The Quest for Decentralized Proof-of-Work

In this article, we will look at the some of the goals of the TurtleCoin project, the concept of centralization, where the project stands, and what the project is doing to remain true to itself by maintaining its commitment to the community.

TurtleCoin Core Goals

Fun, Fast, and Easy

For those of you that have been to the TurtleCoin website, the goals below may seem repetitive. For those of you that do not know, TurtleCoin was born with a few goals in mind:

  1. Fast Transactions
  2. Privacy
  3. Easy to Use
  4. Easy to Mine
  5. Community
  6. Support

The community is reminded of these goals every time they interact with the network, participate in discussions, and help spread TurtleCoin around the globe. These core values drive everything that is done within the community from core development, documentation generation, learning opportunities, support, and community project management. We take these goals very seriously and will do whatever we can to make sure that TurtleCoin remains true to the initial vision.

Decentralization of Mining Resources

What is Decentralization?

Decentralization is, to put it plainly, the process by which planning, and decision making are shifted away from a central authority or group. The process can take many forms but in our case in the context of a Proof of Work (PoW), it means that no central authority or group controls most of the resources needed to complete the PoW.

Why Care About Decentralization?

When most of the necessary resources to satisfy the PoW requirements end up centralized, those that control those resources can, when motivated to do so, take control of the network away from the community. Such control can manifest itself in ways such as:

  • 51% attack where history can be rewritten which then typically results in the double-spending of currency that is made possible by off chain account balance tracking performed in traditional databases
  • Selfish Mining where miners remain ahead of the public chain and release just enough blocks to stay ahead of everyone else thereby reaping the majority of block rewards

Each of the above attack vectors result in a network that is no longer “Fun, Fast, and Easy”. These attacks are, in the eyes of many, fraud and in the very least theft. No one wants to use a network where their funds are constantly at risk.

In addition to the above sampling of on-chain attacks, centralization of mining resources also poses additional problems when those resources are controlled within, produced by, or otherwise restricted by one or two entities.

Where Does PoW Centralization Come From?

The most common forms of PoW centralization come from technologies designed to make PoW calculations more efficient, including:

ASICs and FPGAs are, to be fair, technologies that help secure PoW networks by increasing the overall hashrate of the network while drastically reducing the resources (electricity, physical space, management, monitoring, etc.) to do so. By increasing the efficiency of mining, others are encouraged to participate in the mining process. The more distributed hashrate a PoW network has, the harder it is to attack via the methods described above.

Supply Chain Centralization

Unfortunately, both ASICs and FPGAs are largely the product of a handful of special interest groups and organizations that create high barriers to entry and generally avoid transparency and accountability. This presents a problem in that a project that embraces these technologies today relies on just a few manufacturers to create the specialized ASICs and FPGAs needed to secure their blockchain.

While this may not sound like that big of a deal, all we have to do is think back to the countless instances in history where one group controlled the supply of a product or service.

Such centralization of manufacturing also presents a problem in that the production of ASICs and FPGAs for mining now falls under a limited number of jurisdictions. Governments could, and have, changed the legality of producing, owning, or operating such hardware on a moment’s notice. The fact that a single entity could control the hardware necessary for operating the network is in direct opposition of the goals of decentralization.

To prevent centralization of the manufacturing of the hardware there must be a multitude of manufacturers spread all over the globe. Only then is it possible to reduce the risk of a single group impacting the supply chain of ASICs and FPGAs.

Note: CPUs suffer from some of the same issues mentioned above; however, CPUs are general purpose integrated circuits that are commercially available in large quantities at affordable prices and their manufacturers are not solely focused on cryptocurrency mining activities.

TurtleCoin’s Commitment to Decentralization

The TurtleCoin community and core development team remains committed to the stance that TurtleCoin must be easy for all to mine, fair, open, and most importantly decentralized. We’ve posted numerous articles, videos, and GitHub threads reaffirming this commitment since the inception of the project. Notable examples of such include:

While others may deviate and split from their goals of decentralization, the TurtleCoin community remains fully committed to the vision that a decentralized PoW remains our best chance at long-term sustainability.

Upcoming Proof-of-Work Algorithm Change

The upgrade to CN Turtle at block 1,200,000 was a success; however, as mentioned in the Proof-of-Work Algorithm Change, we’ve had another algorithm change on the burner well before that upgrade. We always knew that CN Turtle would be a temporary step meant only to give us a bit of breathing room to test, what we hope to be, a PoW algorithm that will prevail in our quest for decentralization for longer than prior algorithms have allowed.

We have mentioned codename Chukwa in a few different places over the last few months. If you have not been following discussions in Discord or taken at look at the GitHub Chukwa Hashing Results thread, Chukwa is actually Argon2.

What is Argon2?

Argon2 is the memory hard winner of the 2015 Password Hashing Competition (PHC). Argon2 comes in three different versions; each with their own design goals.

