The ProgPoW team are being considered for a $50k grant by the Zcash Foundation as part of their Q22018 Grants.
There’s not much conclusive security & technical analysis done yet to validate that ProgPoW’s construction really discourages specialised ASICs or FPGAs. There’s some discussion in this Reddit thread and also in the Zcash grant proposal thread.
So far, the seemingly most valid critique I’ve found so far is the following:
Questions in the context of Grin:
What are your thoughts on the main premise of ProgPoW + OhGodAGirl’s article, that promoting mining on multi-purpose, widely available commodity hardware (such as GPUs) are in the interests of a coin, rather than encouraging specialised ASIC-chip mining?
To what extent will an approach like ProgPoW be effective in preventing specialised ASIC-chip mining?
How does this in turn prevent hashpower from becoming centralised into a small group of actors? I.e. Does it even matter?
“In thermodynamics, work performed by a system is the energy transferred by the system to its surroundings”
“Work transfers energy from one place to another, or one form to another.”
You can’t have proof of work without energy consumption. Some PoWs run the machines cool because they are limited by memory access and the processing units are idling most of the time. When an ASIC/FPGA fixes the memory bottleneck for such an algorithm, there appear large improvements in performance/efficiency.
An optimal GPU-friendly PoW would use all the the GPU capabilities, not only the memory controller. Using all the compute resources on a GPU would make it run hot, but so would a comparable ASIC. In practice, you can under-clock the hardware for efficiency (energy consumption is non-linear on clock speed).
These criticisms are absurd to me. They simply describe Proof of Work. Of course miners will deal with energy consumption, heat, and electricity cost. If those were not constraints, what other constraints could be imagined for POW?
In other words, @Chronos and @OpticFlow, what you both are saying is that these criticisms are not so valid, and that it’s not a bad thing that ProgPoW would be capable of working a GPU close to its maximum. Correct?
What are the risks or limitations you can identify?
Sure. I mean at this point in time, I’m trying to find any kind of valid criticism against ProgPoW. Cause I am not able to find a lot online. Maybe aside from the fact that it’s not as simple in design when compared to something like Cuckoo.
ProgPOW aims to make GPUs primary hashpower, CPUs are out. ASIC 10x as effective seem unlikely for ProgPOW (cost x power x speed). PoW verification could be slow (not sure). I see no issue with it drawing more power compared to ethash, it is clearly well designed to milk current generation of GPUs.
Cuckoo30, as it is, aims to be simple, elegant with instant verification. Mineable on CPU, but also on DRAM asic or a large single-chip asic. This is a good property for distant future. It is not designed for any specific architecture or instruction set. But skilled asic team might get 500x advantage over gpu at same power input.
I think the issue is not technical, but ideological. Some people prefer to let the market decide, some would like to see passive anti-asic properties and others want to actively fight even hypothetical mining centralization.
I believe that it is entirely possible to select a PoW scheme that would match any plan and cover worst-case scenarios. But I think there is no common written goal (yet) in grin community or core code contributors, only individual opinions. So it is hard to judge ProgPOW is that missing context.