1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <andyparkins@gmail.com>) id 1X30iq-0004bH-3y
for bitcoin-development@lists.sourceforge.net;
Fri, 04 Jul 2014 10:28:04 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
designates 74.125.82.170 as permitted sender)
client-ip=74.125.82.170; envelope-from=andyparkins@gmail.com;
helo=mail-we0-f170.google.com;
Received: from mail-we0-f170.google.com ([74.125.82.170])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1X30io-0000G6-D6
for bitcoin-development@lists.sourceforge.net;
Fri, 04 Jul 2014 10:28:04 +0000
Received: by mail-we0-f170.google.com with SMTP id w61so1475552wes.15
for <bitcoin-development@lists.sourceforge.net>;
Fri, 04 Jul 2014 03:27:56 -0700 (PDT)
X-Received: by 10.180.82.7 with SMTP id e7mr55731421wiy.74.1404469674977;
Fri, 04 Jul 2014 03:27:54 -0700 (PDT)
Received: from momentum.localnet ([91.84.15.31])
by mx.google.com with ESMTPSA id
fn1sm77658228wib.18.2014.07.04.03.27.53
for <bitcoin-development@lists.sourceforge.net>
(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Fri, 04 Jul 2014 03:27:54 -0700 (PDT)
From: Andy Parkins <andyparkins@gmail.com>
To: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Date: Fri, 04 Jul 2014 11:27:51 +0100
Message-ID: <10566815.3CllqoMfON@momentum>
User-Agent: KMail/4.12.4 (Linux/3.10-2-amd64; KDE/4.13.1; x86_64; ; )
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(andyparkins[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1X30io-0000G6-D6
Subject: [Bitcoin-development] ASIC-proof mining
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Fri, 04 Jul 2014 10:28:04 -0000
Hello,
I had a thought after reading Mike Hearn's blog about it being impossible to
have an ASIC-proof proof of work algorithm.
Perhaps I'm being dim, but I thought I'd mention my thought anyway.
It strikes me that he's right that it's impossible for any algorithm to exist
that can't be implemented in an ASIC. However, that's only because it's
trying to pick an algorithm that is CPU bound. You could protect against ASCI
mining (or rather, make it irrelevant that it was being used) by making the
algorithm IO-bound rather than CPU-bound.
For example, what if the proof-of-work hash for a block were no longer just
"hash of block", which contains the hash of the parent block, but instead were
hash of
[NEW_BLOCK] [ALL_PREVIOUS_BLOCKS] [NEW_BLOCK]
[ALL_PREVIOUS_BLOCKS] is now 20GB (from memory) and growing. By prefixing and
suffixing the new block, you have to feed every byte of the blockchain through
the hashing engine (the prefix prevents you caching the intermediate result).
Whatever bus you're using to feed your high speed hashing engine, it will
always be faster than the bus -- hence you're now IO-bound, not CPU-bound, and
any hashing engine will, effectively, be the same.
I'm making the assumption that SHA-256 is not cacheable from the middle
outwards, so the whole block-chain _has_ to be transferred for every hash.
Apologies in advance if this is a stupid idea.
Andy
--
Dr Andy Parkins
andyparkins@gmail.com
|