Coindesk Logo

Bitcoin's New Controversy: The AsicBoost Allegations Explained

Bitcoin's New Controversy: The AsicBoost Allegations Explained

Bitcoin's New Controversy: The AsicBoost Allegations Explained

A new allegation from a high-profile bitcoin developer has once again stoked the fire of its scaling debate.

A new allegation from a high-profile bitcoin developer has once again stoked the fire of its scaling debate.

A new allegation from a high-profile bitcoin developer has once again stoked the fire of its scaling debate.

AccessTimeIconApr 6, 2017, 5:21 PM
Updated Aug 18, 2021, 5:59 PM

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

Bitcoin is abuzz with fresh controversy following an inflammatory new post by Bitcoin Core developer and Blockstream CTO Greg Maxwell in which he alleges some miners are engaging in unfair practices that may be harmful to the network.

Posted to the bitcoin mailing list last night, the entry asserts that a mining hardware maker is secretly exploiting a previously known weakness in bitcoin's proof-of-work algorithm that enables them to mine roughly 20% faster than competitors.

The allegation is that this activity is ongoing, and that this has been proven by an analysis conducted on a mining chip.

Here's where the intellectual gymnastics begin.

Of note is that the technology in use has already been patented by developers Timo Hanke and Sergio Demian Lerner in a scheme called "AsicBoost" for which a patent was filed in November 2014.

Maxwell contends that someone has discovered what he called a "covert" version of the technology used in a mining chip. He did not state who conducted the analysis, whether him or a separate party.

Taking a step further into speculation, the inference of the post is that Segregated Witness, a scaling solution developed and proposed by the Bitcoin Core team, would render the covert version of AsicBoost discovered obsolete, hurting the bottom lines of any miners using the workaround.

As such, the statement has stoked controversy in bitcoin's long-simmering scaling debate in that the allegation that the miner engaged in the practice is China-based Bitmain – one of the industry’s largest providers of mining equipment. (Bitmain has a separate patent for the AsicBoost technology in China).

The assertion is that Bitmain is not only blocking a technical solution favored by the Core developers (through its support of alternative development teams), but doing so because it would enhance its profitability at the expense of users.

In statements, Bitmain co-founder Jihan Wu has vehemently denied that the company is using the AsicBoost workaround on the bitcoin blockchain.

"There is no relationship between SegWit and AsicBoost," Wu told CoinDesk.

Bitmain released a statement on Thursday, adding that they tested AsicBoost, but they never used it in a real mining capacity, and further pointed to an agreement where they expressed support for SegWit in the past.

Even those involved in the debate acknowledged that, given present information, it remains difficult to prove whether the allegations are true.

Former COO of bitcoin mining firm BTCC, Samson Mow, told CoinDesk that the post confirms rumors that have been floating around for some time, though he did not offer any new evidence in the conversation.

Mow told CoinDesk:

"This is not something that you're going to get solid proof for, but there’s smoking guns all around. All the science points to manipulation."

What is AsicBoost?

First things first, it may be beneficial to understand the specific mining technique at the center of the allegations.

In short, AsicBoost is best described as a "mathematical trick." Instead of taking a huge amount of computation, miners can use the technique to whittle down their choices of potential hashes that enable them to solve a puzzle and claim bitcoin's rewards.

These mathematical tricks can lead to an increase in mining profitability by boosting key mining hardware profitability ratios.

For example, a primary measurement of mining profitability is the amount of money earned in gigahashes per second (GH/s). This is most often measured in USD per Gh/s.

The other measure of hardware profitability involves determining energy consumption, commonly measured in Joules, and dividing that by the hashing speed. This is the Joule per Gh/s.

The creators of the technology claim these key ratios are improved by roughly 20% thanks to AsicBoost.

According to mining firm representatives, the technique has been known for some time, though it is largely out of use through a combination of patent protection and industry standards that aren't enforced by any body or organization.

But this isn't AsicBoost?

Going back to Maxwell's original post, what's being speculated is that the company in question, allegedly Bitmain, isn't using AsicBoost exactly.

Rather, the mining chip in is said to implement another version of the idea whereby it is implemented in the hardware. Further, it is argued that Segregated Witness would, as a bi-product of its code, make this specific technique obsolete.

