The Triangular Shotgun Method: A Game-Theoretical Approach to ASIC Resistance

How to reach ASIC resistance without potentially a single hardfork

Monero is still leading the fight against ASICs where other projects have long given up. On March 9th 2019 the third anti-ASIC fork to CryptonightR happened and it successfully wiped off all ASICs from the network and brought back egalitarian & decentralized mining to the larger community once again.

Some in the community voice concerns that this approach is not sustainable. However, currently we have no technical method to prevent ASICs and I doubt that it will ever be possible to do so with a simplistic one-layer method.

ASICs are technically inevitable.

“This is the sound of inevitability, Mr. Anderson.” — Mr. Smith

The only way to fight them is through choice.

As was evident from empirical data of the past, it usually took about 3 months before ASICs reappeared on the network. It happened with a 100x efficiency gain possibility (CNv1), and it happened with a 19x efficiency gain possibility (CNv2). CNv3 or CN/R is supposed to allow for a maximum efficiency advantage of ASICs of about 6–8x, according to estimates of the developer.

I believe that we likely won’t see an ASIC reappear within the next 6 months given that the 6–8x estimate holds water. However, we can step-up the game and make life even harder and more risky for ASIC manufacturers and their investors.

The only true way of achieving ASIC resistance is to increase business risk of ASIC development & manufacture to a point, where it would be so high risk that practically no sane profit-oriented investor would commit to it.

I came up with an approach of how to do just that. I call it the “Triangular Shotgun Method”.

Let’s assume we are at ground zero now. We successfully wiped off all ASICs. If we continue the status quo, we may or we may not see ASICs again within the next 6 months. If they do reappear then it will likely be around the 3–4 month mark as empirical data suggests. The 6 month fork schedule was chosen because it was thought that it would be good enough to hold ASICs off. Obviously this was wrong. At least that was the case so far with 100x and 19x efficiency gain possibilities, implying it might be different with 6–8x.

What I propose is that Monero officially commits to a pseudo 4 month fork schedule: prepare the PoW for the 4 month fork each time, but make the fork optional & extendable:

if ASICs appear then activate it

if ASICs appear after 4 months and 15 days, then there’s a 14 day notice and the fork happens after 4 months and 29 days

if ASICs don’t appear, then don’t activate it

(optionally enforce every other HF just to make it even harder, i.e. a fork every 8 months)

This massively increases uncertainty on the ASIC side.

Just imagine you were an ASIC manufacturer. You know that you can develop & manufacture an ASIC within 3 months. Will you do it? There is a possible fork around the 4 month mark that you know may or may not happen and to make things harder: the outcome solely depends on your decision. If you go through with it, the fork happens, if you don’t go through with it, the fork doesn’t happen. You lose either way.

You are sitting like a duck.

Equivalent of the ASIC manufacturer & investor in “The Triangular Shotgun Method”

This way we may never even need to do a PoW hardfork again.

I’m suggesting applying this approach until May 2021 when the initial supply of Monero is fully mined and I’d suggest to then approach ASIC friendliness with a very simple algorithm like SHA-3 but only after it is ensured that everyone has access to open-sourced & community funded SHA-3 ASIC designs and the manufacturers are deemed diverse enough.

May 2021 is only away 2 years, or theoretically 6 different modifications to CN/R. I believe this to be feasible tweak-wise. There are many ways & approaches to brick fixed function hardware.

Sincerely,

MoneroCrusher