I guess it depends on the radiator size.  The top can mount a 2x120mm or 2x140mm and the front can mount a 2x120mm, 2x140mm or 3x120mm.   You likely couldn't do it with the sealed waterloops that HF is using stock but with standard water cooling parts 5x120mm worth of radiators should be enough for 4 BabyJet boards. 

A lot really depends on the final power consumption.  IMHO despite what cointerra and Hashfast did with their larger rigs if you can't power it with a single power supply you don't really gain a whole lot by making one monster rig as opposed to two smaller rigs.   

I assume most Batch 1 customers also purchased the upgrade so ultimately if HashFast delivers (someday) they are looking at 6 modules total (BabyJet + upgrade + 4 MPP modules).   Probably makes more sense in looking into converting those into two 3 module systems.

Yeah that didn't happen in 1 day.

http://bitcoincharts.com/charts/mtgoxUSD#rg30zigDailyztgSzm1g10zm2g25zv

This it is the equivalent of your bank allowing you to construct a wire transfer packet manually and then someone getting surpised that instead of wiring $1,000 to grandma they wired $10,000 to some unknown account in a bank in the Caymans.

Agreed.  Bitcoin isn't some tiny experiment where the money supply is worth a few million anymore.  There is pretty much no event that could cause it to double in on day.  Likewise the only events IMHO that could cause it to fall more than 50% in one day anymore are likely catastrophic (massive network wide double spend, 51% attack blocking all transactions, a fatal flaw found in SHA-256, a backdoor found in the ECC curve used by Bitcoin, etc).

Agreed.  

It is possible that SHA-256 or RIPEMD-160 have undesirable characteristics which result in a non uniform distribution of messages to digests but at this time both algorithms are seen as a good approximation of the random oracle so there is no reason to assume that until facts suggest otherwise.  Even if future cryptanalysis shows that they have a non-uniform distribution it would have to be incredibly non-uniform to affect the probability that at least one valid PubKey hashes to that PubKeyHash in any meaningful way.  You corrected me on a similar statement I on reflection I agree.

Saying we "hope" is exaggerated; it is like saying Bitcoin users are just hoping nobody generates their private key and steals their coins thus the whole Bitcoin network runs on "hope".  Cryptography is always based on probabilities however we use really really reallly really really large numbers so the probability of certain events approaches 1 or approaches 0 but never is known to be 1 or 0 before the event.    In theory I could randomly bang on my keyboard right now and produce a private key which allows me to impersonate Google's SSL cert on the first attempt.  It "could" happen but Google doesn't really need to "hope" it doesn't happen because while the odds are not 0 they are for all practical purposes ~0.

Of course I think the best way to sum it up is that if I ever notice funds are transferred out of the "Bitcoin Eater" address I am selling coins first and asking questions second. It is a good canary in the Bitcoin mine.

Exactly.  As the quote in the "star image" was mine, I want to avoid it being taken out of context.  As you point out if you can't go through the wall there may be other ways around it.   The quote only deals with brute forcing a 256 bit key (and subsequently to writing that quote I have learned that a 256 bit ECDSA key only has 128 bit strength against brute force attack although that doesn't materially change the scenario in the quote).  It only deals with a brute force attack and I wrote it because I got tired of all the "what if computers get faster can someone hack Bitcoin questions".  Still it is important to keep in mind that there are other attack vectors which don't deal with a classical brute force (and the physics problems that accompany it).

If you wanted to gain access to coins at a random Bitcoin address there are three attack vectors:

• Brute force attack on all the private keys used in the Bitcoin network = infeasible given the time and energy requirements (the "star quote").
• Exploit a cryptographic flaw in ECDSA, RIPEMD-160, and/or SHA-256 = no such known flaw exists at this time and may not exist in our lifetime.
• Use a general Purpose quantum computer capable of implementing Shor's algorithm = may not ever be possible or if possible the time until a GPQC with 40,000+ qubits is indeterminable.

