$ (XMR) Monero -

CrunkLord420

True & Honest Fan
kiwifarms.net
Bitmain just announced ASICs for Monero. I do not like this. The Monero team has an existing stance that they will change the PoW algo to stop this. This may lead to a serious Monero fork like Bitcoin Cash vs Bitcoin Core. The core team going with a new algo, and people with interest in ASIC mining will want to keep mining the "Monero Classic".

https://twitter.com/BITMAINtech/status/974180147166261248 (https://archive.fo/lcn0t)
upload_2018-3-15_15-9-38.png

upload_2018-3-15_15-10-15.png


https://twitter.com/fluffypony/status/974324239464624128 (https://archive.fo/UdFv4)
upload_2018-3-15_15-11-56.png


https://shop.bitmain.com/productDetail.htm?pid=00020180314213415366s4au3Xw306A4 (https://archive.fo/gqhOZ)
upload_2018-3-15_15-11-4.png

upload_2018-3-15_15-11-20.png


https://getmonero.org/2018/02/11/PoW-change-and-key-reuse.html (https://archive.fo/MvnZ8)
PoW change and key reuse
Posted by: dEBRYUNE, dnaleor and the Monero project

February 11, 2018

PoW change
Lately, a common reoccurring subject has been ASIC resistance and how we should react to any (potential) threat from ASICs. This blog post sets out our (somewhat) formal stance on ASIC resistance and our intention to maintain ASIC resistance by swiftly reacting to any potential threat from ASICs and considering slightly modifying the PoW at every hardfork.

An ASIC (Application Specific Integrated Circuit) is custom mining hardware that is specialized for a particular use. For example, Bitcoin ASICs are specialized to mine cryptocurrencies utilizing a SHA256 hash algorithm. Due to the fact that they are designed for a specific use, they will typically have a large performance advantage over hardware that is intended for general-purpose use like CPUs, GPUs, and even FPGAs. Thus, any newly developed ASIC will obtain a significant majority of the network hashrate and introduce centralization.

The Monero code was forked from the CryptoNote reference implementation. In the CryptoNote whitepaper (https://cryptonote.org/whitepaper.pdf), one of the identified deficiencies of Bitcoin is the Proof of Work due to its centralizing nature, as we will discuss below. In order to create a more egalitarian mining network and foster decentralization, the original CryptoNote developers created the Cryptonight Proof of Work function to "close the gap between CPU (majority) and GPU/FPGA/ASIC (minority) miners." While the CryptoNote authors admit that "It is appropriate that some users can have a certain advantage over others," they propose that "their investments should grow at least linearly with the power." Thus, it is recognized that ASICs may be an inevitable development for any Proof of Work. We also concede that ASICs may be inevitable, but we feel that any transition to an ASIC-dominated network needs to be as egalitarian as possible in order to foster decentralization. At this point in time, we suspect that any newly developed Cryptonight ASIC will not be egalitarian and will not foster a decentralized network.

The drawback of Bitcoin's (SHA256) proof-of-work system is the easy migration from CPUs to GPUs, to FPGAs, and finally to ASICs, where each step came with huge efficiency improvements. Thus, there is a large gap between CPU mining and ASIC mining, which resulted in ASICs being the only viable way to mine. In essence, this causes centralization, because only those with access to specialized hardware (ASICs) are still able to mine, and these typically come from one or very few manufacturers. Cryptonight (Monero's proof-of-work system) intends to close the gap between CPU and GPU, FPGA, and ASIC mining by using a proof-of-work system that is memory bound over a moderate amount of memory. As a result, ASICs get significantly more expensive to build. This proof-of-work system intends to foster egalitarian mining, which yields the following benefits: First, if mining is decentralized (because CPUs and GPUs are still usable for mining), it will be very difficult to pressure miners into not confirming a certain transaction, or otherwise act as a censor to the Monero blockchain. Second, it will lessen the pressure towards centralization of mining in large data centers (as can be seen in Bitcoin). Third, it is quite difficult for governments to regulate companies selling general-purpose hardware (as opposed to companies selling specialized hardware).

Let's further discuss this last point. Specialized hardware will, most likely, only be designed by a few companies. As we can see from Bitcoin, the majority of ASICs are designed and shipped by Bitmain. As Peter Todd said:

"There's only a tiny number of companies in the world that are capable of building performance/cost competitive ASICs, basically the likes of Intel, ASMC, GlobalFoundries, etc."