  • Argon2d is designed to maximize resistance against GPU cracking attacks and accesses memory in a data dependent order. This means that the input data itself defines how the memory is accessed; however, it is susceptible to side-channel attacks
  • Argon2i is designed to minimize side-channel attacks and accesses memory in a data independent order
  • Argon2id is a hybrid between the two where Argon2i is used for the first pass over the memory and Argon2d is used for each pass after that

The Argon2 IETF RFC draft recommends the use of Argon2id.

Why Argon2?

Argon2 was selected for the following reasons (in no particular order):

  • Winner of the PHC that follows the same kind of processes as the NIST’s AES & SHA-3 competitions
  • Memory hard algorithm
  • Source code is GPL-3.0 compatible
  • Easily integrated into the core code, pools, etc
  • Only one known cryptocurrency project (Aquachain) uses Argon2id

Argon2 is also relatively unique in that it allows for a high-level of customisation in how the hashes are calculated including parameters such as:

  • The number of threads to use (parallelism)
  • Arbitrary resultant hash length
  • Memory requirements (memory hardness)
  • Number of iterations (time cost)
  • The use of salts

Argon2id Parameters

The various input parameters allow us to tune the implementation of Argon2 such that it makes sense for TurtleCoin.

Memory Requirement
  • Be large enough to fit an entire block so that all of the data can be shuffled
  • Not exceed common L2 CPU cache sizes to allow for the largest range of CPUs to participate in mining
Iterations
  • Provide a higher base hashrate than previous algorithms to increase the mining efficiency
  • Take advantage of the multiple memory passes used in Argon2id (>2 iterations)
Parallelism (Threads)
  • Make the use of as many physical and logical cores as possible by using 1 thread per hashing operation
Benchmark Testing Results

We solicited single-core performance benchmarks from the community in the Chukwa Hashing Results issue thread on the main repository. The summary of those results are below.

Note: For brevity, we have truncated the summary table below to the algorithms we have used before and Argon2 parameters that meet the requirements above.

Chukwa Parameters

Given the above requirements and the testing results provided by the community we were left with 5 clear options. One option stands out and sits nicely in the middle among the group of options. It provides a healthy 2.5x increase in hashrate and meets the requirements above.

We’ve selected the following Argon2id parameters for the next PoW:

  • Threads: 1
  • Iterations: 3
  • Memory: 512kb

Note: You can play with different parameters with a simple Argon2 hash generator at argon2.online

TurtleCoin’s Argon2 Implementation

Like other PoW algorithm changes, there is quite a bit of work to be done to ensure that this network upgrade is a success at block 1,800,000. We have adapted the Argon2 reference implementation for our use.

Caveats

Miner Package Availability

At this time, we have found very few miner packages that support Argon2id. While the native CPU miner provided in the core project will happily support the algorithm for solo mining, we understand that the network and community requires the availability of mining pools. To help facilitate pooled mining, we are currently working on building pool support into the native CPU miner provided by the project.

GPU Mining Support

We have not currently been able to find any miner packages that support Argon2id GPU mining. While we are confident that the community at large will work towards having an Argon2id GPU miner available at some point, it is unlikely that a GPU miner will be available at the time of the upgrade. As a result, we fully expect a substanial drop in the network hashrate as a result of this upgrade. We are planning a difficulty reset to account for this drop at the time of the upgrade. This has a byproduct of making TurtleCoin a CPU only coin for the foreseeable future.

Completed

Core

We have completed the necessary changes in the core project to implement Argon2id at block 1,800,000 that will activate with block major version 6. The changes can be found on the codename_chuckwa branch of the TurtleCoin repository. This code has not been pulled into the development tree or master as of the time of this writing.

Support Packages

The necessary changes have also been applied to the development branch of the turtlecoin-multi-hashing Node.js module that pools use to validate miner shares.

Pool Changes

The necessary changes to the turtle-pool software have been completed on the chukwa branch.

In Progress

Testnet

We will also be launching multiple testnets to test the algorithm change including a difficulty reset to adjust for the anticipanted loss of GPU mining hashrate.

How You Can Help

We need help from the community to test this algorithm change to try to ensure that everything goes as smoothly as possible. The more people that are involved, the easier it is to spot issues and correct for them before the upgrade.

Community Reminder

As always, be mindful of TurtleCoin core releases. Watch or star the main TurtleCoin repo to help stay abreast of changes and updates. Join Discord and read the #announcements on a regular basis. Or, sign up for the @news role by typing *news in the chat and be alerted whenever a new announcement is posted in Discord.

Make sure you’re ready for the network upgrade as early as possible. As with any network upgrade, prior versions of the software will no longer be compatible with the rest of the network after upgrade completion.

Remember that you too can participate in discussions regarding the direction of the project via Discord and the TurtleCoin Meta Issues. Join the discussing regarding the PoW change via the Chukwa: The Argon2 PoW Algorithm discussion on GitHub.

Correction: The article above was corrected to reflect the intent of the writer as the original copy referred to the security of PoW networks based solely on the network hashrate and not the distribution of such. Thank you to @Taegus for pointing this out.

Clap

(121)

2 replies to “The Quest for Decentralized Proof-of-Work”

Comments are closed.