All three are infeasible right now, only the first one is beyond the limits of physics the other two simply don't exist right now.  Maybe they will exist next year, maybe not for a thousand years but we do know that they are possible on a long enough timeline.  The good news is that Bitcoin is extensible and long before either cryptoanalysis or quantum computing make an attack economical or practical Bitcoin can be extended to new stronger address types including ones which are quantum computing resistant.  People can transfer funds to the new addresses and avoid the attack vector (for another century or so).  Of course funds for which there is no known private key ("lost coins") could at least in theory be reclaimed because they won't be moved to the stronger address scheme but it won't be as some incorrectly believe "because computers get faster".

Well grandma wouldn't try to be stupid enough to manually create a tx by hand.  She would use a wallet either a wallet program or an eWallet and neither make these kind of mistakes because they are written by people who actually know what they are doing.

If you want to create tx by hand you are working at the functional layer, like programming in machine language, or manually constructing binary TCP/IP packets.  If you program in machine machine language you can cause all kinds of problems too.  Based on that your conclusion would likely be that grandma can never use facebook because machine language is dangerous.

Bitcoin is more like a protocol than software.  The internet used TCP/IP 20 years ago and it will 20 years from now.  It never got replaced with something different even though TCP/IP has plenty of flaws.

It depends on the length of the wire, and the acceptable voltage drop.

At 3 ft circuit legnth, 18 AWG is good for 9A with a 2.83% voltage drop.  As for safe, at 2.83% voltage drop that would only 1.5W dissipated as heat.  Still the point was somewhat academic I doubt HF will be pushing anywhere close to that much current but if they did the limiting factor wouldn't be the artificial PCIe graphics standard for 6 and 8 pin connectors.

The PCIe graphic card standard (which has nothing to do w/ ASICs) limits power to 75W on 6 pin connector and 150W on 8 pin connector (using no more power pins) however those are artificial limitations.   The actual connector is good for 9A per pin, 3 power pins (both of 6 & 8 pin connector), 12 V means 324W (9*3*12) per connector max or 648W for a pair.  

Now how much power a particular PSU can push to the connector is another question.  The VRMs on the board also have a max current limit so the chip can only be provided so much power but the connector is a total non-issue.

On the power & cooling.   This won't be the first time in the first thread I have had to point out that a rig using X watts at the wall doesn't mean the chip is using X watts (and the chip is the only thing attached to the radiator).

Say chip uses 400W @ ~1V.  No ATX PSU has a 1V output so the board needs to convert the 12V from PSU to the voltage used by the chip.  If the VRMs are 88% efficient then to supply 400W to the chip @ ~1VDC would require 454W @ 12VDC.  Now add to that 2 radiator fans + intake fan + water pump + host/controller for another ~50W so in this scenario rig uses ~500W @ 12VDC.  Now the ATX PSU which converts 120/240 VAC to 12VDC is only ~90% efficient so 490W @ 12VDC = ~550W to 560W @ 120VAC.

Compute the checksum of the pubkeyhash. 

https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addresses
Take a look at steps #4 to #7.

One thing I have pointed out in the past (and likely will need to continue to point out for a very long time ) is that DWAVE's system implements (or it stated to implement there is some controversy over exact what is happening) quantum annealing algorithm which while it does (or may) have some quantum properties is not the same thing as a general purpose quantum computer.

To attack public encryption requires a general purpose quantum computer (QPQC) capable of implementing Shor's algorithm (or one built to only implement ONLY Shor's algorithm, a quantum "ASIC" if you will).  Even if DWAVE's computer was a quadrillion qubits it would be absolutely useless for attacking public encryption.  

