Topic: If Core had to hard fork and use another mining algorithm, what would it be? (Read 3467 times)

Ok I 'll try it again:

There are two main powers that work against the centralization, which is a classical fix point problem where the attractor is given by the positive returns from mining profits - really, this equation has no varaible in the type of the algo, so you can chose ANY - all efforts to find a better one is net negative! Physics can save you lot of work here, but feel free to learn that hands on.

1. External forces, that destroy any (artificial) order in this universe, better known as entropy or dissipation at work/ fricktion. Here all operational risks fall in, like lump risk (to high centralization, compare big datacenters with no proper backup!), desaster risks ( fire, sonic shocks, war,...) and also regulative risks (China!), technical development risk (some better ASIC or quantum tech), here can be lot more other risks be named!

2. Nash Equilibrium / inner force: Since all bigger players are aware of the real need of a 'decent' decentralization, there is a pressure ( inside of each player) to NOT create a monopoly. Why?  -> Reputation risk! Once the other players notice the monoply, they will fold the game and leave!  We've seen this with a pool reaching 50% some years ago. Where is that? Gone!
I predict that china pools will never really collude, only for the reason to destroy bitcoin ( could be a short time event with potential revival) and go for bitcoin cash?

@Carlton Banks: I basically agree, that looks like a doable "roadmap" - only in the case it's necessary. Let's hope it's not, at least not already in November.

@hv:
While you are right that there will probably mining operators with large "farms" even if a "truly ASIC-resistant algorithm" is chosen, there are degrees of centralization. It is a difference if you _can_ try your luck with a PC at least in a low-electricity-cost country (or with solar/wind energy) or if you have to invest in hardware that only serves for one purpose. So I basically support the ASIC-resistant (or better: ASIC-unfriendly) approach if it's doable.

I think in English that is called "cluster risk", but maybe I'm wrong (I think you refer to the risk that too many miners/pools are in similar regions with similar risk profiles -> China, Iceland ...)

I however do not get your point with the Nash equilibrium ...

I just throw in sth very abstract but killing:


For the long run, it does not matter.


Since some legends stated way before me at other places but very true, all profitable mining tend to centralization, no matter what algo you might choose.

The only 2 things  will disrupt this centralization are the typical Klumpen-Risks (lump risk)  that these central guys are taking. We can see this very good in China right now. Who knows, how long they have this ideal env there with cheap energy, non-regulated, chips....?  Also Island is on risk due to tectonic activities.

The second but most important one is the NashEquilibrium, that will keep down the monopolists due to lost of user- confidence in this game.

Relax and keep watching or do better risk analysis.

As a miner, this thread is "interesting" to say the least......lol

How far we've come that the people who maintain the Blockchain are now labeled the enemy.

I just wonder how the hashrate would look like when we have a lottery of different hashing algorithms changing in random times (or isn't the time random and fixed?)

Anyway I would like to see some simulation models of that before we go with it. It's clear that sooner or later we may need to do something like this, but it's not clear to me how it would turn out.

I predict for every type of hashing algo someone would be specialized and would have a monopoly for that period of time. Wouldn't that be a problem? What if someone has 51%+ of hashrate for a particular algo?

Well it's very much the nuclear option. I wouldn't expect a change that significant to be rolled out without a substantial period of public dissemination testing, more plausibly:

• Code that disconnects BTC1 nodes on the basis of their fork-signalling bit (I believe that's already running on the Bitcoin network with versions >= 0.15.0)
• Short testing period of a hash algo that's difficult to develop an ASIC for, followed by immediate deployment
• Longer testing period of a the approach using a series of hashing algos + randomisation of constituents, series length and switching interval

The disruption and uncertainty of launching the series + randomisation approach as an essentially emergency measure would be too much even for the sophistication of the Bitcoin ecosystem. It would be difficult to achieve on the timescale currently presented, either sufficient design, testing and debugging or sufficient market contemplation or acceptance. There's a necessary amount of time to deploy the idea effectively, and so steps need to be taken to make that time available as a prerequisite.

But as an ASIC miner ejector seat, it would be rather effective on a more medium term timeframe

@Carlton Banks: OK, now we established a communication channel, I think . Your hopes for "randomly changing algos" are probably legitimate as it would be comparatively less profitable, compared to today, to use and develop ASICs. I am only a little bit skeptic, I think it should be tried if it's necessary, for now I think you convinced me that this would be better than Scrypt.


