Monero is an open-source cryptocurrency created in April of 2014 that focuses on “fungibility, privacy, and decentralization. Monero uses an obfuscated public ledger, meaning no one can see the source or amount of transactions within the system.
Monero is known for its use of ring signatures, A well researched cryptographic technique where a group of signers is merged to authorize transactions, obfuscating who the actual signer (sender) of a transaction.
In a Medium analysis performed by pseudo-anonymous user MoneroCrusher, the author suggests that more than 85.2 percent of the Monero network is mined via ASICs.
According to the author, in theory, nonce distribution should be a random number between 0 and 2^32. However, for whatever reason, different mining equipment, and mining algorithms tend to produce patterns in how nonces are chosen.
CryptoSlate also reached out to MoneroCrusher for comment but has yet to receive a response.
A nonce is an arbitrary random number that is part of the brute force process used in mining. When mining, the goal is (typically) to find a hash below a target number, which changes based on mining difficulty. This number is hashed with a few other inputs such as a timestamp, the previous block hash, and the Merkle root, producing a random number.
If this random number is smaller than the target number, then the miner wins the block and consensus is reached.
Based on the analysis, the author suggests that the ASICs that ran on the network did not choose nonces randomly. Instead, ASICs intentionally tried to conceal them by aligning nonce selection with patterns that existed pre-ASIC, the author asserted.
However, as these ASICs dominated Monero mining it became obvious that a disproportionately large number of blocks were being found in that particular nonce range, producing a distinct pattern.
In April of 2018, Monero successfully hard forked and implemented a new mining algorithm to thwart ASICs. At the time of the fork, Monero’s hash rate dropped from 1030 Megahashes per second down to 158 Megahashes per second, again suggesting that 85 percent of the network was ASICs.
Within three days it appeared that new GPU miners returned to, once again, profitable Monero mining, stabilizing the network hash rate at roughly 480 Megahashes per second.
At the time of the purge, the author found that the absence of ASICs was immediately noticeable on the nonce distribution chart. Areas which previous had a high concentration of nonces disappeared.
Since the hard fork in April of 2018, it seems that ASICs have returned to Monero. The author detected another unusual pattern on the nonce chart. A new “wall” of increased randomness that “suddenly came online.” Yet, this time, the ASIC manufacturers were allegedly more clever in obfuscating the nonces produced by their machines:
“ASIC manufacturers had learned from past mistakes and implemented random nonce picking.”
However, the nonces chosen were too random. According to the author, in a “natural” state, nonce picking in Monero isn’t completely random either. The new wave of ASICs introduced “over randomness,” making it once again detectable via nonce forensics.
As ASICs once more came to dominate the network competition for blocks intensified. This coerced traditional GPU miners to once again leave to mine other, more profitable coins.
Overall, the statistics from the analysis are stunning, with the author stating:
“At the time of writing the network hash rate has increased to 810 Mh/s or 255% since the first signs of the ASICs at the end of December 2018, or approximately 40 days ago.”
He concludes that the network hash rate “likely consists of 85.2% ASICs (5400 ASIC machines) and some die-hard GPU miners and botnets.”
To read MoneroCrusher’s full analysis, go to his Medium post here.
The proliferation of ASICs on Monero is problematic because it increases centralization on a network. In a centralized network, malicious exploits such as 51 percent attacks are, theoretically, easier to execute.
Monero’s community has taken a stance that is strongly anti-ASIC. Especially when compared to Bitcoin, where ASICs have become a fundamental part of its ecosystem, and Ethereum, where the core development team is neither for or against ASICs (although an interest group around ProgPoW wants to change that for ETH).
To combat ASICs, the Monero community plans to actively change its mining algorithm. This was demonstrated in the past via previous hard forks. Since ASICs are specialized at solving a single, or narrow set, of mining algorithms, such changes tend to render ASICs ineffective or useless at mining.
Monero’s ethos to combat ASICs can be seen in their GitHub. One of the group’s most commented on ‘Issues’ is “Idea for ASIC resistance,” where the group crowdsources ideas for combatting ASICs. Another hotly debated—and much more controversial—thread in the Issues section of Monero’s GitHub is “Proposal to consider an ASIC-friendly proof of work.”
Something to note, Monero is an open-source project, so there is no “official” stance of Monero. That said, the overall community leans strongly towards ASIC resistance. One comment in the second of the two threads effectively embodies Monero’s feelings towards ASICs:
“I think ASICs give too much power to the miners. Yes, I’ve read the logic that ‘well the ASIC can only be used to mine that coin so therefore the miners will always support that coin and their intentions are good’ but we shouldn’t care what the miners support. The miners get rewarded for providing a service to a decentralized network, where the value is completely dependent on the extent of decentralization. The network is not rewarded by the service of the miners.”
Although, there are still those who believe ASICs can benefit a network:
“I think ultimately it’s futile to try and constantly fork away from ASICs. The original idea of CryptoNight [mining algorithm] afaik [as far as I know] was that it was somewhat equivalent between CPUs, GPUs, and theoretical ASICs, and I think trying to meet that original vision [of Monero’s] is probably more realistic than trying to constantly fork to prevent ASICs from mining on the network.”
It seems that the Monero community must once more make a decision. If the analysis is correct—and XMR is indeed dominated by ASICs—then the community will either need to implement another hard fork with a new mining algorithm; or, decide that ASICs dominating the Monero network is acceptable.
Based on Monero’s past history it seems likely that they will choose to hard fork, so prepare accordingly.