Hello everyone, as you may already know, Zano employs a Hybrid PoW/PoS algorithm. In this post, we’ll be talking about our reasoning behind the PoW algorithm (algo) we’ve chosen, ProgPoW.
Boolberry roots & the ASIC resistance narrative
Projects coming to market after bitcoin matured witnessed ASICs arrival and fights about ASICs quickly became one of the main points of debate in decentralization discussions. Boolberry offered its own solution at the time, the mining algo called “wild keccak.”
By the middle of 2013, it became clear that one of the main issues encountered by ASIC devices was memory usage. Unlike original Cryptonote algo (which depended on the processor’s memory cache) Wild Keccak used RAM which proved to be a good choice, remaining a best-practice for PoW today. Another issue of the time was scratchpad-based functions; at the time the prevailing thought was that a scratchpad function should use each element number of times to be effective. This resulted in another drawback — extended execution time. For example, a single Cryptonote hash calculation can take at least 20ms on a powerful processor. Wild Keccak changed that by introducing a large scratchpad (generated with blockchain data) with a total volume of hundreds of megabytes. Because this system allows a single hash generation to use only part of the scratchpad, leaving “memory hard” to be used only for mining, a single calculation takes microseconds.
The state of ASIC resistance today
In the past five years, practically all hash functions that have aimed to be ASIC resistant have been pushed back against ASIC hardware custom built for them, with different levels of efficiency. The theoretical analysis of a hash function’s ASIC resistance property is complex. The main reasons for this complexity are the flexibility and capabilities of modern chip manufacturing technology.
Overall cryptocurrency capitalization growth has increased the level of technological opposition between developers of decentralized PoW-based payment systems and specialized mining hardware. This resistance has made the design process of efficient PoW hash functions a highly complex scientific problem.
The general approach to ASIC resistance
As the evolution of Boolberry, the Zano team is looking to fix issues that could come up preemptively. With that goal in mind, we couldn’t overlook the possibility of an ASIC creation designed for the Wild Keccak algo.
ASIC manufacturing aims to create hardware that is extremely effective at very specific tasks. This approach only remains profitable if it doesn’t have to replicate commercially available components like GPUs. To exploit this, PoW hash functions uses commercial device features as much as possible in an attempt to make ASIC manufacturing less profitable, to the point when it doesn’t make financial sense.
Our search for a polymorphic algo
In the development of Zano, we were looking for an algo that would utilize as many hardware features as possible while remaining unpredictable since ASICs manufacturers adapt quickly to algo adjustments. While developing and testing our own solutions to this, we’ve also been looking for an outside solution.
In particular, the research projects ProgPow and RandomX became very interesting to us. Both are based on the same philosophy of a “polymorphic” algorithm with different target hardware. However, RandomX is designed for modern CPUs, and ProgPow is designed for modern GPUs, making it an evolution of ethash. Here “polymorphic” means the set of performed operations changes by a deterministic algorithm, which complicates specialized hardware optimization.
Why we chose ProgPoW
After deeper analysis, we decided to go with ProgPow (over RandomX and our in-house development project) for two reasons. First, at the time of the research one RandomX operation took about 20ms which is a little too long for a PoW cryptocurrency. That increases the chance of various DoS attacks over block validation nodes; also it would increase new node synchronization time.
Second, ProgPow is based on the well-known ethash, which has already proved itself as an efficient PoW function for mass adoption projects, primarily Ethereum. Even though an ASIC has been produced in this case, its efficiency is not as not significant for GPU miners. On top of those two reasons, RandomX is a new project and utilizing it may have caused unforeseen consequences down the road.
Our ProgPoW modification
At Zano, we also went on to modify ProgPoW to avoid potential rented hash power attacks. This mitigates the risk of someone pointing a lot of hardware at a relatively small network and leaving before the difficulty catches up, forcing other miners into a significant loss. Our adjustments didn’t touch the core principles of the algorithm only the binary result; we’ve changed the indexes of polymorphic mathematical operations.
Despite all the apparent benefits, we realize circumstances can change, and PoW algorithms will inevitably require further revisions. We will be keeping a close eye on this important aspect of the project, making adjustments as they become relevant.