Scrypt proof of work: Difference between revisions
mNo edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
Scrypt adds memory-intensive algorithms to reduce the efficiency of logic circuits. | '''Scrypt proof of work''' is an alternative mining scheme that adds memory-intensive algorithms to reduce the efficiency of logic circuits. This was a relatively successful attempt to make CPU and GPU mining remain profitable, even with the advent of FPGAs and ASICs for SHA mining. | ||
== History == | == History == | ||
Originally introduced as part of the altcoin | Originally introduced as part of the [[altcoin]] '''Tenebrix''' (TBX) by ArtForz and Lolcust, it was claimed to be resistant to GPU, FPGA, and ASIC implementation.<ref>[https://bitcointalk.org/?topic=45667 BitcoinTalk discussion thread for the "Tenebrix" altcoin]</ref> Tenebrix was heavily premined, so '''Fairbrix''' (FBX) was later launched as an alternative. | ||
Around mid-2012, GPU-based mining began to become widespread | |||
=== Specialized hardware === | |||
Around mid-2012, GPU-based Scrypt mining began to become widespread, and by late 2013 Scrypt ASICs had began shipping. As Scrypt is no longer GPU-resistant, FPGA-resistant or ASIC-resistant, it is left with little use other than speculative altcoins. | |||
== Problems == | == Problems == | ||
Line 11: | Line 12: | ||
"51% attacks" become more difficult to launch and maintain as the hash rate of the network grows. | "51% attacks" become more difficult to launch and maintain as the hash rate of the network grows. | ||
However, this argument posits that since | However, this argument posits that since Scrypt is designed to be inefficient on all common computer components (both CPUs and GPUs), a malicious entity need only produce a small batch of specialized/custom hardware to overtake all the commodity mining systems combined. | ||
=== Memory bandwidth refutation === | |||
This issue is commonly refuted by arguing that Scrypt is not designed to be inefficient, but is instead designed to be highly dependent on memory bandwidth. | |||
Since the high-speed cache RAM on modern processors already takes up most of the die space, no sizeable improvement could then be made by creating custom chips. | Since the high-speed cache RAM on modern processors already takes up most of the die space, no sizeable improvement could then be made by creating custom chips. | ||
If we accept this argument we then estimate the cost of attack utilizing GPUs that are available today. | If we accept this argument we then estimate the cost of attack utilizing GPUs that are available today. |
Revision as of 05:04, 10 January 2015
Scrypt proof of work is an alternative mining scheme that adds memory-intensive algorithms to reduce the efficiency of logic circuits. This was a relatively successful attempt to make CPU and GPU mining remain profitable, even with the advent of FPGAs and ASICs for SHA mining.
History
Originally introduced as part of the altcoin Tenebrix (TBX) by ArtForz and Lolcust, it was claimed to be resistant to GPU, FPGA, and ASIC implementation.[1] Tenebrix was heavily premined, so Fairbrix (FBX) was later launched as an alternative.
Specialized hardware
Around mid-2012, GPU-based Scrypt mining began to become widespread, and by late 2013 Scrypt ASICs had began shipping. As Scrypt is no longer GPU-resistant, FPGA-resistant or ASIC-resistant, it is left with little use other than speculative altcoins.
Problems
Vulnerability to mining monopoly
"51% attacks" become more difficult to launch and maintain as the hash rate of the network grows. However, this argument posits that since Scrypt is designed to be inefficient on all common computer components (both CPUs and GPUs), a malicious entity need only produce a small batch of specialized/custom hardware to overtake all the commodity mining systems combined.
Memory bandwidth refutation
This issue is commonly refuted by arguing that Scrypt is not designed to be inefficient, but is instead designed to be highly dependent on memory bandwidth. Since the high-speed cache RAM on modern processors already takes up most of the die space, no sizeable improvement could then be made by creating custom chips. If we accept this argument we then estimate the cost of attack utilizing GPUs that are available today.
To do so we start with an estimated cost of hardware at $400 per megahash per second and a reasonable network hashrate of 30 gigahashes per second. The total amount of equipment necessary to match and takeover this network via 51% attack would then be an estimated $12M USD (or about 45,000 AMD HD 7950s).
Variations
In mid-2013, a user nicknamed pocopoco introduced an altcoin ("YACoin") using scrypt with an adaptive "N-factor"[2].