Pages:
Author

Topic: [ANN][SHC] ShinyCoin █First ever RAMHOG algo Pow/Pos █NO ASIC/GPU | Whitepaper (Read 58457 times)

newbie
Activity: 9
Merit: 0
WARNING: Please don't use Ramhog!  This is a lame algorithm that is easily sped up in an ASIC attack.  It was generated by an armature, and never peer reviewed in any way.  I broke it in an hour completely.  If there were a thriving mining community for ShinyCoin, I would likely have to go build some hardware to out mine everyone by 100X or so per $ invested.

First flaw: the xor-shift PRNG is _not_ cryptographically secure.  In particular, given index i and the initial state, I can compute xorshift(i) in constant time.  Given that only 1 in 512 memory locations is in any way different from this output (times a constant which does nothing), I can generate the pads in a massively parallel attack, and have 511 out of every 512 locations right.  The final locations are trivially computed in a lazy manner on demand.

The final loop only reads a bit over 8 million locations, so I only need to generate a tiny fraction of the actual data.  There is also a terrible time-memory trade-off.  OMG, this algorithm is lame.  Please use something more secure, like Scrypt!  One of the three entries in the password hashing competition that are better than scrypt might also be OK: Yescrypt, Lyra2, and Argon2 (in that order of preference).

The flows in Ramhog are so extensive, I don't want to bother listing what I found in just an hour.  This algorithm is a lost cause.  However, the worst offender is how their PRNG can be computed massively in parallel.  The PRNG is:

static inline uint64_t xorshift_next(xorshift_ctx *pctx)
{
    uint64_t s0 = pctx->s[ pctx->p ];
    uint64_t s1 = pctx->s[ pctx->p = ( pctx->p + 1 ) & 63 ];
    s1 ^= s1 << 25; // a
    s1 ^= s1 >> 3;  // b
    s0 ^= s0 >> 49; // c
    pctx->s[ pctx->p ] = s0 ^ s1;
    return ( pctx->s[ pctx->p ] = s0 ^ s1 ) * 8372773778140471301LL;
}

There are 64 "state" variables, of 64-bits each, for a total state of 4096 bits.  The entire state is generated securely with PBKDF2-SHA256.  However, after that, all that happens is that state variables get shifted and xor-ed on each other in a _fixed_ pattern.  I can represent 64 iteration of xorshift as a 4096x4096 Boolean matrix.  To compute the n-th state, I simplly multiply the initial state times this matrix to the power of n/64.  For source code to do this sort of Boolean matrix operation, see my Github repo bmat:

https://github.com/waywardgeek/bmat

Could you crypto-coin guys please try to have a public review of your PoW algorithms before starting your block chains?  Alternatively, could you let a million bucks or so of market cap grow, and then send me a notice to see if I can PWN your currency?  I was too late for this one, and also too late for that one based on Momentum (another broken PoW).  Heck, I only learned how to crack PoW algorithms over the last 18 months.  Are there any new hacked-up PoW coins out there I should attack?

Thanks,
Bill
member
Activity: 84
Merit: 10
this is more centralized than bitcoin mining.
member
Activity: 84
Merit: 10
With 16GB this doesn't work on W64, even in safe mode in command prompt without explorer in the background. It needs 100-200 MB more to run.  Sad
hero member
Activity: 826
Merit: 1000
Is coin swap the only exchange for shinycoin?
legendary
Activity: 1092
Merit: 1000
Where is the dev?
Accident?
I have reasons to believe he was/is involved in 2 scamcoins released in the last 20 days. Take a look at the post history of people
i called out as shills - no posts on bitcointalk since.

I demand my neg. rating revoked !

I knew you mined a lot of shiny. Now it's Shity.... That is a sad fact.

I sold mine early on. I'm the only one who profited, others are at a loss.
hero member
Activity: 700
Merit: 500
Where is the dev?
Accident?
I have reasons to believe he was/is involved in 2 scamcoins released in the last 20 days. Take a look at the post history of people
i called out as shills - no posts on bitcointalk since.

I demand my neg. rating revoked !

I knew you mined a lot of shiny. Now it's Shity.... That is a sad fact.
legendary
Activity: 924
Merit: 1000
Where is the dev?
Accident?
I have reasons to believe he was/is involved in 2 scamcoins released in the last 20 days. Take a look at the post history of people
i called out as shills - no posts on bitcointalk since.

I demand my neg. rating revoked !

but then neg. rating makes it more interesting to deal with you Smiley
legendary
Activity: 1092
Merit: 1000
Where is the dev?
Accident?
I have reasons to believe he was/is involved in 2 scamcoins released in the last 20 days. Take a look at the post history of people
i called out as shills - no posts on bitcointalk since.

I demand my neg. rating revoked !
hero member
Activity: 700
Merit: 500
Where is the dev?
Accident?
newbie
Activity: 8
Merit: 0
Why hasn't laxori replied?


Oh, no, this coin shouldn't be dead.
newbie
Activity: 8
Merit: 0
newbie
Activity: 8
Merit: 0
sr. member
Activity: 320
Merit: 250
Obviously dead!   Angry

who will sell the coin?
legendary
Activity: 966
Merit: 1009
The dev gave up the coin. It's strange that there are so many irresponsible devs.
legendary
Activity: 966
Merit: 1009
Shinycoin is the child with no mother.

Who can take care of it next?
Or just let it dying.

By the way. wallet can not sync at block 8684.

getnetworkhashpm
14667

I have also PMed sandor111 for the pool code. Still no reply.


same here.
Did you solve it?
newbie
Activity: 8
Merit: 0
WARNING: Checkpoint is too old. Wait for block chain to download, or notify developers of the issue
member
Activity: 71
Merit: 10
@laxori: Are you around man? You seem to have the skill to take this over. It's not too late.
Hmm maybe in terms of technical skill I do, but I don't know how good I'd be at actually running the coin. Plus there doesn't seem to be that much interest anymore, even as of last week, there's only like 3 people posting on this thread. Not sure if it'd be worth it to be honest.
full member
Activity: 625
Merit: 100
Shinycoin is the child with no mother.

Who can take care of it next?
Or just let it dying.

By the way. wallet can not sync at block 8684.

getnetworkhashpm
14667

I have also PMed sandor111 for the pool code. Still no reply.
member
Activity: 71
Merit: 10
@laxori: What's your opinion about this? Have you worked with Sunny on anything lately? If yes, could you provide some info about what it was and if any progress has been made? Also, how was your experience working with him?

I think it's clear sunny has bailed. I don't know why to be honest. I've PMed him a few days ago and he hasn't replied.

I volunteered to do the subcurrencies and was working on it (can see my work so far here: https://github.com/csaftoiu/shinycoin/tree/subcurrencies ). I stopped pending seeing what was going on with primer. I thought all would be fine when mod verified the extortion attempt but looks like sunny has given up?

My experience was that he was pretty disorganized. He would make last-minute changes when a release was due. He would sometimes reply quickly and other times be very unresponsive. Definitely not a reliable dev. Only way forward for this coin is for someone to take over, fork it, change the checkpoint and alert and signing keys. At least code is public now, so if someone really likes the idea they can start a new coin that uses ramhog.
Pages:
Jump to: