Bitcoin’s Latest Scandal: How to Analyze the ASICBoost Mining Debate
Too many strawman arguments are flying around the Bitcoin space right now about how Jihan Wu, with his alleged covert ASICBoost modification, is mining selfishly but not really doing anything wrong since we can expect miners to seek maximum profits. This harmful behavior must end now.
Jihan’s unfair earnings have been calculated by two different developers now to be in the neighborhood of $100 million per year. If his sin was only making a better product that earned that much money, I’d be trying to cozy up to him and get him on my good side today. I’ve got no problem with winners.
But that’s not his crime. If Greg is correct in his accusation, Jihan was causing unimaginable amounts of harm to Bitcoin, which if left unchecked, may even lead to it’s doom.
There may be other sins, but these are top three problems I can see covertly mining ASICboost in the way Greg describes:
Sin #1: Community splitting, i.e. Divide & Conquer.
If Greg is correct, the entire blocksize debate since ~2014 was little but Jihan’s way to keep us fighting against each other so that Bitcoin will not scale up in a way that blocks Jihan’s edge. It appears that SegWit and many other scaling upgrades with a similar solution are upgrades that Jihan cannot allow to ever happen since he got his ASICBoost tech deployed.
Since that time, early 2015, this community has split into two communities at each other’s throats and there has been wave after wave of challengers to the Core devs… (Bitcoin Classic, BitcoinXT, BU, and now Extension Blocks) — All that do not use the upgrade that nullifies the gains from ASICboost.
If Greg is right, Bitmain signaling for BU and all of its efforts to oppose SegWit were never for ideological reasons, just financial. It means that our fight was a delay tactic, so he could earn more money, plain and simple.
So many friendships lost, so much time and effort wasted…
Think of all the energy that developers could have been put into scaling bitcoin that was instead spent on defending themselves from attack; it’s unfathomable.
As to how anyone would be able to force us to fight each other, I’ll simply link readers to explanations of the well-established concepts of sockpuppetry and agent provocateurs, and allow your imagination to go wild with how much strife Jihan would be able to accomplish using those two methods with his war chest of up to $100 million per year.
Because of this strife, many have turned to altcoins, and many people and businesses outside of bitcoin did not join us that would have otherwise. Because of this strife, we haven’t scaled Bitcoin in any meaningful way yet, and that has stopped many desirable use cases that depend on micropayments from being completed, including Code Valley, Yours, MegaUpload2, and tons of other projects and infrastructure… Which again, turns businesses away from embracing bitcoin. (And startups from starting up.)
Today’s price would likely be $6,000 or higher, IMHO, if it weren’t for that loss of our cohesion that it appears Jihan personally created sometime before 2015.
Sin #2: ‘Merklegrinding’ makes Bitcoin less safe.
Bitcoin’s cryptographic security relies on creating as much hard work for a would-be attacker as possible, as measured in the number of operations a task requires to be computed. As Greg Maxwell has explained on the Devlist, the attack is highly technical in nature so it’s hard for most to understand the significance, even among other devs. “While talking about it privately for the last month I ran into many experts that kept lapsing into thinking that the collision required 2³² work, and other misunderstandings,” he said.
A great, recent writeup by MIT’s Jeremy Reubin is here, but Greg was correct to describe it as difficult to understand. What follows is my imperfect summary, for those who won’t take the time to read it for themselves.
Apparently, the SHA2–256 cryptography behind Bitcoin’s mining function uses a “merkle damgard hash function” that all miners have to perform in order to keep looking for those special numbers to submit like lotto tickets every ten minutes.
Without using the covert version of ASICBoost, the odds of winning were equal for all miners, in relation to their hashing power, because the amount of work was equal for everyone.
In this case, Greg has accused Bitmain of changing his process, deep inside the hardware where you can’t look at the code, to make a big shortcut in the merkle damgard hash function so that it ‘grinds on the version bits’ of the Merkle root, which cheats the process by shuffling transactions that it processes. Detecting actual usage of this is impossible, only statistical evidence of the output can be detected.
Meanwhile, the process of making bitcoin secure with mining has been compromised. Instead of all miners competing on a level playing field, Jihan’s miners have allegedly been taking the shortcut, doing less work to win more blocks. That’s textbook bypassing of a basic security in Bitcoin.
This process cannot be done mistakenly, because doing it this way would normally be very wasteful, since the process trades away system RAM and extra SHA256 calculations in order to shuffle the transactions in a different order to pull this off. It’s a very blatant cheat and serves no other purpose but trading away security for extra money, and only in a very certain set of circumstances does it pay off. Jihan’s exact circumstances.
Use of this process also explains all of the empty blocks that Jihan has been defending the right to create, despite how much we all need more space in our Blocks due to the high number of transactions these days.
Bitmain has officially denied USING this process on Bitcoin’s mainnet, and that is now 100% of the point of contention we need investigated thoroughly.
This merklegrinding is the part that Core developers are calling the “attack,” just as they would anything else that tries to bypass Bitcoin’s security defenses. If Greg is correct, bitcoin has been far less safe than it should be for as long as Jihan has been doing this covertly. That could be as far back as 2014.
Sin #3: Miner centralization.
If he is using this unfair advantage, Jihan has already put at least two competitors out of business that couldn’t figure out why they failed. In May 2016, Now-bankrupt KNC Miner’s CEO Sam Cole was interviewed and said a few things about Bitmain that explain a lot today if Greg is correct.
“The competition has increased more than we could ever anticipate. When we crunch the numbers it amounts to hundreds of millions of dollars that have been invested only in the past six months… Even if they have free electricity we can’t understand how they can make a profit” — Cole
KNC was only the most recent Bitcoin mining company to go under since Jihan got his ASICBoost patent. The Israeli Spoondoolies tech was another, and they suffered a very similar fate. Despite revenues of $28 million in 2015, the company went bankrupt early the following year after multiple fundraising attempts. It too said that the only reason for their failure to stay profitable was competition with a China-based bitcoin hardware developer.
If all mining manufacturers were in China, then Bitmain’s Chinese patent on ASICBoost tech would have allowed him to keep down the competitors and all of this would have been transparent. Spoondoolies and KNC were in Israel and Sweden, however, where Jihan’s patent are meaningless, so it best serves Jihan to stay quiet about the reason. This appears to be a lack of communication in the industry, however, because even some Core developers knew about Jihan’s 2015 patent on ASICBoost since May 2016.
Imagine how many other mining manufacturers would have started up on level playing field… Maybe we’d have 20 different chip makers today instead of the 2–3 we have now? Now, imagine how hard it must be for a new chip manufacturer to launch today… No matter how awesome your fabrication process, now matter how much capital you have access to, someone else out there will still make a product that is 20%-30% more efficient than yours and sell it worldwide. That’s an insurmountable profit margin. Zero investors out there would be willing to loan to such a startup today.
Meanwhile, mining centralization has been a top-5 threat on the Core dev’s list of bitcoin-killers since the very day ASIC manufacturing was announced.
Who in the community during the summer of 2014 can forget the defcon-5-level of panic when pool Ghash.io attained 51% of the mining hashrate? Conspiracy theories were everywhere and many were demanding that the Core devs find a way to stop Ghash forcefully, so they couldn’t do a 51% attack against the network.
Thankfully, Ghash was a good neighbor and broke up their own monopoly voluntarily. ‘Good guy Ghash’ — I think some T-shirts were printed with the slogan.
Bitmain doesn’t appear to want to take the same paycut, since they are busy defending their innocence. If the allegations are correct, anyone using their chips or mining in their pools should be eyed with even greater panic and disdain than Ghash was; If, again, the charges are founded. Siding with centralization is siding against Bitcoin, plain and simple.
Let me make this point clear: It does not matter that Jihan has admitted to Building ASICBoost into his chips. As long as he says he did not use it, he is claiming innocence, and that creates problems.
The difference is very important; If developers simply try to block covert ASICBoost without holding Jihan accountable for these crimes, then Jihan is not only free to commit more crimes, but he will in fact GROW his following of supporters who feel that he is being attacked by “Core devs” unfairly.
It is the followers, not Jihan, who need to be shown indisputable evidence of Jihan’s wrongdoing. Any attempt to upgrade the network to fight Jihan may very well come down to their support.
So, what to do? Who to Believe?
We have to let science decide, of course. We must encourage many peer review teams, hopefully some from outside the community too for unbiased opinions, to review Greg’s evidence and redo the tests for themselves. We may even need to do some crowdfunding in order to afford these tests.
Although direct proof of Jihan’s covert usage may be impossible, incontestable evidence could still be gathered that is too strong for anyone to reject. (i.e. Compute the probability of his actual results matching a set of ASICBoost-derived results.) If the claims cannot be disproved, then Greg will be more and more shamed over time by much of the community, and perhaps even unemployable in the long run. Instead of being a hero to all Bitcoiners, he stands to lose most of the remaining respect he had in the community if current trends persist. Not to mention, SegWit becomes far less likely to pass.
However, no matter how much Greg’s detractors feel that he gets on their nerves with his occasional trolling and less-than-humble attitude, he’s also a PhD with some incredible development skills that are well respected across several industries. He’s no dummy.
I cannot in good faith proclaim that he is absolutely correct yet, but I expect that we could do so definitively if the evidence is pursued. Only once it has, will we be able to act on one course or another immediately to stop these major problems already occurring in Bitcoin now. Calls for UASF or forks of any kind to enable Segwit are too drastic until we have this key evidence.
After proving Jihan’s usage, the next step would then be to decide if we just want to do Greg’s latest BIP that only targets Covert ASICboost usage, or do we want to disable All ASICBoost usage, like Peter Todd promotes. Surely there would be more support on the former but added advantages on the latter.
Every day we waste allowing the idea to flourish that Jihan did not commit these crimes to the community, we allow his following and SegWit resistance to grow stronger.
