An ASIC resistant proof of work has the unintended side effect of making botnet mining profitable. With Bitcoin, botnet mining isn't very profitable because of all the ASIC miners. With zcash, botnet nodes will be able to mine at the same speeds as honest miners. Botnet nodes could easily outnumber honest miners by a large margin. Since botnet operators don't pay for their own electricity, they can drive the difficulty level up so that honest mining isn't profitable. If this sufficiently deters honest mining, maybe 95% of zcash mining will be done by botnets. That would be a bigger problem than ASIC mining.
Depends on how high is the possibility that:
a) Many botnets run on Linux?
b) Equihash can be run efficiently on infected PCs without the users registering?
ASIC mining would make Zcash uninteresting for a lot of private miners, me included, make it more centralized, which is a feature I would not prefer for an anonymous coin.
The Equihash algorithm is thought to be botnet resistant due to the high memory usage requirements. Many operators of botnets would theoretically be less likely to adopt mining Zcash because of the increased risk of detection by the host.
Additionally Zcash only runs on Linux (for now), personally I have never heard of a huge Linux botnet. If Zcash becomes more popular a botnet operation may want to put the risk/effort into mining Zcash, but if (and that's a big if) they do I don't see it as likely to consume 95% of the network as you mentioned.
Of course, botnets will rule any "CPU only". Releasing a "CPU only" is an amateur move. Or developers a have a private GPU miner like Maxcoin did. The only way to implement PoW is with GPUs. Everyone can get one. Just randomly change algo to keep ASICs at bay.
The "It only runs on Linux" is a stance only for the ignorant. For those that have witness hundreds of launches, we know how this turns out. Botnets and privately developed miners win.
Zcash will almost certainly become popular because of its strong anonymity, after windows clients become available. Eventually somebody will write a botnet windows client designed to go undetected. If they confine it to running one thread, using less than 1 gig of ram on systems which have 8 gb or more, most users will not notice the resource usage.
As to whether botnet mining could be 95% of zcash mining, we can compare the number of bitcoin miners to the number of botnet computers being used for spam, assuming optimistically that zcash will have as many miners as bitcoin.
This page estimates the number of bitcoin miners at 100,000
This page estimates the number of botnet computers by country
There are many millions of botnet computers. If 2 million botnet computers mine zcash vs. 100,000 honest miners, that would be 95% botnet mining.
If botnet mining is identified early as a significant problem, then steps can be taken in the design phase to make it botnet resistant. One possible defense would be to deliberately tune the equihash algorithm to use a lot more memory so that botnet hosts would not be able to run it without the user noticing.
GPU focused mining would be great for those who have already GPU mining rigs from Litecoin or Ethereum mining. So I would have to buy one or two rigs with 4-6 GPUs in order to compete against those guys, plus my electricity costs should be pretty low.
That is certainly a better option than not to mine at all due to botnets which looks like the direction this is headed. Off the shelf GPU mining equipment levels the field. Period. There is no other way.
"If botnet mining is identified early as a significant problem, then steps can be taken in the design phase to make it botnet resistant. One possible defense would be to deliberately tune the equihash algorithm to use a lot more memory so that botnet hosts would not be able to run it without the user noticing."
By that time it is too late, illegal botnets are already majority holders. This has happened time and time again, making botnet operator a lucrative occupation.
Considering that botnet operators get their hashes almost for free, it shouldn't matter to them how inefficiently they use other people's resources. Therefore, whether or not they have to compete with GPU or ASIC miners shouldn't matter to them. So I doubt this botnet issue is exclusive to non-ASIC coins.
The most important factor to botnet operators should be the most profitable coin - and that is determined by coin price (which, for Zcash, is unknown) and how much of the total mining network hash they can provide. Also bear in mind that, having gotten their hashes and coins at almost no cost, botnet operators will probably be motivated to undercut other sellers - thus bringing down the coin price. This is likely to motivate other participants to attempt to circumvent botnet mining.
Absent any method of cheating with free resources (as botnets have), the difficulty level for any coin will tend to adjust to the point where it is marginally profitable to mine it and resell the mined coins on exchanges. It doesn't matter what the actual coin price is nor how popular the coin is, so long as the coin has sufficient liquidity to sell easily on exchanges. The $ / work ratio will tend to be constant given a certain method of mining. The $ / work ratio will change as the method of mining changes. So as mining shifts to GPU, FPGA, then ASIC, the $ / work ratio for a CPU miner will go down. A botnet operator will only be concerned with the $ / work ratio. Any coin which stays at CPU mining will have the most favorable $ / work ratio for botnet miners, regardless of any other factors.
If a lot of botnets start mining, they can drive the difficulty level up, but they cannot increase the supply of the coin. Price is a function of supply and demand, neither of which the botnet operators have any control over. It would probably be hard to tell whether coins were mined by a botnet or not, so it would be possible to have massive botnet mining without it being apparent, other than the difficulty level being too high for the price of the coin.
