CryptoNight is Poison

Tim Olson
3 min readOct 16, 2018

--

Complex proofs-of-work (PoW) give unfair advantages to those who can untangle these Gordian knots. Our team at altASIC got 5x better performance than the Bitmain X3 only because the CryptoNight PoW is complicated and we found new optimizations that were missed by the largest miner manufacturer in the world.

CryptoNight has a long history of obfuscation and optimization. The original pseudonymous author secretly designed CryptoNight to be efficiently mined on a CPU, but the public code that was released was extremely slow and purposefully inefficient. Because CryptoNight was so complex, it took some time and a computer scientist to untangle it. David Andersen figured out efficient code and privately mined on AWS until his code was leaked to Bitcointalk. His story is a great read:

David Andersen really knows his stuff, and I’m glad he got some cash, but we see how a complex proof-of-work serves only to aggregate coins to the elite miner writers.

For a long time after Andersen’s miner, CryptoNight was presumed to be ASIC-resistant, since it had been designed to optimize CPU utilization. However, any proof-of-work that a CPU can do well, an ASIC can do smaller and faster with less power, and in 2017 it became clear from the growing Monero hashrate that one or more manufacturers had indeed developed an ASIC for CryptoNight. Building such an ASIC is not easy, and again we saw coins accumulate to only the best in the business.

Now in 2018, our open-source release raises the bar again, by another 500%. We did this by overlapping some compute code in a clever 6-stage pipeline that only takes 4 cycles per hash. This was an optimization that had been missed by three different ASIC companies including Bitmain.

How does the largest miner writer in the world miss a 5x optimization? Because the proof-of-work is complicated.

The more complicated a proof-of-work is, the more opportunity there is for clever people to find optimizations that are not known to the general mining community. Four years after the original release of CryptoNight, after it had been studied by a computer science luminary, talented miner authors, and several ASIC companies, there was still a huge optimization left to be discovered.

Proof-of-work complexity hurts decentralization.

There are many other examples of complicated proofs-of-work putting money in the hands of a few people. Ethash and Equihash have both seen ASICs developed and also had certain GPU implementations significantly outperform others, especially near launch before many optimizations were widely known.

If we want a fair mining market, the proof-of-work must:

  • Have a known optimal solution
  • Be simple to implement

Proofs-of-work without a long history of study and research and without a mathematical proof of computational lower bounds will always be subject to tricks and cleverness, where only the strong prevail. If the proof-of-work solver is both simple and proven to be optimal, then a large number of people should be able to write miners which are roughly equivalent in performance. This is the way to make mining fair.

Let’s learn the lesson of CrypoNight and demand simple, proven proofs of work.

--

--

Tim Olson

In cryptocurrency since 2013 as a startup founder, miner, and trader