A little bit of speculation (still without scientific foundation):
- Investments in Bitcoin mining are investments in Bitcoin's ecosystem, like it would be investment in exchanges or other service providers. So miners should have an interest in that the cryptocurrencies for which their miners are built (SHA256) are strong and see increasing usage (and value). If there is danger for Bitcoin to massively lose users, they could use their financial power to "back" it or try to solve the problems investing in a solution (e.g. in developers if a bug is found). However, as there was never such a situation, we don't know it. Until now I saw very little of such activity  ...
- On the other hand, the same happens with all other investments in Bitcoin infrastructure. In that sense there is nothing special about the "mining industry", although they definitively add value that "backs" Bitcoin in some way.
- A dedicated mining industry means probably more professionalism and more specialized knowledge when it comes to the PoW "part" of Bitcoin's security model.
- One could speculate what would happen to transaction fees and questions like the "blocksize debate" if we begun to use an ASIC-resistant algorithm. If most (bigger) users were also miners (like in the beginning of Bitcoin's history) and "usage benefits" are equal or higher than "mining benefits" (e.g. most miners were also Bitcoin service providers or important users), then there could be a trend to declining transaction costs (fees), because the miners would "vote" for all improvements that decreased the cost for mining, running a full node, and transacting. For example, they could embrace sidechains (e.g. the Drivechain proposal) or extension blocks, but they would probably not vote for larger "mainchain" blocks because these would increase bandwidth, hardware and storage costs.

Personally, I don't know if we need this many miners right now anyway. They're here to chase the money, not support BTC. When BCH was more profitable, what did they do? They left BTC to go mine BCH. If they even think they deserve a seat in the scaling/developer debate, they are wrong. The only thing we need them for is to verify transactions and protect the network, which they themselves proved requires a lot less or them than we currently have at the moment. There is a huge glut of miners, most of them are dispensable.

With all the talk of "ASIC resistance" in the thread, here is a thought provoking question. Is the mining "industry" that was built around Bitcoin beneficial for its sustainability and longevity?

Like the crude oil industry, the whole world will not be able to drop it if it wanted to that easy because it is already embedded in the economy and has become a big part of society. Is Bitcoin going to be in the same position in the cryptocurrency world through the industries built around it?

I am most decidedly an outsider in these discussions, but I wanted to share my thoughts having read through this thread and some of the other discussions regarding this somewhat imminent issue.

I strongly believe that the Bitcoin Core team should do what it feels is best to advance its software.  Their track record speaks for itself, Bitcoin is the de facto standard in crypto for a reason -- sound decisions made by those in control of the code.  I think it's apparent that the user base has supported their vision for the currency as can be seen in the outcome of the recent BCC fork.

The idea to introduce added resilience to the standard by variable PoW algos is certainly a bold change.  From what I gather, part of the reason for doing so is because of a minority of actors, that represent a majority of the hash rate, being intent on forking over the 2x proposal.  It seems clear to me that they are only interested in their self-interest from a financial perspective.  While I can certainly understand that, I do not support decisions that solely take their own self-interest into account.  As a member of the Board of Directors of a few organizations, I often have had to make decisions that disadvantaged me from a personal/business perspective, but were the best decisions to make for the entity I was asked to make the decision for.  Not everyone can be selfless in this way, but it is part of the job when you accept a fiduciary duty to another organization.

I think if a change in algo is inevitable due to the circumstances, by all means make it as resilient as possible.  A programmatic approach to swapping algos, or a random use of multiple as is being discussed here, is a great idea in ensuring that a wider pool of users can practically participate in mining.  Of course, nothing is "ASIC-proof", but Carltons comments about the ASIC producers gouging prices for their own benefit is certainly the case if you look at the costs involved in producing the devices and the R&D resources, etc.  In some ways, the large concentration of mining power in so few hands, especially when those hands, in essence, control the means of production of the currency could be looked at as a form of "counterfeiting".  Not that their blocks aren't valid, but control over the most efficient means of production of the currency is a single point of failure/control over what is supposed to be a freer system.  The current system gives disproportionate control to a minority of entity.  As can be seen by this threat to fork the currency.

Whatever is decided should be done so transparently as possible and should be communicated to the user base as widely and as early as possible.  The impact of a decision of this magnitude has over the ecosystem is quite large.  From my perspective, it feels like it might be necessary to go this route.  If that is what the Core developers decide, its very important to communicate this clearly to users that are not as "tuned in" as others.  Without that, others will attempt to control the message and that will cause FUD.

For Bitcoin to remain the standard, it must sometimes make bold decisions that are in the best interest of long-term resilience.  I believe that this may be one of those times, and from reading what I've been able to about this issue, I am confident that the right things are being discussed and considered.

Thank you for putting those interests first.  I think it speaks volumes as to the integrity of your team.

Well, I see what you mean there.


But it's likely to be a rare occurance. Randomised changes to the set and randomised series size are very severe deterrents to ASIC development anyway.

Smoothing out the problems with different hashing ASICs working in series would not be difficult, all that's needed is a way to make systematic implementations difficult. You're starting with sinking money into development of every single hash algo that's chosen for the hash set, and a modularised design to chain them together for when the series changes. This really causes problems for large mining operations, as the need for storing unused hashers multiplies by the size of the hash set chosen for the series. And any design decisions taken to make a modularised interconnect for hashing units more difficult will surely be taken. And for every (randomly intervalled) change to the hashing series, the hashers need to be physically reseated, lest valuable space in the infrastructure situated mining centers gets wasted. All only until the random interval changes the series again.

