Re: defending ahead the p2p nature of bitcoin - blending hashcash & scrypt
If a general purpose CPU can do it, then a purpose-built CPU can do it faster. The best you can do is make it expensive for someone to develop an effective ASIC. Also, time is money, so if you use a random pool of algorithms, then the only people that will have ASICs are those that can afford to develop them quickly.
Agreed, good synopsis of the problem.
Quote
Having a single simple hashing algorithm is better than having a difficult one, or having a pool of them chosen randomly. The reason is that it keeps the barrier to entry lowish for new ASIC producers.
Building an ASIC for SHA-256 is pretty simple. At least 3 different groups have already done it, on shoestring budgets and somewhat quickly. Increase that to maybe dozens if you include the not-suitable-for-bitcoin streaming hasher chips that are commercially available. If (heh) they abuse their position as first movers, the barrier to their competition is very, very low, on the order of tens of thousands of dollars and several months to get started.
Making ASIC development more difficult will keep out the people that we want to include
Building an ASIC for SHA-256 is pretty simple. At least 3 different groups have already done it, on shoestring budgets and somewhat quickly. Increase that to maybe dozens if you include the not-suitable-for-bitcoin streaming hasher chips that are commercially available. If (heh) they abuse their position as first movers, the barrier to their competition is very, very low, on the order of tens of thousands of dollars and several months to get started.
Making ASIC development more difficult will keep out the people that we want to include
Thats a rather good point, I like it. That might even win the argument if we see ASICs of good quality and efficiency flood the market in the next few years, partly as a result of the simplicity of SHA/hashcash.
Quote
and do nothing whatsoever to exclude the people that some would like excluded.
It would do something about the people we want to exclude, that was my point/intention anyway: there are limits to custom hardware optimization where it becomes just too expensive and you're better off buying or making a faster CPU. Intel is a target you're chasing at the speed of Moore's law. Particularly if the algorithm is changing every 6 months in interesting and novel ways. Imagine someone come to you with a mountain of money and says build me this custom CPU in 3 months (so there's three months left to start mining). Maybe you cant do it in time to repay the investment. Maybe you cant do it in the timeframe with any amount of money. Even all of it - there are complexity and science limits for hw gurus and chip fab people etc.
But maybe thats too simplistic a view of the hw response to the challenge, eg maybe they optimize in the direction of reconfigurable flexibility - eg ultra flexible, ultra fast, 22nm FPGAs with more pre-optimized lumpy parts (FP units, cache arrays, integer units, etc). But then there is an argument that that might however be a rather nice general purpose re-programmable CPU so maybe everyone and his dog will be able to buy cards and racks with them on par with miners. And if it becomes reusable enough, it becomes a product with general availability, and that becomes a win for dynamic epoch redefinition of mining function.
If the target is too flexible, particularly dynamic over too short an interval, the hw guy either loses to intel, or he builds an intel competitor flexible hw reconfigurable CPU that everyone (supercomputer vendors, scientific computing, dyanmic function miners) will want to take off his hands. Either way it a win for the dynamically changing mining function approach.
It takes a lot to compete with Intel. Even AMD cant seem to do it these days
- though AMD make real nice GPGPUs.But your main point simple hashing algorithm ..[as it] keeps the barrier to entry lowish for new ASIC producers stands maybe is more robust than the harder to quantify difficulty of super-optimizing hw for an inventively changing mining function - harder to project what could be done, and anyway if the sheer simplicity of the hashcash mining function is enough to ensure p2p availability of hw, its is a more elegant, simpler solution. Simplicity I like.
You know there maybe more than hw availability also to consider. Many GPU miners are mining because they have a GPU. If some of them had to pay for the miner they may drop off. But bitcoin could probably live without that if it had to (sad though it would be to have them lose their fun without buying an ASIC.)
Adam