[Bitcoin-development] ASIC-proof mining

kjj bitcoin-devel at jerviss.org
Fri Jul 4 16:50:00 UTC 2014

Just some general comments on this topic/discussion.

I suspect that there exist no algorithms which cannot be done better in 
an application-specific device than in a general purpose computer.  And 
if there is such a thing, then it must necessarily perform best on one 
specific platform, making that platform the de facto application 
specific device.

I'm not sure how one would go about proving or disproving that, but it 
seems very likely to be true.

IO-bound is exactly the same as memory bound, for devices that have 
enough memory.  20 GB is already trivial today, and you don't really get 
into ask-the-wife-for-permission money until you cross 128 GB. The 
exception would be if the IO was to an oracle outside of the device's 
control, and artificially limited in throughput.  Such a centralized 
oracle would be contrary to the goals usually stated by people thinking 
about anti-ASIC designs, so there isn't much point.

Keeping the algorithm simple, and ASIC-easy, has one other advantage.  
Just about anyone can sit down and design an ASIC for SHA, for example, 
leading to diversity in the marketplace.  A harder algorithm can still 
be made into an ASIC (or more generally into an ASD), but will require 
more skilled designers, more expensive fabrication, etc.  This actually 
concentrates the ASIC advantage into the hands of fewer people, which 
again, is contrary to the stated goals.

More information about the bitcoin-dev mailing list