📅 Original date posted:2017-05-26
📝 Original message:Hello Eric,
Thank you for your question and your time off-list clarifying your position. I’m posting to the list so that a wider audience may benefit.
Original Question: ‘Presumably the "very serious security vulnerability" posed is one of increased centralization of hash power. Would this danger exist without the patent risk?’
I would postulate that if ASICBOOST was originally released without the patent risk, then much of the risk would have been avoided; all of the mining manufactures would have implemented ASICBOOST and had a similar advantage. However, now time has passed and the damage of the patent monopoly exploiting CVE-2017-9230 has been already done. If the ASICBOOST patent was released to the public for free today, while a good thing, it wouldn’t soften the severity of the vulnerability we face today.
The ASICBOOST PATENT provides a miner with a constant-factor advantage. This is a huge problem with zero-sum games, such as mining. In game-theory, a constant factor advantage gives an exponential advantage over the time period maintained.
This explains why the Bitcoin Community initially took very little notice to ASICBOOST: The effects of ASICBOOST stated at virtually nothing, and it took a while for the advantage to been seen over the normal variance of mining. However, it’s influence has been exponentially growing since then: creating an emergency problem that we now face.
The result of ASICBOOST going unchecked is that very quickly from now, surprisingly quickly, the only profitable miners will be the miners who make use of ASICBOOST. This is a grave concern.
I will again reiterate that the virtue-signalling over perceived political motivations is ridiculous in the light what I consider a looming catastrophe, we should be judging by what is real not just perceived.
The catastrophe that I fear is one company (or a single politically connected group) gaining a virtual complete monopoly of Bitcoin Mining. This is more important to me than avoiding chain-splits. Without a well-distributed set of miners Bitcoin isn’t Bitcoin.
Cameron.
PS.
This attack is part of a larger set of licensing attacks, where patens are just one form of licensing attack. These attacks are particularly damaging in competitive markets such as mining. We should be vigilant for other attempts to create state-enforced licensing around mathematical algorithms. ASICBOOST is an illustrative example of what the Bitcoin Community needs to defend against.
> On 26 May 2017, at 11:15 , Eric Voskuil <eric at voskuil.org> wrote:
>
> Signed PGP part
> Hi Cameron,
>
> Presumably the "very serious security vulnerability" posed is one of
> increased centralization of hash power. Would this danger exist
> without the patent risk?
>
> e
>
Cameron Garnham [ARCHIVE] /
npub1qh…chcrk
2023-06-07 20:01:54
in reply to nevent1q…vece
Author Public Key
npub1qhl358d8na8d3euj3aakeu394zx7q6pqc4a8u4p962k9mtrqdrvscchcrkPublished at
2023-06-07 20:01:54Event JSON
{
"id": "c2f32ee05b1183597e0c0095757b8dc7cd75a6ffd8a28381930c3a15accee79b",
"pubkey": "05ff1a1da79f4ed8e7928f7b6cf225a88de06820c57a7e5425d2ac5dac6068d9",
"created_at": 1686160914,
"kind": 1,
"tags": [
[
"e",
"4f0cac11a9c11f899b0c0444f8fa8cb034515875b2df31366a910a0f4ce8ca28",
"",
"root"
],
[
"e",
"9d3e501b40cc6ecc1d97998ea940e32d8238242a8d066ae03fdca32cf64d8b85",
"",
"reply"
],
[
"p",
"82205f272f995d9be742779a3c19a2ae08522ca14824c3a3b01525fb5459161e"
]
],
"content": "📅 Original date posted:2017-05-26\n📝 Original message:Hello Eric,\n\nThank you for your question and your time off-list clarifying your position. I’m posting to the list so that a wider audience may benefit.\n\nOriginal Question: ‘Presumably the \"very serious security vulnerability\" posed is one of increased centralization of hash power. Would this danger exist without the patent risk?’\n\nI would postulate that if ASICBOOST was originally released without the patent risk, then much of the risk would have been avoided; all of the mining manufactures would have implemented ASICBOOST and had a similar advantage. However, now time has passed and the damage of the patent monopoly exploiting CVE-2017-9230 has been already done. If the ASICBOOST patent was released to the public for free today, while a good thing, it wouldn’t soften the severity of the vulnerability we face today.\n\nThe ASICBOOST PATENT provides a miner with a constant-factor advantage. This is a huge problem with zero-sum games, such as mining. In game-theory, a constant factor advantage gives an exponential advantage over the time period maintained.\n\nThis explains why the Bitcoin Community initially took very little notice to ASICBOOST: The effects of ASICBOOST stated at virtually nothing, and it took a while for the advantage to been seen over the normal variance of mining. However, it’s influence has been exponentially growing since then: creating an emergency problem that we now face.\n\nThe result of ASICBOOST going unchecked is that very quickly from now, surprisingly quickly, the only profitable miners will be the miners who make use of ASICBOOST. This is a grave concern.\n\nI will again reiterate that the virtue-signalling over perceived political motivations is ridiculous in the light what I consider a looming catastrophe, we should be judging by what is real not just perceived.\n\nThe catastrophe that I fear is one company (or a single politically connected group) gaining a virtual complete monopoly of Bitcoin Mining. This is more important to me than avoiding chain-splits. Without a well-distributed set of miners Bitcoin isn’t Bitcoin.\n\nCameron.\n\n\nPS.\n\nThis attack is part of a larger set of licensing attacks, where patens are just one form of licensing attack. These attacks are particularly damaging in competitive markets such as mining. We should be vigilant for other attempts to create state-enforced licensing around mathematical algorithms. ASICBOOST is an illustrative example of what the Bitcoin Community needs to defend against.\n\n\n\n\u003e On 26 May 2017, at 11:15 , Eric Voskuil \u003ceric at voskuil.org\u003e wrote:\n\u003e \n\u003e Signed PGP part\n\u003e Hi Cameron,\n\u003e \n\u003e Presumably the \"very serious security vulnerability\" posed is one of\n\u003e increased centralization of hash power. Would this danger exist\n\u003e without the patent risk?\n\u003e \n\u003e e\n\u003e",
"sig": "3f5382ced92a20fc08073c90b9f5c86b59c55fc94f8545bf0d7336d02bdf28774c8a6da7b43bf2f34c92271ca6b67e7961f854ac3b93b85a2600a0b567895bab"
}