This creates a single point of failure. For instance, a government could require these ASIC manufacturers to add a "kill-switch" which allows them to shut down a miner remotely or otherwise control it. This threat has the potential to destroy the whole network. In a similar fashion, governments could require miners to have a license to buy and operate ASICs, thereby confining ASICs to a certain group of licensed people. Furthermore, licensing could ultimately lead to blacklisting certain transactions, i.e., governments can require miners to not mine certain transactions, where disobedience would result in miners having their license revoked. By contrast, introducing a license to operate general purpose hardware is probably an infeasible endeavor.

Mining, in general, is also prone to the rich-get-richer effect, which ultimately leads to centralization. For example, a large miner may have significant economies of scale which allows him to grow his share of the hashrate. The Cryptonight algorithm, due to its egalitarian design, somewhat mitigates this effect because miners have competition from (i) miners that have virtually no costs (e.g. botnets), (ii) hobbyist miners, who use their CPUs and GPUs to support the network and aren't predominantly profit driven, and (iii) web miners. Note that web miners have both illegitimate (e.g. mining via ads without consent) and legitimate use cases (e.g. mining to solve CAPTCHAs or mining to reduce/replace advertisements). By contrast, ASICs accelerate the rich-get-richer effect, because ASIC miners have no competition from the aforementioned mining "groups".

In sum, we strongly believe that it's beneficial to preserve our ASIC resistance. Therefore, we will perform an emergency hard fork to curb any potential threat from ASICs if needed. Furthermore, in order to maintain its goal of decentralization and to provide a deterrent for ASIC development and to protect against unknown or undetectable ASIC development, the Monero team proposes modifying the Cryptonight PoW hash every scheduled fork, twice a year. The modifications will be light, and should not change performance profiles much. The first change is now being tested, and will happen in the coming March fork. Finally, we will continue to research alternative Proof of Work functions that may provide better ASIC resistance than Cryptonight.

Patches will be available for the following software: zone117x's pool, Snipa's pool, Lucas Jones' CPU miner, wolf0's CPU miner, ccminer-cryptonight, sgminer-gm, xmr-stak, xmrig-nvidia, wolf-xmr-miner.

Key reuse
It is important to realize that the security of the Monero network and your own Monero is dependent on the security of your Monero keys. Your Monero keys are MONERO keys. Do NOT use them for any other purpose, including claiming coins from a Monero fork. Using your keys to spend the same outputs twice on different forked blockchains will damage your privacy, and others', as both spends will bear the same key image, but different rings, with only your spent output in common (this does not impact stealth addresses nor confidential transactions, just ring signatures). Moreover, by using such a "same keys" fork, the security of your Monero private keys now depends on those third parties.

  • Forkers, if you're forking Monero, DO NOT ask users to reuse their Monero keys, but have them create new keys for your fork.

  • Users, if a forker asks you to use your Monero keys for their fork (after this notification is published), they're trying to manipulate you into being part of a large scale attack on Monero.
Be safe, and don't reuse your Monero keys for any other purpose than using Monero.
 