Sounds like confining it to Lunix is a great idea: not only is it less common that prevents botnet interest, but those using it are much more likely to be aware of a bot. A Linux-only coin by design could have a devoted following, but I doubt that's possible.
Don't forget the $ / work also depends on the amount of competition. But your point is excellent. There is a floor to the $ / work based the algorithm and the hardware. The most expensive coin to mine has the highest floor because a miner will not be willing to sell at a loss. So a botnet should love an expensive coin.
Is a botnet bad for Zcash as a company? Is it bad for Zcash as a coin? People never having to worry about mining will be able to get it a lot cheaper than if they had to wait on individuals with CPUs.
A fast and efficient coin is large in quantity, easy to create, and for the marketplace. Like a penny. A coin as an asset to hold should be very expensive to create and take a long time to transfer. Even with a botnet, society still has to spend a lot of Joules in computation and in computer infrastructure to create the coins. They still have a cost of creation which is its minimal inherent value.
They do not seem opposed to a GPU and a developer has implemented one, I think in python. As expected, it's not faster than a CPU and cost more in electricity. Only cutting-edge parallel programming will make it 4x faster at 2x higher electricity cost.
If "everyone can get one" is the criteria why not design and sell an ASIC as a business model for a coin?
There is no way to confine zcash to Linux. Anybody can write a client and miner for their platform of choice. The largest botnets are run by corporations, mafias, which have their own paid staff of professional developers, who can easily write their own mining module to plug into their botnet.
If a coin is CPU mined, a large botnet can get enough mining power to do a 51% attack and double spend. There have at times been botnets with nodes numbering in the millions.
The criminals who run these botnets would not have the slightest compunction about double spending. Such an event would destroy people's confidence in the coin, causing most people to sell it and switch to using some other coin. The criminals would not care so long as they cashed out first.
This is the misunderstanding. Equihash is not just memory intensive. It's memory bandwidth intensive. Anytime you are mining zcash you are tying up the FSB and slowing down RAM access to all other processes. It doesn't matter how many threads are mining.
Also, there is a minimum amount of system resources required to solve Equihash in under 2.5 minutes.
Equihash isn't easy to mine undetected. And Remaining hidden is a top priority for botnet operators.
I'm not saying botnet mining won't happen. I'm just saying that it's unlikely to be as big of a concern you might think.
Yeah, I should not have mentioned it.
Creating a botnet does not seem fundamentally different (as far as the coin is concerned) from creating ASICs in private. They both can lead to a 51% attack. The illegality of a botnet as far as a coin is concerned is that the people buying the coins are in receipt of stolen property, the computing resources of the victims.
There is a big problem in cryptocurrencies: new coins are issued only to the miners in exchange for facilitating transactions. This is like VISA being paid freshly-printed dollars and that this were the only way new dollars were being printed. Or like the only way new shares of companies on the NYSE could be printed were as payment to the NYSE for facilitating transactions on the exchange. It's hard to wrap my head around the consequences of this, but it stinks to high heaven. CPU-based is trying to let the people who might transact for goods and services in the coin to also be the only ones who can receive new coin, by using their un-tapped computing power.
Equihash is memory-bandwidth intensive only for fast PCs. The botnets are mostly in the 3rd would where this is not a problem. It is very noticeable on the PC only if all cores are being used, or if the RAM is completely full. And for fast PCs, even if all cores are being used, it's only really noticeable for office application when the memory is near full.
If the goal is to tap people's untapped-PC power while they are still using the PC, then a botnet will lust for it.
Fair-issuance of a limited-quantity coin is a contradiction in terms. There is no solution.
There is no solution.
Says you. People who say that kind of thing lack imagination.
And, for what it's worth, I am perfectly happy with the solution devised by Satoshi. It is a proven solution that is continually demonstrated by the spectacular and on-going rise of crypto currencies.
re: the rest of your post... To quote a lyric from an exceptionally relevant Anvil song: "don’t speak before you know". Acually, another song from that album applies here too but, in the interests of good taste...
To run without being detected, they can just run it as a low priority process, that immediately yields to any other process. If the user is only word processing, or if they are away from the computer and the screen saver is running, equihash can run without being detected.
I think their entire goal is to allow it to run on the simplest of machines. 400 MB is on the low end. They've stated this and ARM is in the security audit. By definition, that means botnets can go undetected, especially since it appears they would like it to run as a background application. I have a cheap PC I've been using it on, and 2 out of 4 threads with only 2 GB is not easily noticeable. I forget I had it on 4 threads for much of the day yesterday, although that was with 4 GB.
@zawy Who is this GPU developer? I've read the entire sub-reddit (RIP), the mailing list (RIP ), this forum, and the Slack and to my knowledge I'm the only person who's even attempted to make a GPU implementation.
I plan on mining some with a CPU or two and don't want to give GPU readers any help
But I think Zcash is keeping mum about their attitude towards GPUs.