[bitcoin-dev] Proposal: Low Energy Bitcoin PoW
ZmnSCPxj
ZmnSCPxj at protonmail.com
Tue May 18 12:58:19 UTC 2021
Good morning Michael,
> Good morning Michael,
>
> > Nothing in a dynamic system like PoW mining can be 100% anticipated, for example there might be advanced in manufacturing of chips which are patented and so on.
> > It sounds like your take is that this means no improvements can ever be made by any mechanism, however conservative.
>
> Not at all.
>
> Small-enough improvements over long-enough periods of time are expected and anticipated --- that is why there exists a difficulty adjustment mechanism.
> What is risky if a large-enough improvement over a short-enough time that overwhelms the difficulty adjustment mechanism.
> ASICBOOST was a massive enough improvement that it could be argued to potentially overwhelm this mechanism if it was not openly allowed for all miners.
Or to put it in another perspective:
* Small improvements to PoW mining are tolerated by Bitcoin.
* Such improvements are expected to be common.
* Large improvements to PoW mining are potential extinction events for Bitcoin, due to massive centralization risk.
* Such improvements are expected to be *rare* but *not* nonexistent.
* The number of possible circuit configurations is bounded by physical limits (matter is quantized, excssively-large chips are infeasible, etc.), thus the number of expected optimizations of a particular overall algorithm are bounded.
Suppose two manufacturers find two different small improvements to PoW mining.
In all likelihood, "the sum is better than its parts" and if the two have a cross-licensing deal, they can outcompete their *other* competition.
Further, even if some small competitor violates the patent, the improvement may be small enough that the patent owner may decide the competitor is too small to bother with all the legal fees involved to enforce the patent.
Thus, small improvements to PoW mining are expected to eventually spread widely, and that is what the difficulty adjustment mechanism exists to modulate.
But suppose a third manufacturer develops an ASICBOOST-level optimization of whatever the PoW mining algorithm is.
That manufacturer has no incentive to cross-license, since it can dominate the competition without cross-licensing a bunch of smaller optimizations (that may not even add up to compete against the ASICBOOST-level optimization).
And any small competitor that violates patent will be enforced against, due to the major improvement that the large optimization has and the massive monopolistic advantage the ASICBOOST-level optimization patent holder would have.
SHA256d-on-Bitcoin-block-header has already uncovered ASICBOOST, and thus the number of possible other large optimizations is that much smaller --- the number of possible optimizations is bounded by physical constraints.
Thus, the risk of a black-swan event where a new optimization of SHA256d-on-Bitcoin-block-header is large enough to massively centralize mining is reduced, compared to every other alternative PoW algorithm, which is an important reason to avoid changing PoW as much as possible, without some really serious study (which you might be engaged in --- I am not enough of a mathist to follow your papers).
We are more likely to want to change SHA256 for SHA3 on the txid and Merkle trees than on the PoW.
Regards,
ZmnSCPxj
More information about the bitcoin-dev
mailing list