CrunkLord420

True & Honest Fan
kiwifarms.net
Serious developer discussion, iamsmooth is OG, not some random issue submitter: https://github.com/monero-project/monero/issues/3387 (https://archive.fo/m0oSK)
Currently Monero is pending a hard fork to modify the PoW in order to invalidate existing rumored and reported ASIC designs, and in addition to continue making such changes repeatedly to attempt to prevent ASIC development and deployment on the network. For various reasons, there are longer-term concerns with this strategy, particularly going forward, including:
  1. Continued and repeated ad-hoc modifications to the PoW algorithm may accidentally (or even maliciously) introduce exploits.
  2. ASIC developers may build in more flexibility to their designs to be able to accommodate small algorithm tweaks (indeed this may already be the case, we don't know).
  3. Potential for favoritism/corruption if plans for tweaks are leaked or influenced far enough ahead of time that some favored ASIC developers may have enough lead time to produce ASICs, while others do not.
  4. A belief that ASICs may be desirable as a means to facilitate industrial scale mining and growing the network beyond what might be called a hobby mining phase.
  5. Potential for increased monopolization if the strategy is only partially effective (i.e. keeps all but oneASIC developer from succeeding)
  6. Dependence of the network on continued frequent hard forking independent of the need for functional upgrades. This carries with it a greater degree of centralization necessary to design, implement and coordinate these forks, without any real plan to transition beyond it.
For these reasons I would propose that we consider (which does not necessarily mean implement) abandoning the ASIC-hostile approach and instead consider adopting an ASIC-friendly approach in a future hard fork.
By ASIC-friendly, I mean something that not only can reasonably be implemented in an ASIC, but which minimizes barriers to creating ASICs, minimizes their costs, facilitates the development of a wide range of compatible hardware at attractive price points, and minimizes opportunities for clever proprietary advantages. By doing so we may maximize the likelihood of a competitive ASIC market developing and minimize the degree of (temporarily or sustained) monopolization. This could possibly be achieved by using a simple, well-known, and well understood algorithm such as SHA3.
There are numerous other potential advantages and disadvantages of this approach relative to Monero's current PoW algorithm and strategy, which can be discussed in comments.
Postscript: My personal view has always been largely ASIC-hostile (primarily based on my analysis the history of the Bitcoin ASIC market when Monero launched in 2014, but reinforced by the continued evolution of the Bitcoin and other coin ASIC markets over the past four years), however I am open to the possibility that unintended consequences of attempting to maintain this approach may cause more harm than overall benefits, in which case it should be dropped.
upload_2018-3-15_16-8-39.png
 

AnOminous

do you see what happens
True & Honest Fan
Retired Staff
kiwifarms.net
Bitmain just announced ASICs for Monero. I do not like this. The Monero team has an existing stance that they will change the PoW algo to stop this. This may lead to a serious Monero fork like Bitcoin Cash vs Bitcoin Core. The core team going with a new algo, and people with interest in ASIC mining will want to keep mining the "Monero Classic".
The drawback of Bitcoin's (SHA256) proof-of-work system is the easy migration from CPUs to GPUs, to FPGAs, and finally to ASICs, where each step came with huge efficiency improvements. Thus, there is a large gap between CPU mining and ASIC mining, which resulted in ASICs being the only viable way to mine.
This is also a succinct explanation of why those people hoarding video cards are idiots. Even FPGAs are now obsolete for Bitcoin mining, and GPUs were the stage before even that.
 
Reactions: Kiwi Jeff

LastOfTheMohicans

kiwifarms.net
This is also a succinct explanation of why those people hoarding video cards are idiots. Even FPGAs are now obsolete for Bitcoin mining, and GPUs were the stage before even that.
People hoarding GPU's aren't mining Bitcoin, they're mining Ether and ZCash mostly.

I also highly agree with iamsmooth. I'm very skeptical that an algo change on either Bitcoin or Monero will not actually advantage Bitmain further.

We're starting to see more companies getting in to compete in the ASIC Design for Mining space on bitcoin: Dragon Mint and AMD to name two, I remember there being a few others where the name escapes me.

If bitcoin goes through an algo change, that doesn't only damage Bitmain, but Dragon Mint, AMD, and others as well, but it hurts Bitmain least of all because they've already made a buttshit of money on their existing miner designs while everyone else is just barely starting up. So Bitmain will have all this capital to get a headstart on making new ASICs and be the only game in town.

I could be wrong, but unless there's some huge breakthrough in silicon design...or some miracle shit happens with graphene in the two years or so, we're probably looking at the maximum efficiency we're likely to get out of ASIC design. Meaning there's absolutely room for other companies to start playing catch up.

To make a kinda-bad-but-workable analogy: Think of online payment processors, PayPal was the only kid on the block for like a decade, now we have Square, Venmo, Zelle...bitcoin....
 
Last edited:

AnOminous

do you see what happens
True & Honest Fan
Retired Staff
kiwifarms.net
People hoarding GPU's aren't mining Bitcoin, they're mining Ether and ZCash mostly.
Even considering that, though, all they're doing is overpaying a lot for GPUs that are now overpriced, for a limited time window that closes when they "successfully" jack up the difficulty because of all the idiots doing this simultaneously.
 

CrunkLord420

True & Honest Fan
kiwifarms.net
Advice from FluffyPony regarding MoneroV fork (unrelated to the ASIC "Monero Classic").
https://monero.stackexchange.com/questions/7826/how-can-individuals-safeguard-themselves-and-the-community-against-a-key-reusing
Regardless of the true intention behind the MoneroV developers, it forking off the existing Monero blockchain poses danger to the privacy of Monero users. While the MoneroV forking date has been put off, it may (un)surprisingly occur punctually next month. And we definitely cannot be sure if a State Sponsored Agency is planning a similar attack in the near future.

