Hello Eric, Thank you for your question and your time off-list clarifying your position. I’m posting to the list so that a wider audience may benefit.
Original Question: ‘Presumably the "very serious security vulnerability" posed is one of increased centralization of hash power. Would this danger exist without the patent risk?’ I would postulate that if ASICBOOST was originally released without the patent risk, then much of the risk would have been avoided; all of the mining manufactures would have implemented ASICBOOST and had a similar advantage. However, now time has passed and the damage of the patent monopoly exploiting CVE-2017-9230 has been already done. If the ASICBOOST patent was released to the public for free today, while a good thing, it wouldn’t soften the severity of the vulnerability we face today. The ASICBOOST PATENT provides a miner with a constant-factor advantage. This is a huge problem with zero-sum games, such as mining. In game-theory, a constant factor advantage gives an exponential advantage over the time period maintained. This explains why the Bitcoin Community initially took very little notice to ASICBOOST: The effects of ASICBOOST stated at virtually nothing, and it took a while for the advantage to been seen over the normal variance of mining. However, it’s influence has been exponentially growing since then: creating an emergency problem that we now face. The result of ASICBOOST going unchecked is that very quickly from now, surprisingly quickly, the only profitable miners will be the miners who make use of ASICBOOST. This is a grave concern. I will again reiterate that the virtue-signalling over perceived political motivations is ridiculous in the light what I consider a looming catastrophe, we should be judging by what is real not just perceived. The catastrophe that I fear is one company (or a single politically connected group) gaining a virtual complete monopoly of Bitcoin Mining. This is more important to me than avoiding chain-splits. Without a well-distributed set of miners Bitcoin isn’t Bitcoin. Cameron. PS. This attack is part of a larger set of licensing attacks, where patens are just one form of licensing attack. These attacks are particularly damaging in competitive markets such as mining. We should be vigilant for other attempts to create state-enforced licensing around mathematical algorithms. ASICBOOST is an illustrative example of what the Bitcoin Community needs to defend against. > On 26 May 2017, at 11:15 , Eric Voskuil <e...@voskuil.org> wrote: > > Signed PGP part > Hi Cameron, > > Presumably the "very serious security vulnerability" posed is one of > increased centralization of hash power. Would this danger exist > without the patent risk? > > e > _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
