[bitcoin-dev] Praxeological Analysis of PoW Policy Changes, Re: ASICBOOST

praxeology_guy praxeology_guy at protonmail.com
Thu Apr 6 20:12:21 UTC 2017

Praxeological Analysis of PoW Policy Changes, Re: ASICBOOST

On the $100M profit claim

First I'd like to confirm Gregory Maxwell's assertion that covert use of ASICBOOST could result in $100 million USD per year profits.

profit = reward - costs.
Total reward is fixed at (12.5 block reward + 3 fees) * 6 per hour * 24 per day * 365.25 days per year * $1150 USD per bitcoin ~= 1,000,000,000 or 1Billion USD per year.

Miners normally compete against each other until there is only a very small, practically zero profit. Lets say that 50% of the mining hashpower are operating at profit = 0, and the other 50% are operating with > 0 profit due to the 20% increased efficiency of the covert optimization.

How much profit is earned by the covert optimization operators?

Half of the operators would have a cost of ~$500,000,000.
Half would have a cost of ~0.8 * ~$500,000,000 = $400,000,000, leaving profit = $100,000,000.

But does this make sense? What if 95% of hashing power miners used the more efficient process, and 5% didn't. Would this still result in using a similar formula, with $950M * 0.2 = $190M profits? I believe it would. Essentially, the the 95% of the miners are colluding to not increase their capital & hashing power enough to erase their profits. Hence an entity or multiple entities may be colluding to decrease the security of ordering (double spend prevention) of Bitcoin transactions.

Hence a claim that as much as $100M per year could be gained by using the ASICBOOST Optimization is a valid claim.

Miners and Money Owners have Different Motivations

Money owners and miners have different motivations. Miners are currently concerned about the 1-2 year ROI of their capital. In the long term, as ASIC technology for Bitcoin matures, miners will have a longer term ROI concern. For money owners: Short term money owners are looking to transfer their money in the most efficient manner. Long term money owners are looking for a money they expect will become more valuable in the future due to its ability to handle more users with a higher money transfer efficiency than other competing currencies.

$100M per year is a pretty good reason for a miner to want to delay Bitcoin policy improvements that primarily benefit the money owner, yet have only marginal utilitarian benefits for the miner, but evaporate their ability to have such an income.

Money Owner Perspective Analysis

Money owners strive to have a have a PoW algorithm that does not give a subset of the world an advantage by government interference. Such interference threatens bitcoin's decentralized nature, and hence the users' ability to have a money who's policies are dictated by themselves rather than a centralized entity.

Changing the PoW algorithm in a way that makes existing ASIC miner capital worthless... is undesirable because it creates new opportunities for first to market optimizations to centralize mining. It also makes bitcoin's security weaker because the uncertainty of the PoW algorithm de-incentivizes the effort to invest in mining capital, which creates a larger threat for a future malicious threat to perform the 51% attack. For the duration that a new PoW algorithm is not fully optimized with the current latest ASIC manufacturing techniques, and there remains undiscovered optimizations, the double spend security is weaker.

Gregory Maxwell's proposal does not make existing mining capital worthless... it only removes the advantage of using the patent encumbered optimization. Existing capital, particularly the S9, remains being the most efficient capital available for mining Bitcoin. Activating such a proposal will set a precedent for mining equipment manufacturers and operators to expect that certain classes of patented optimizations will only have a limited ROI timeframe before they are made unavailable due to users changing the PoW policy. Miners may still pursue optimizations that are not encumbered by patents without concern that their optimization advantage will be disabled just for the purpose of benefiting some other arbitrary set of miners.

Given that a money owner would not want Bitcoin's ability to transfer money efficently be encumbered in the long term for the sake of miner's profits... in the case where even a non-patent encumbered optimization conflicts with an upgrade to Bitcoin for the money owners... then its a question of how much the change increases bitcoin's money transfer efficiency, and how generous the money owners are towards allowing the optimization-capital-invested miner. I use the word "generous" because the policy users choose for the money supply is entirely voluntary. No contract was made to continue using the same exact PoW algorithm. The guiding reason to keep or change the PoW algorithm to increase the money transfer efficiency of the money. Double spends, and the properties of PoW that secure against double spends, are a large factor in determining such efficiency.

Impact of Changing the PoW Policy vs Covert ASICBOOST

Miners currently using this optimization will lose 20% profits. Old and less efficient mining equipment using the optimization might no longer be profitable in mining Bitcoins. Miners using this optimization but using more costly energy may also no longer be profitable in mining Bitcoins. Difficulty will decrease, and miners not using the optimization will have greater profits and grow in numbers. The difficulty decrease may make older equipment and higher cost energy locations become profitable once again.

Long term impact on miners: As discussed in the money owner's perspective, mainly this will reduce the motivation to perform the R&D, manufacturing, and purchase of patent encumbered optimizations. Realizing that the users may also at a future date disable an optimization in order to in some way make an improvement to Bitcoin will also put a damper on advancing the development of more efficient mining hardware, which is once again desirable to users as it makes the transaction ordering more future proof.

This may also be a lesson to hardware manufacturers that they should not make their chips extremely special purpose... that having some flexibility in the algorithms the device can run may help make their hardware still have other uses in the case that users decide to change the PoW policy. For example, it may be wise for the manufacturer to support an operating mode where only the nonce bit are permutated and no SHA256 operations are skipped due other assumptions about the block header data.

Praxeology Guy's Recommendation

Make it a policy that patent encumbered PoW optimizations are countered/prevented if possible while minimizing the disruption on the utility and availability of optimized mining capital equipment. Owners of Bitcoin should support and activate the proposed PoW policy change by Gregory Maxwell as soon as possible to counter the ASICBOOST patent encumbrance... unless the creators of the ASICBOOST patent transfer their IP to the public domain. SegWit should not be delayed for the purpose of being generous to those who first implement ASICBOOST in their mining operations. Future ASICs and mining equipment should be made with the option to run without optimizations that make assumptions about policy that is subject to change in a future soft fork.

Praxeology Guy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20170406/6dd461aa/attachment-0001.html>

More information about the bitcoin-dev mailing list