a guest Jun 13th, 2018 60 in 8 days
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
- I read the ASIC article. Haven't looked at the second article yet.
- I have spent a good part of the last 20 years working on ASICs that run specific algorithms faster than general
- purpose CPUs, so it is not surprising to me ASICs can effectively attack the problems of cryptocurrencies.
- I am a little surprised that the cryptocurrency community cares about ASIC resistance. Why is this? The ASICs
- that would be used for the SHA-256 based proof of work are pretty generic and anybody could buy them or
- design a build them. It seems like a level playing field. Why is it better for miners to spend money on Intel CPUs
- than special purpose hash chips?
- Having said this I think it is possible to design "memory hard" algorithms that run pretty well on a general purpose
- CPU and can't be accelerated much by ASICs. About 25 years ago I worked on the design of the memory system
- for HP's high end processor. The memory system achieved a good balance between latency, bandwidth, and cost
- given the DRAM technology at the time. I think an algorithm that made optimal use of memory and perhaps CPU cache
- as well would be very difficult to improve on using ASICs. The real problem I see is that for cryptocurrency you really want
- the proof of work to be "memory hard" but the verification to quick and easy. With straight forward algorithm design
- the verification would also be memory hard and more time consuming than is desirable.
- It sounds like the real point of the article is that a hash called "equihash" claims to be memory hard to compute
- but quick and easy to verify. However it appears that it failed to meet the claim and was essentially broken
- which allows it be accelerated by an ASIC. The means for accelerating the equihash algorithm is probably
- worth a paper of its own. However generalizing that because equihash was broken, any memory hard
- algorithm can be broken and accelerated significantly using custom chips seems an overstatement and probably wrong.
- I will have to look at ethash sometime to see what the algorithm is as I am not familiar with it.
- But I am not sure why ASIC resistance is important. I would think it would be better for all miners to use custom hash chips. The risk
- of anyone doing dramatically better than everybody else seems low.
RAW Paste Data