Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency - page 1609. (Read 4670622 times)

So you mean that I can use both AMD GPU and Intel HD graphics for mining on one computer?

Quite interested in having a purely OpenCL miner. I know Claymore is OpenCL, but it only works with AMD GPUs. The Intel HD series of GPUs are very poor I know, but they too utilize OpenCL - for those of us that are hoping to squeeze every little last bit from our systems using the onboard GPU would be very advantageous.

This is a continuous process, not suddenly halved (like bitcoin). The continuous decrease is such that after 512 days the reward is half of original one.

the emission halves every 512 days?

The number of coins produced a day will still be the same 23K+- 10% .

As mentioned by Aminorex "Block reward was 17.6 initially (97 days ago) and is now 15.4.  It takes 512 days to halve the emission. "

As long as Demand-Supply is there , even Asics wont hurt the coin.

I assume nothing. ASICs may rip this to shreds. I merely state that it isn't inevitable.

We don't know how much cryptographic analysis there was, since it was all done in secret by whoever designed it (also secret). Maybe there was a lot, maybe none at all, or maybe something in between.

Re: cryptographers, yes, we are paying cryptographers to review it, as has been stated on this thread before. We are conducting a top-to-bottom review of everything. Cryptography is important, of course, but there are plenty of opportunities for other problems throughout the code as well. And this was indeed the case with the deoptimized mining code we discovered when we first started looking at the code we inherited, but certainly the scope of this effort is not now limited to (or even focused on) mining.

I know what you mean.

Will do that. Instead of them getting scared off they could be supporting Monero.
 
Must find out if there is a crypto community here in Portugal.

hasta!
Monero to 2100!

I edited my prior post. I think the complexity is working against you, not for you as you assume. Defer to your cryptographers. You've got to characterize it before you can make any such qualitative assumptions with certitude.


The worst thing that can happen is a few have a significant advantage. If that degenerate case is the true risk (we can't say since we don't know), much better to have ubiquitous cheap ASICs.

Those are thousands of copies of something, but not thousands of copies of the original algorithm. The latter is straightforward and reasonable to assume as essentially inevitable for any algorithm that is implementable in a small amount of hardware (as the original post to which I replied suggested was the case here, incorrectly). The former is not.

Finally, I spent enough time trying to understand how to use XMR. My level is too low.
BTW I think it is enough to start trading.

I decided to make an arbitrage. To buy XMR on the Poloniex exchange and to sell it on the Hitbtc exchange.
There is a nice difference between XMR prices on this exchanges. So if you did not try it before - do it. You can earn additional money. Check rates by yourself and make your own conclusions.
After I'll test it with XMR - I'll write here some additional information. If you id it before - write what you think.

We can't make the latter assertion with certitude without knowing the former, because it is possible some insights reduce the size of the memory space required. Such insight could possibly require very fast circuit for some particular computation that could only be done on an ASIC.

And such insights could possibly be proprietary (for a while at least) could potentially be a major problem in the future. I assume you will have cryptographers doing cryptanalysis on the proof-of-work soon to head off such a threat.

Yes you are right, I had looked a a server layout.

But the point being that even if it is 10%, then you can't include more than 10 copies on the same size die using the same process. Using a cheaper/inferior process, you will be including far fewer than 10 copies.

I make no claim about more qualitative design improvements, cryptographic flaws (though in some cases these might translate to CPU/GPU mining improvements as well as ASIC), etc.. I was simply addressing the "thousands of copies" comment. That approach is not feasible.

Much better. Thanks for the clarification.

I looked at an image of the Haswell die and appears to be less than 20%. The APU (GPU) is taking up more space on the consumer models. On the server models there is no GPU and the cache is probably a higher percentage of the die.


I believe that is wrong. I suspect an ASIC can be designed that vastly outperform (at least on a power efficiency basis) and one of the reasons is the algorithm is so complex, thus it probably has many ways to be optimized with specific circuitry instead of generalized circuitry. My point is isolating a simpler ("enveloped") instruction such as aesinc would be a superior strategy (and embrace USB pluggable ASICs and get them spread out to the consumer).

Also I had noted (find my post in my thread a couple of months ago) that the way the AES is incorrectly employed as a random oracle (as the index to lookup in the memory table), the algorithm is very likely subject to some reduced solution space. This is perhaps Claymore's advantage (I could probably figure it out if I was inclined to spend sufficient time on it).

There is no cryptographic analysis of the hash. It might have impossible images, collisions, etc..

We didn't create it, we inherited it from the CryptoNote reference code. All optimisations we've made to it are public and in master on github.

