“Least Authority [auditors] didn’t catch this; Bob Rao didn’t; IfDefElse [which proposed ProgPoW] didn’t; [researcher] solardiz didn’t, etc.
This is a novel method relying on applying BTC’s ability to increment the nonce being applied to ETH. Terrifc find, well done.”
So says Kristy-Leigh Minehan, the public face of ProgPoW, after confirming the ostensibly asics resistant algorithm that she has been pushing for years is actually not that asics resistant.
“Ethash uses 256-bits for its seed; ProgPoW uses 64-bits (since it makes up for the missing 192-bit elsewhere)…
In Kik’s findings, he found you can simply do the memory hard part once for a single seed, and then find your header + nonce through incrementing the extraNonce field,” says Minehan.
The difference between 64 and 256 might not seem like much, but it’s actually decisive as you can just brute force this key asics resistance component on an ordinary laptop, and then you asics mine the rest.
Astonishingly Minehan says this “bug” means “the higher difficulty is, the more profitable.”
ProgPoW was shelved again recently after it suddenly was “approved” with this bug revealed after it was ditched.
So it isn’t quite clear whether it was an unintentional bug or a well hidden backdoor of sorts to centralized ethereum mining with Minehan stating fixing this would be easy, but if so many missed it, then it’s not clear what else they might have missed.
Minehan herself is an expert in the mining field. She was working for Core Scientific, a huge industrial mining farm for bitcoin asics and ethereum GPUs based in USA.
Minehan was able to kind of hack GPUs, turning them into FPGAs that mine slightly better than normal GPUs.
So perhaps it isn’t too surprising this bug wasn’t found until after ProgPoW was shelved because mining is a very specialized field with very few able to engage in any peer review.
That expectation any new code probably has some bug somewhere and the lack of data on how many asics miners there are on eth, if any at all, was one reason plenty opposed ProgPoW.
As it stands there is no evidence there are proper asics on ethereum, although some claim to be developing them but it’s not clear how much more efficient they would be than GPUs.
Ethereum’s algorithm has been designed to be asics resistant, so maybe there are some potential improvements of 2x or 4x, but nothing like bitcoin where it’s 50x and up.
Had ProgPoW gone through, however, it seems it would have taken off the memory part which is what makes the algo asics resistant, so leaving only the raw calculations bit and thus only the asics.