Topic: Are ASICs the last major evolution in mining hardware? - page 2. (Read 6870 times)

Sorry to disappoint a lot of persons, but that's not about Peta , Exa, not even Zetta or Yotta.

It's all about the money.

Hashrate is now around 25TH/s. That equivalent to about 40000 pieces of 7970. That's around 20 mil USD.
Considering motherboards, power supplies, workforce, etc., I'd say an entity willing to spend 30-40 mil USD, plus costs of 10MW of electricity, could wreak havoc with bitcoin, using GPUs. You do realize that this is doable by banks and nations (and even some individuals although I cannot see their possible motivation).
But what about an ASIC atack? Right now, Avalon team claims that they can produce 51% power (another 25TH/s) with under 600 000 USD. This is even scarier, isn't it? If they can, why a bank/nation cannot? Or lets say a bank/nation is not so smart and their cost to develop and produce 25GH/s in ASICs is 5 milions. Still very scary!

So what ASIC adoption will mean for us? It will only cancel the ASIC atack versus GPU/FPGA bitcoin network mentioned above. If we, bitcoiners, will invest in ASIC around the same amount we have invested in GPUs/FPGAs, so around 30 milions USD, that means and entity willing to destroy us will have to invest, more or less, the same money. Unfortunately, 30 milions USD are in the realm of MANY entities

We'll be safe against a hacker, but we'll still be at the mercy of BIG powers.

Are there solutions for us? Very few!
One is to convince as many folks as we can to invest in bitcoin and use them. Not necessarily in mining, it's enough in the economy. A growing economy will drive fiat/btc up, so mining hashrate will follow growing (beeing profitable in fiat money due to fiat/btc rate, even if btc reward is smaller due to raised network hashrate).
Lower cost/(GH/s) as much as possible. This will come with competition, and probably prices will stabilize at the level at which, despite of greater hashrate, return of investment is still under 12 months.
And there's one more thing. But not here because I already feel I'm offtopic.
 

Which doesn't apply to bitcoin mining.  Post QC algorithms are theories to improve the security of asymmetric encryption (public private key) algorithms.  They aren't applicable for cryptgraphic hashes. 

Yeah not sure where people get the idea that QC "instantly solve" problems.  They don't.

Using Shor's algorithm a lot of solutions can be found in polynomial time but polynominal time doesn't equal instant time.  Note Shor's algorithm isn't useful for "breaking" a hash but there is no known Quatum algorithm which can solve that problem in polynominal time or faster.

http://en.wikipedia.org/wiki/Shor's_algorithm

So lets look at brute forcing a private key.  To brute force a 160 bit private key would require 2^160 attempts using a classical computer.  A QC designed to implement Shor's algorithm could do it in 2^80 attempts.  So the QC can perform the same search in 1/2^80 as many operations.  This is a massive increase in speed but not "instant time".  Also 1 operation on a classical computer and one operation on a QC aren't comparable.  It may take 100x or even 10,000 times as long to perform one operation using a QC.  

It is possible Grover's algorithm could be used to brute force hashes but no proof of that exist yet.

http://en.wikipedia.org/wiki/Grover%27s_algorithm

Still Grover's algorithm doesn't "instantly" solve anything either (to my knowledge nothing does quantum or otherwise).  Grover's algorithm can only provide a probable solution and for a large problem it requires many quadrillions of attempts to produce a solution with any accuracy.


So while speeds up are probable this "instant solve" is just nonsense.  Another complication is that Bitcoin mining by QC is novel and would require a new quantum algorithm.  Most QC problems are related to finding a specific solution however with Bitcoin we are only interested in a "good enough" solution.  For example at difficulty 2.5 million there are roughly   8,986,648,889,050,210,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 valid solutions.  Using existing Quantum Algorithms would likely not be useful as for example if a quantum algorithm was found that could break a specific 256 bit hash in polynominal times 2^128 operations is still much larger than current difficulty (2^32 * 3 million).

anyone got a cup or something? i think this QC talk has left my brain dripping out my ears.

Nice explantation, thanks. Thanks too for the link.

Judging by his handle, I suspect Qbits is better qualified to answer this than me, but AFAIK, a quantum computer does calculations in "parallel universes", and these calculations are not restricted to adding or subtracting. You would just add a comparison in there.

So  yes, in practice if QC becomes viable, pretty much all current methods of encryption become pointless and we will need something else. Thats being researched, if you are interested:
http://en.wikipedia.org/wiki/Post-quantum_cryptography

lol, Aliens are of course the best bet.

Which of these do you think is most likely? I have my money on aliens of course, but who doesn't?

If the calculation result in only hashes < difficulty, how does the calculation test for this? I didn't think QC broke encryption, just created many hashes at once.