I am concerned about what I, as an individual, can do to safeguard (1) my funds; (2) my privacy; (3) other Monero users' fund; and (4) other users' privacy.

Question: What can I do before and after the "fork attack" to mitigate its risks?

From what I've read in the linked QA and elsewhere, some people suggested the following, though I am not sure about their effectiveness, or whether these methods will actually expose me or others to greater danger.

  1. Don't claim coins in fork
  2. Churn after fork
    • Preferably to a new wallet
    • Preferably multiple times
    • Preferably using either (1) all key images being after fork, or (2) a good mix of pre- and post-fork key images
    • Preferably with a higher-than-default ringsize, and when others are also churning with the same ringsize. Note that the upcoming hard fork... I mean network upgrade... will increase minimum ringsize to 7.
    • Preferably not right after the fork
  3. Any non-technical measures e.g. redirect newcomers interested in the forked coin to original Monero; discourage exchanges to list fork coin...
 
Reactions: Kiwi Jeff

CrunkLord420

True & Honest Fan
kiwifarms.net
Reminder that the hardfork is in less than 24 hours. If you are mining Monero make sure you've updated your miner. If you're not mining Monero consider that it will become more profitable to do so as there will be less competition from ASIC miners and poorly/unmantained botnet miners.
 

Lesbian Sleepover

Party Announcement
True & Honest Fan
kiwifarms.net
I noted my hash power started climbing this past week

CastXMR 9.0/9.2 is marked as malware bytes windows 10
 

CrunkLord420

True & Honest Fan
kiwifarms.net
Congrats everyone, we've mined a block on the new algo. Pat yourselves on the back. I'll be curious to see the new hashrate once it's averaged out and adjusted.

Height: 1546001/1546001 (100.0%) on mainnet, not mining, net hash 1.12 GH/s, v7, up to date
 

CrunkLord420

True & Honest Fan
kiwifarms.net
@CrunkLord420 @14⚡⚡ weev ⚡⚡88
Are you guys concerned about the splits?
They are concerning, I'd suggest reading the thing FluffyPony posted about MoneroV. Exchanges like Poloniex actually turned off their deposits/withdraws completely in the heat of it, and I know at least one person who was attempting to double spend.

I think the worst of it is over for now, unless there's some new news I haven't seen yet.
 

Dissociation

kiwifarms.net
Bitmain just announced ASICs for Monero. I do not like this. The Monero team has an existing stance that they will change the PoW algo to stop this. This may lead to a serious Monero fork like Bitcoin Cash vs Bitcoin Core. The core team going with a new algo, and people with interest in ASIC mining will want to keep mining the "Monero Classic".
Anyone who thinks Monero should be anything but adversarial to ASICs is clearly wishing a curse upon the success of the project.
 
Reactions: Lesbian Sleepover

Lesbian Sleepover

Party Announcement
True & Honest Fan
kiwifarms.net
The last update last year killed my rigs and I pointed all ethOS rigs to ETH . The process drop and fkd miners were a turn off.

Once I add capacity , energy-wise, I nature start some standalone Ubuntu rigs again .

I love Monero.
 
Tags
None

About Us

The Kiwi Farms is about eccentric individuals and communities on the Internet. We call them lolcows because they can be milked for amusement or laughs. Our community is bizarrely diverse and spectators are encouraged to join the discussion.

We do not place intrusive ads, host malware, sell data, or run crypto miners with your browser. If you experience these things, you have a virus. If your malware system says otherwise, it is faulty.

Supporting the Forum

How to Help

The Kiwi Farms is constantly attacked by insane people and very expensive to run. It would not be here without community support.

BTC: 1EiZnCKCb6Dc4biuto2gJyivwgPRM2YMEQ
BTC+SW: bc1qwv5fzv9u6arksw6ytf79gfvce078vprtc0m55s
ETH: 0xc1071c60ae27c8cc3c834e11289205f8f9c78ca5
LTC: LcDkAj4XxtoPWP5ucw75JadMcDfurwupet
XMR: 438fUMciiahbYemDyww6afT1atgqK3tSTX25SEmYknpmenTR6wvXDMeco1ThX2E8gBQgm9eKd1KAtEQvKzNMFrmjJJpiino