That's a far more difficult development problem than a hashing ASIC, and a commensurately significant investment. And clearly difficult to operate at all efficiently. And your point kills the idea off altogether, ironically; why limit changes to just the hashing algos when you could make other changes that cause further problems with the design of modular interconnects. There's nothing to stop periodic updates to the scheme to force the specialists to innovate an even more difficult design.

Now for me it's the turn to *sigh* ...

What you're saying here is the concept we were talking about, yes - pre-defining a set of algorithms which then are randomly used as PoWs (with random intervals, if you want). If I remember right there are many altcoins already using something like that.

But I suggested, as an improvement, to sometimes change the whole set of algorithms to dis-incentive the development of ASICs for some of the algorithms used in the set, and "ban" algorithms where already ASICs are available.

That is what only can be done manually, with code changes and (probably) only with a hard fork. It's only a suggestion, maybe it's unfeasible because of the necessity to hard fork the chain every couple of years.

(I know you didn't mean that, but: There could be a way to implement even this kind of algo change without hard forks, making such changes be "part of the protocol", but miners then could simply introduce their own favoured algorithms and we have the same problem than now, so I would discard this solution from the start.)

No


A series of hash algos, the size of which is not fixed, is used for PoW.

The interval between the changes is random, whereby the constituents of the series, and it's size, are changed (within some sensible set of bounds).


A hard fork is needed to do all this anyway, so simply make the amorphous PoW definition a part of Bitcoin consensus. If PoW changes are part of the protocol, it's not a hard fork to follow the prototcol. You seem a little confused by the whole concept, frankly.

You seem to propose to have a large set of algorithms in which randomly sub-sets are elected, and from this sub-set every block the algorithm is chosen. What would be the advantage to simply elect one from the entire set in every block? Perhaps it could be more efficient? (Serious question.)

What I meant here is that every couple of years the set is updated manually by the developers, including newly developed algorithms, and "banning" algorithms where ASICs have been developed. That cannot be done automatized until we have a (un-gameable) super-AI that elects the new algorithms for us . Probably, however, that would mean more hard forks. The intervals between these hard forks could be randomised, but would that really make a difference?

Randomized algo changes seems like the way to go. I've seen this mentioned before and considered by reputable devs. If there is ever a bitcoin hardfork (a proper one, not one driven by scammers like Jeff Garzik) I would like to see that. It seems like the only way to avoid massive monopolies. One would need to invest so much money on research and stacking of every single algo to keep being the leader ever under several different algos, that i think it's unlikely the same player would always have the advantage.

And maybe the interval between the changing of the hash series could be randomised. Keep thinking though.

im still not understand, why bitcoin need separate the network? its just to make more money? just for creat new altcoin then the holder bitcoin will get extra money from forking chain?
for me bitcoin (pure bitcoin from nakamoto) is enough to handle current transaction

Okay, I thought about that solution too. As far as I understand the matter, the set of hashing algorithms would have to be large enough to make it unfeasible to produce ASICs for every single algorithm of that series. Such a "PoW concept" surely could work for some time, but I think even then it would be a matter of time until at least for some of the algorithms ASICs are developed, and some miners would set up specialized farms to mine only the blocks of the algorithm they have hardware for. That may be, however, less efficient for them (considering hardware manufacturing costs) than simply to use FPGAs.

Maybe the algorithms could be changed regularly to newer ones, that would dis-incentive ASIC development.

*sigh*


I think using a series of hashing algorithm that alternates randomly from a larger set is probably the way to go. There's no feasible ASIC for that, although I guess FPGA rigs could be introduced that could be re-programmable to the latest series size/combo might be feasible. Hard to see how that setup would be as flexible as just using a standard PC, but there are processing efficiency gains still. Maybe anyone doing that should pray that a random length of time for the hashing series switching interval isn't introduced too


So there is no manufacturers advantage, given that changes to the PoW hashing scheme are carefully thought through (in before some other smart mouth says "that sounds too complicated, confidence etc". If it's too complicated for you, go home, you came to the wrong place already)

I wasn't talking about new Scrypt miner manufacturers but about a new manufacturer of a new ASIC developed for a "fancy ASIC resistant algorithm". This player could ensure a competitive advantage for a long time, and if it accidentally happens to be Bitmain, we have won nothing.


I actually agree here - that would be a nice Utopian vision - but I think it is not realistic. It's a matter of time when the first ASIC will be produced, regardless of the algorithm, because the potential to get the first mover bonus is too high. And once that happens, then we have all the problems you see with Scrypt, but even worse because the first mover will have an extremely big advantage and could impose his agenda at will.

OK, one could do an analysis of the Scrypt miner market (I didn't do it, maybe I should ) and if the dominance of Bitmain in this sector is too strong or there is another mining hardware manufacturer with a near-monopolic position in that market, then that may be a point against Scrypt.

Actually, it would be ideal to choose an algorithm where there are already ASICs available but none of the current big hardware producers (Bitmain etc.) have a dominant position. I am, however, not sure if such an algorithm does exist.