The algorithm would have a method for testing which of the hashes it created are < D, hence the requirement of sorting. Either that or there's an algorithm which can break the encryption.

Or I'm completely wrong and talking out of my butt. It's probably the latter, but I'm interested in knowing more.

As DeathAndTaxes said. Plus:

For the next 5-20 years expect Bitcoin mining tech to develop in the following directions:

1. improving Bitcoin ASIC's in direction of catching up with the best ASIC tech available i.e. with what the latest top of the line CPU we have;
2. making mining gear more modular so that upgrade path from old generation of chips to new ones is more cost effective. For example, retaining enclosures, power supplies, cooling gear etc and having replaceable cards with chips that could be replaced/upgraded;
3. making mining gear more space and power efficient so that it could fill standard 32/16A ~42U rack.
4. making mining gear that could also allow reuse of generated heat and proliferation of "energy cost offsetting" devices of all shapes and forms. like bitcoin generating coffee-warmers, space heaters, house heating systems, beef jerky and dried fruit production etc..
5. economies of scale i.e. producing large quantities of low cost hashing chips and gear.
6. concentration of large scale bitcoin hashing capacity in areas where low cost electricity is available or where secondary use of heat produced is viable
7. timed use of hashing capacity to take advantage of low cost energy during off-peak hours.
8. use of hashing hardware to utilize "free electricity" in places where "unmetered" energy is available. But expect, providers of "free energy" such as employers, moms basements, student dorms to catch up on this eventually.

This is the beauty of free market, it WILL make Bitcoin hashing as cost efficient as possible over time.

In any case expect network's Bitcoin hashing capacity to be customarily measured in Peta and even Exa hashes (as opposed to Mega and Giga and Tera hashes) rather soon.

Expect that pretty soon no single entity will be able to mount a sustained 51% attack even theoretically.

Expect eventually quantum computing, aliens, time travelers, DNA/biological computers or other such rather improbable now actors to disrupt Bitcoin hashing marketplace in some shape of form.

I also think that ASIC mining gear manufacturers will quickly move to large scale production of mining gear in large quantities up to the point where cost of auxiliary equipment in rigs (PSU, enclosures, fans etc...) is comparable to the cost of hashing chips.

I also think that we will see availability of hashing chips for OEM's and 1-2 companies dominating Bitcoin chip markets with a much larger number of OEM's and VAR's producing the mining gear of all shapes and sizes.

Actually, afaik, quantum computers could even use bogosort to sort a finite list in a single clock cycle.

Now im no expert in QC, but I doubt you even have to sort anything. You just have to code the QC so that all universes are destroyed except for the ones where the resulting hash is < difficulty. Any one of them would create valid blocks, you wouldnt even have to pick the smallest. Pick any.

Of course it matters. It invalidates this statement:


If quantum computers are poor at sorting (I have no idea) then it will take longer than qbits' estimate. 10% percent longer? 1e06% longer? Without at least an estimate (or an explanation of why I'm being wrong headed) his point is not proven.

Does that really matter? If a quantum computer can calculate a near infinite number of hashes simultaneously and therefore find a block or even multiple blocks "per clockcycle", surely sorting them isnt going to make a big difference.

Yeah, but where are you gonna find the 1.21 jigga watts of power that you need to run it?

How? Not that I disbelieve, I'm just not sure it's that simple. I would have thought it would have to at least take additional time to sort though all the solutions to find the smallest hash.

quantum computers work slightly different than ordinary computers in that they do not have to go through billions and billions of tries to find a hash below the threshold set forth by the difficulty.

quantum computer would find the hash in a single step essentially in a time normal computer would take to calculate and try a single hash.

so 1 Hash per second quantum computer produces one "below the threshold" block hash per second (assuming it exists at all) regardless of difficulty.

Graphene is just one of several experimental technologies with which researchers hope to keep Moore's law alive for a bit longer. No one expects it to exceed Moore's law by some order of magnitude.

As for clock frequency,  500 GHz has already been done with silicon a long time ago:
http://news.bbc.co.uk/2/hi/technology/5099584.stm
Of course, clockspeed alone (or more correctly: transistor switching speed) is utterly meaningless.

One of the benefits that can sometimes get overlooked is the network security. When the network is measured in PH/s and ASICs are commonplace, it is much harder to attack the network. This was a common fear during the CPU and even GPU days.

There will be a huge improvement!!

the european union just paid 1 billion € (1,35 billion usd) to research about "Graphene"http://en.wikipedia.org/wiki/Graphene and to research how to build a processor with graphene.
They could run with up to 500 GHZ per core!

just imagine 500 ghz quadcore .. yumm!

Not sure if you realize, the difficulty will be raised to offset any speed a computer can throw at the network..