Claymore has a Win64 AMD *only* miner, locking out all the serious miners who typically use Linux. He has the option to disable the fee:


Over and above that, the most optimised cpuminer-multi is available on Github, and for those mining on Nvidia cards, ccminer-cryptonight is also available on Github. The last one is particularly relevant, as a large portion of GPU miners began moving away from AMD when the GTX 750 ti was released (massive power savings over AMD cards).

Claymores miner has a no fee option and there is also a fee free verison for Nvidia cards as far as I know. It is also limited to windows.

Claymore is not getting "5% of the universe".

Plus if you beleive the botnet line then they arent going to be using Claymores miner.
Plus all the people who are mining on their own hardware (CPU's) are again not paying that 5% fee. Really dont see how you would come to the conclusion that Claymores miner is the equivalent of a 5% premine.

Yeah (I read that before) and Claymore is earning (up to) 5% of all the coins apparently with some proprietary insight. Hmmm. As a programmer, makes you wonder doesn't it.

So Rpietila said he would never invest in a coin with a premine (not even 1% for the core developers?), yet Claymore is taking 5% of the universe?

This should be a how-to-guide take 5% of the universe by releasing some public CryptoNite specification anonymously and pretending to be doing it for noble reasons. Of course this doesn't necessarily implicate the Monero developers, since (if) they didn't create CryptoNite. And this is of course speculation.

(I didn't attempt to learn if Claymore is anonymous?)



Since the 290X is about 2.5x the power TPD as the i7, appears they are roughly at power efficiency parity with perhaps a slight advantage to the CPU, which is roughly equivalent to the observed result for MemoryCoin 2.0's proof-of-work.

However that is a significant disadvantage to all those who run a 32-bit operating system, which is apparently still greater than 50% of all computers:

http://community.spiceworks.com/topic/426628-windows-32-bit-vs-64-bit-market-share

http://en.wikipedia.org/wiki/Usage_share_of_operating_systems#Desktop_and_laptop_computers

The L3 cache by itself is almost half of the chip. There is also a 64 bit multiply, which is I'm told is non-trivial. Once you combine that with your observation about Intel having a (likely persistent) process advantage (and also the inherent average unit cost advantage of a widely-used general purpose device), there just isn't much if anything left for an ASIC-maker to to work with.

So no I don't think the point is really valid. You won't be able to get thousands of times anything with a straightforward ASIC design here. There may be back doors though, we don't know. The point about lack of a clear writeup and peer review is valid.


This is obviously going to be true, but the scope of the task here is very different. Thousands of copies will not work.

We have the same issue with the CryptoNight PoW algorithm. To quote the initial CryptoNote whitepaper review we've released:

smooth, his point is still valid in the sense that if L3 cache is implementable on an ASIC then there might be many transistors in the CPU which are not being utilized and in which case the ASIC might in theory be able to pack more hashrate on the same die or decreased cost of hardware for the equivalent hashrate. And it is possible that specific memory use pattern of Monero's proof-of-work hash could be optimized on an ASIC as compared to the use of the generalized L3 cache on the CPU. This would need much more investigation, but realize that caching is a very wide topic, e.g. consider the variable of set-associativity. Be very careful making blanket statements, because the devil is in the details.

Yet my point was that if Intel lithography[1] is at 22nm when the ASICs are at 28 or 40nm (due I assume to Intel's higher economies-of-scale and consequent long-term investment schedule), then in terms of more hashes per watt, Intel might have a potential advantage should they attempt to maximize some instruction, e.g. the aesenc instruction. Such a well enveloped instruction may have much fewer modes of optimization as compared to usage patterns of L3 cache.

Electricity consumption may be the more significant factor, especially if you consider the points I made that if home miners mine at a loss, then ASIC farms would mine at a loss too if the home mining setup is equivalent in power efficiency.

And you've still got all the latent power issues on a CPU with so many things that aren't being utilized but which are still powered on. Intel has been working very much on improving the finer grained power down of unused modules as they realize power consumption is extremely important.

The CPU has an inherent disadvantage in that it is designed to be a general purpose computing device so it can't be as specialized at any one computation as an ASIC can be.

There is much more that has to be investigated and I can find nearly nothing on Monero's proof-of-work hash. No benchmarking. No detailed whitepaper. Nothing but the source code.

[1] Lithography on silicon isn't consistently that small. That progress halted somewhere in the realm of 30nm or so. Other tricks (even 3D transistors) have been employed to give the apparency of what 22nm geometry would provide. Intel has had delays moving to "14nm".