ASIC Resistance

What is an ASIC?

An Application-Specific Integrated Circuit (ASIC) is a computer chip that is built specifically for a single function. In the context of mining, ASICs are used to compute for specific hashing algorithms. They pose a risk to decentralisation because they outpace all other mining methods, are manufactured by specific companies, have very limited distribution channels due to the specialised nature of the hardware, and they require significant capital costs to develop and operate profitably. There are potential benefits to ASICs, such as the capital cost requirements that miners must undertake to invest in algorithm specific hardware which makes it less likely that they would behave in a manner that undermines their own investment by acting dishonestly. However, the distribution and manufacture of ASIC chips, with mature hashing algorithms, is still centralised around a few large companies. These companies can refuse shipment to certain areas, decide what regions and customers get the best performing ASICs, and they can structure limited runs and manipulate prices.

Preventing ASIC Miners

To prevent ASIC miners from monopolising the network hashrate, many cryptocurrencies developed ASIC resistant hashing algorithms, like Scrypt and Ethash. Until recently, Monero used the CryptoNight hashing algorithm, which requires large amounts of L3 cache to operate. In theory, this should have made it difficult to produce an ASIC chip due to large memory requirements. However in 2018 Bitmain released the X3, a CryptoNight specific ASIC that could effectively mine at ten times the speed of a graphics processing unit (GPU). Other hashing algorithms have suffered similar fates, with Scrypt, Ethash, and Equihash all now being mined by ASICs.

How Monero and Loki combats ASIC resistance

To combat the use of ASICs, Monero proposed a strategy of hard forking every 3-6 months to slightly change the CryptoNight hashing algorithm (the first fork moving to CryptoNightV7). The capital and time required to build an ASIC is significant, and with highly specific hardware designs, slight tweaks in a hashing algorithm should invalidate the chip design, wasting the time and capital investment of ASIC manufacturers. However, this approach introduces its own issues. If changes made to the algorithm are insufficient to prevent ASICs being reprogrammed, then the network can become vulnerable to hashrate centralisation until another hard fork is possible. Field Programmable Gate Arrays (FPGAs) should also 12 be considered in ASIC resistance strategies, where infrequent, slight changes to hashing algorithms can be easily reprogrammed for FPGAs. Another concern is that regular changes to core consensus mechanisms introduce the chance of unintended bugs and generally centralise the development of such changes around the core team of developers.

A number of alternative proof-of-work algorithms have been proposed to combat the need to hard fork regularly, including provably memory-hard hashing algorithms like Argon2, Balloon hash, and polymorphic hashing algorithms like ProgPoW and RandProg. The Loki team will be publishing additional research on the aforementioned algorithms to develop a long-term solution to ASIC resistance.