Should this be correct, and should the mining chip maker be implementing the chip widely, it's argued that they may have a business interest in blocking the software.

For mining firms, which produce mining chips on a massive scale, the pace of technological innovation renders hardware obsolete within a period of months. It is argued that such a recall could be potentially devastating, adding pressures to the scaling argument.

Exploitation or efficiency?

At the center of the issue is whether the specific technology use represents a natural desire for a competitive advantage, and whether miners can be working "against the network" if no rule prevents them from engaging in that activity.

For example, there is no rule that currently prevents use of the AsicBoost design, meaning that miners have more of an unspoken agreement to refrain from using the technique on the basis it is "bad" for the network.

As explained by an executive at one of the world’s largest mining firms, who wished to speak on privacy citing business concerns, the practice is widely known, and has little impact on their operations.

"They operate differently, but that I think it is normal. Jihan [Wu] said it is the freedom given by protocol so they can do it," he said.

Mow noted that the technique isn't "kosher" among miners, as it essentially enables them to try to solve bitcoin's puzzle, without performing any useful work – say, processing transactions.

Notably, others don’t think "attack" or "flaw" is the right term, arguing it’s simply a way for miners to mine more efficiently.

IC3 co-director Emin Gün Sirer, for example, asserted in a blog post that there isn't enough public evidence yet to verify Maxwell’s claims.

Merkle grinding?

The details of the so-called "attack" are rather technical, but in its most basic form it deals with how miners find blocks.

To recap the mining process, miners use specially designed equipment to repeatedly hash bitcoin block data (or turn it into a fixed-length scrambled string of letters and numbers) until they hit a particular solution that unlocks bitcoin mining rewards.

There’s certain data that miners aren't supposed to know before they calculate hashes so that miners all have to go through the same calculation process, leveling the playing field.

The problem, developers claim, is with the hashing algorithm, which miners can exploit in a couple ways. For one, the subject of Maxwell’s post, is a technique that developers call "merkle grinding." But, Maxwell claims that some miners found a clever way of finding out more about the data that they expect to find ahead of time.

In each block header there's a "merkle root" that you can think of as a summary of the transactions bundled in a block. Miners can order transaction data in the merkle tree such that they need to calculate less data.

"If the miner finds multiple candidate root values which have the same final 32-bit then they can use the attack," Maxwell writes.

This speeds up the process. Essentially, if it goes according to plan, it means occasionally skipping a step.

Further, some developers contend that one sign that this technique being used is that some miners have been mining blocks without transactions, making it easier to reorder transactions in the merkle tree. (Bitmain, specifically, has been known to occasionally mine empty blocks).

Who's saying what?

Notably, Timo Hanke, AsicBoost co-inventor and former Cointerra CTO, allege that the argument that AsicBoost is inhibiting Segwit adoption is overplayed.

While admitting via Twitter that AsicBoost could potentially be used for purposes that may be detrimental to the network, he said he would not support any Bitcoin Improvement Proposal (BIP) that would use the technology to harm bitcoin.

AsicBoost co-creater Sergio Lerner noted on Twitter that newly proposed Segwit2MB, an alternative to SegWit, would also prevent miners from continuing to utilize the exploit.

Still, the big worry is that this technique is being used to further centralize mining in bitcoin – a problem that developers have been concerned about for a long time – since miners using the faster mining technology could have an advantage over those who don’t.

"Patents conferring large advantage are a problem for bitcoin," Blockstream CEO Adam Back said.

Further, there's an economic advantage to the attack. A mining pool comprising 50% of the bitcoin mining power could save as much as $100m per year by exploiting the flaw, Maxwell noted.

Others have gone on to theorize that, since SegWit somehow fixes the problem, there might be an economic reason that miners do not support the solution.

"If you had a $100m cash cow, and it gets destroyed by a feature, you do everything you can to block it," argued developer Alphonse Pace.

Maxwell added that this implication is exactly why he began looking into the issue, adding:

"An incompatibility would go a long way to explain some of the more inexplicable behavior from some parties in the mining ecosystem."

Alyssa Hertig and Garrett Keirns contributed reporting.

Gun lighter for gas-stove via Shutterstock

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.