Author: Natanael 2017-04-17 22:34:55
Published on: 2017-04-17T22:34:55+00:00
In a bitcoin-dev message, Erik Aronesty expressed his regret over the inability to make Proof-of-Work (PoW) dynamic enough to prevent specialized hardware and allow only GPU/FPGA. He suggested using a variant of Keccak where the sponge size increases with additional zero bits required. However, for this to work, SHA3 would have to be compromised, or else it would resist specialized hardware. SHA3 already has a mode called SHAKE, an extensible output function (XOF), which is like a hash with arbitrary output length.A possible solution to changing PoW could be an algorithm that's moderately processing heavy, resists partial state reuse, and has an existing reference implementation for hardware that's close in performance to the theoretical ideal implementation. Anything relying on memory or other expensive components is likely to fail eventually as fast memory becomes more compact, cheaper, and closer to the cores. To level the playing field in ASIC manufacturing, there shouldn't be any fancy tricks to deploy to give one player an unfair advantage. The competition should mostly be about packing similar gate designs closely and energy efficiency.Finally, the nonce in the header should be larger if possible, reducing the incentive to mess with the entropy elsewhere in blocks.
Updated on: 2023-06-11T22:15:39.321769+00:00