Thought I’d spin off a more durable discussion here from Gitter, as it’s a topic that many should be interested in. It’s also a good first governance-related topic. Warning: it’s a long read.
The news that influence this discussion is the release by Bitmain of Ethash (Ethereum), Cryptonight (Monero) and Equihash (Zcash) miners. The fact they’re announced around the same time may not be coincidental. It could be a marketing strategy, or it could be that bitmain has become a lot better at producing ASICs for less classic algos.
Moving on to Cucko Cycle, it’s unclear how much more (or less) ASIC-resistant the algo is. If the ultimate bottleneck is really memory latency and/or bandwidth, ASICs would only provide minimal advantages (because you hit DRAM speed limits, which is the same everywhere). But we haven’t reached a level of optimization of the mining software that would corroborate this claim yet. So the best we could hope for regarding Cuckoo Cycle ASIC resistance is that ASICs would provide less of a speedup compared to other algos, and would possible be more expensive. Especially if we move up cycle size from Cuckoo30 to 31 and 32 in the future.
Also, while the strengths of PoW and how ASICs are the best outcome in an ideal market are good to discuss, that’s already been done. I’m much more interested in discussing the impact in the current market and its realities.
I would propose assessing a given proof-of-work mining ecosystem using only these 2 criteria:
- Does it provide enough security to the chain against a 51% attack?
- Is it decentralized enough to provide a good level of censorship resistance?
ASICs in theory improve on the first criteria, coming close to optimal efficiency and are neutral on the second. So for that reason and the fact that they’re technically better, I’d generally prefer ASICs to mine.
But practically, the current ASIC market is disastrous for decentralization and censorship resistance and shows no sign of evolving in the right direction. Bitmain’s business practices have made them very successful, they’ve repeatedly shown they could outcompete other manufacturers and even kill new entrants, and that over multiple years. They’ve also shown they were not afraid to enter into dubious agreements with their clients. Proof of work security is very sensitive to cartels (that’s a technical statement btw, not a moral one). So I’m not optimistic the market will “work it out”, at least in the short and medium terms.
Cryptocurrency communities have reacted in different ways:
- Monero has pledged to keep ASIC resistance and hard fork when needed (helps that they hard fork every 6 months regardless).
- Zcash seems to be taking a wait-and-see approach for now.
- Ethereum is moving toward proof of stake regardless, and the ASIC efficiency gain seems lesser on Ethash, so they seem to be fine.
- Honey badger don’t care.
So what should we do? I’ll write down a couple additional thoughts before jumping to my own take:
- Maintaining ASIC resistance in the long term is futile. No matter what, ASICs can be built and will have at least some additional efficiency gains, even if minimal. As the overall market size increases, building new ASICs gets more affordable.
- Being overtly ready to hard fork every time, in the long term, is a bad strategy. You’re signing up either for people developing ASICs secretely to avoid the next fork, or getting forced to hard fork in random ways very regularly “just in case”.
- GPU mining isn’t necessarily doomed. Many people have purchased GPUs for other reasons (like Call of Duty), so as long as the efficiency is still reasonable, they can compete with professional miners because their equipment is a sunk cost.
- “Young coins” like us are much more sensitive to these pressures because both the mining ecosystem and the market are still small. So we need to start with as high a bar as possible in terms of censorship resistance. Not to mention that Grin is privacy centric, so censorship resistance is very important to us.
I think we’re trying to protect ourselves for the short to mid term. There’s only so much we can do anyway and we have to hope the market will, eventually, work this out. So here are 2 strategies that I could see myself supporting (until someone comes up with better):
- Wait and see until we’re fully ready for mainnet and do not promise anything either way. This is the most comfortable for us developers, but the least for our community. So I wouldn’t want to keep that approach past mainnet.
- Maintain ASIC resistance for the first 2 years. This duration makes sense because we have already planned hard forks and should give enough time for at least our market to mature. We could do this by increasing graph size and possibly tweaking cycle lengths if necessary.
What are your thoughts?