forks I know of, more to come for sure) and wait this one out for when we have a better view of the situation, this is a very important point from which I believe there will be no turning back, even Bitcoin is not definitive on this issue. I believe the biggest burden of this decision, concering equihash, is on Zooko, and it is a predicament indeed, too big for one man to carry, it opens up a wider discussion about governance and other sorts of centralization far more important than ASIC mining, this is a wide scale discussion and should be handled with utmost care, wisdom and consultation, not to be decided on a whim, but on a wide consensus of all the involved stakeholders. Thank you.

TL;DR; Verdict: No forking until wide scale consensus is achieved

[Stephenglfox]

What we should all realize is that the BitMain AntMiner Z9 mini is just that. A MINI. The fact that they limit each order to one item sounds very much like social engineering to gain acceptance and lull the coin's brain trust into indifference.

If properly designed the Z9 will have configuration settings to allow mining with any Equihash parameters as long as supporting memory is available. Once the first batch is shipped the owning miners will have a financial incentive to promote the continued support of an unaltered Equihash algorithm.

If the Z9 is allowed into the privacy coin ecosystem it will slowly edge out both NVIDIA and AMD. A single secretive Chinese crypto mining company will own a monopoly on the Equihash coins with no competition in sight. Unless you are smart enough to open the thing up and reverse engineer it, no one will know what undocumented capabilities it may contain. This is totally unlike a mass market GPU with well documented capabilities and programming interfaces.

NVIDIA and AMD may not openly support crypto currency mining but they are required to openly document the programming interfaces. GPU have many suppliers including EVGA, MSI, ASUS, PNY, GIGABYTE, and others.

The next release (ie. Z9+) will have much greater hash rate. My estimate is 40Ksols/s. It will be sold in unlimited supply to large miners with deeper pockets. At this point it becomes checkmate for the Equihash privacy coins too lazy to fork because their GPU mining support will be long gone. You will be dependent on a secretive monopoly.

The privacy coin's brain trust needs to ask themselves the following questions.

1. What is the impact to the privacy when an undocumented ASIC owns all the hash power? (DASH)
2. What is the minimum hash rate needed to make the coin viable?
3. How can the network detect a stealth ASIC mining operation? (Cap the Hash rate of a single worker)
4. Can you afford to lose all the GPU miners?

The Monero team obviously reacted with alarm to a Cryptonight ASIC and hastily forked. They could not afford to lose the GPU miners, they could not trust that undocumented ASIC miners could preserve the privacy goal, they could not give up the network to a secretive monopoly.

When you fork the Development Team, Exchanges, and presumably the Mining Pools follow. This requires some coordination but its not insurmountable. Anyone who remains on the old block chain has to create new infrastructure. New development team, new exchanges, new mining pool, etc.

Be warned, The Z9 may be a Trojan horse that could kill your coin, your ecosystem, and your community support.

The ASIC discussion is not a comparison with bitcoin. Rather we need to analyze the privacy coins Dash and Monero. Is Dash the better privacy model or is the Monero strategy more secure in the long run?

[koljenovic]

@Stephenglfox wouldn't it be a bigger blow to Bitmain and centralized mining interests to fork if the eventual (breach of trust) Z9+ megaminer happens? There would also be much more info on the design of the thing itself and some time advantage to plan a defense strategy, also offering some technical insight what direction to take. Regarding the Monero scenario, Bitmain is most probably just going to repeat the same thing, (make a new AISC, mine, release, fork)++ and bleed them dry into 2^n chains, accumulating coins along the way. Please consider the reasons why Bitcoin did not fork off SHA256, resisting immense pressures to do so, and survived long enough to anger the miner to fork off and do a marketing attack (B2X, BCH etc.) instead of a much more serious technical one.

To address your points:

• No technical privacy implications for users, general security (availability) maybe but privacy no afaik
• Hashrate depends on the coin, but if there are no contentious forks involved the majority miner has an economic incentive not to undermine the protocol itself (buys time), which is not the case with contentious forks
• Not possible to detect with reasonable doubt, capping not feasible
• Can a coin afford to be mined and forked out of existence? Don't be fooled that there won't be prop coins with prop dev and marketing teams on prop exchanges with prop demand, fork after fork after fork...

So, time, time, time and it would be even wise to incentivize development of other equihash ASICs, FAST or even maybe fork to an algorithm that has multiple ASIC suppliers, implications would have to be considered first.

P.S> Also there is nothing that implies attack with Z9, you can view it as a trojan horse, sure, but is it really, if viewed in good faith this could be the final resolution of this nightmare with the developers and miners rift that has cost us years already.

[ebadiere]

So is there a timeframe for any kind of decision on this?

[Stephenglfox]

@koljenovic et al. If the Z9 is permitted into the ecosystem the GPU miners will eventually fall bye the wayside and you will become dependent on an undocumented ASIC manufactured by a secretive monopoly. If bitmain waits long enough for GPU's to leave the network, the Z9+ will present a checkmate on control of the hash power on your network.

If the brain trust agrees that the DASH ASIC strategy is acceptable then let the Z9 into ecosystem. If the brain trust is concerned about the control that a SINGLE SOURCED ASIC can have on the ecosystem, as Monero does, then some regulation is essential.

Here are some suggestions:

1. Find a way to implement capacity limits on the hash rate that a single worker can offer to regulate the size of an ASIC and keep the GPU's in the game. There can be many ways to do this. The point is to incentivize ASIC development by other competitors while maintaining GPU mining support.

2. Continue to implement resistance features by forking and other regulatory controls until additional credible ASIC competitions come onto the scene.

Permit me to repeat. Giving up control to a monopoly can never end well. History has spoken.

There is not a problem with ASIC's in general. The technical specs of the Z9-Mini are ground breaking. However, there is a big problem with a black box ASIC from a single source.

[NagyGa1]

@10kinds "10 kH/s at 1/5th the price of a GPU rig is lowering the barrier to entry, not raising it."

Not true at all. Forking out $2k vs $0 because you already have a GPU in your PC for whatever purposes, not to mention that the $2k is going to worth 0 within months while the GPU is not.

Moreover, once the $2k hardware is on, it forces everyone to use them, game over for anyone not using them.

[NagyGa1]

Moreover, if you wish to develop your coin to something worthwhile, you need wide acceptance, you need a fanbase.

Having thousands of smalltime GPU miners are a great gift for that, they are the best cheerleaders.

Losing them and pissing them off would be a huge loss, not sure why a salesman like Zooko does not even worry about this.

[PeaStew]

@GuylainLavoie what does this have to do with security?