The global recognition for successfully factoring larger numbers using a GPQC and Shor's algorithm is a pretty big deal.  To date nobody publicly has shown the ability to factor numbers larger than 143 (an 8 bit number).  Even factoring 32 bit numbers at commercially viable speeds would probably mean we are decades away from being able to break 256 bit ECC keys but we aren't even close to that.  While QC is powerful in theory, practical progress has also been agonizingly slow:

2001
First successful demonstration of Shor's algorithm.
Computer size:  7 qubits
Number factored: 15 (into the factors 5 & 3)
Equivelent RSA keysize: 4 bit

2011
First successful factorization of a three digit number (143)
Computer size:  8 qubits (actually 4 bits using an iterative process)
Number factored: 143 (into the factors 11 & 13)
Equivelent RSA keysize: 8 bit

So the bit strength of "encryption" (I use this term loosely because one could crack 8 bit "encryption" with paper and pencil) that can be broken using QC has gone from 4 bit to 8 bit after a decade of research.  Even if this can scale, at the current growth rate breaking Bitcoin would be more than a lifetime away.  ECDSA is a little different than RSA in that it doesn't involve factoring large numbers and instead uses the properties of elliptical curves but both can be broken using Shor's algorithm.  In general ECC requires smaller keys than RSA for an equivelent level of security.  To achieve 128 bit key strength (which is considered beyond brute force for classical computing) using ECDSA requires 256 bits, but using RSA requires 3,072 bits. Bitcoin could use RSA and be just as secure however transactions would be up 12x as large.  

Still both RSA and ECC in theory can be broken faster than what is possible with classical computing by using a large enough (and fast enough) quantum computer implementing Shor's algorithm. I have only found one paper to date which compares the qubit cost of implementing Shor's algorithm against both RSA & ECC.

http://arxiv.org/pdf/quantph/0301141.pdf  I emphasis of relevant portions is by me.  

So we are looking at a general purpose quantum computer which needs at least 1,800 logical qubits.  Nobody (AFAIK) has even done research on the amount of error correction required for a commercial general purpose quantum computer (because none exists) but lets take the authors estimate of "dozens of physical qubits per logical qubit" and use 24x as a low end.   This would mean (1,800 * 24) a system with 43,200 or more physical qubits.  To put that into perspective the largest (AFAIK please correct me if you find a larger example) general purpose quantum computer capable of implementing Shor's algorithm is ... 7 qubits so we aren't eve in striking range yet.

Still QC "may" may break 256 bit ECDSA within our lifetime, so should be looking to future solutions.  There are a couple things which can be done to improve the quantum security of the Bitcoin network.  The simplest change would be to implement a new address type which uses a larger ECC curve.  While larger ECDSA keys can sitll be broken they do increase the qubit requirements, moving to 512 bit keys doubles the required qubits and 1,024 will quadruple them.  If GPQC proves viable this would buy the network some time for a longer term solution.  I don't even know if 1,024 bit ECC is supported by major libraries, outside of quantum computing there is little need for 1,024 bit ECC because even 256 bit ECC is considered beyond brute force. 

A longer term and more complex solution would be moving to an address scheme based on a post-quantum algorithms (http://en.wikipedia.org/wiki/Post-quantum_cryptography).  These systems generally have no wide spread deployment so there may be unknown security issues so I am not advocating a change anytime soon just pointing out there are algorithms which can be used to protect the network even if large GPQC become available.   The largest obstacle to these post quantum systems is generally they involve much much larger public keys.  The bandwidth and storage requirements of Bitcoin are highly correlated to the size of the public key and we are talking about public keys in the tens of kilobytes (notice the plural) so transactions and blocks would be easily a hundred times larger.   Now it is entirely possible that Moore's law will mitigate this somewhat,  and stat using a 50,000 byte key in 2048 will be no more of a challenge then using a 256 bit key today.

For those who are interested in post quantum cryptography one implementation (which has open source implementation) is NTRU.  It is likely far too early to consider any such implementation in a production system but implementing a patched version of bitcoin on testnet which incorporates NTRU would be an interesting project.

Agree the prior post does a bad job because it is x GH/s for delivery in Dec/Jan and then 4x GH/s for delivery in Feb (April? May?).


$500 to $1000 per board?  HF would be asinine to try and charge that.  The good news is a user could simply by their own gear.  User needs to supply power supply and cooling module.  $60 per board for cooling module and if the boards use 250W to 300W ea that is 1/4th a 1250W PSU or say $80 per module.  So maybe $140 per module or $640 for four, plus some DIY case and a couple screws.  Someone would be downright stupid to pay $4,000 for that.

It is 4 dies operating as a single chip.   KNC uses the same method BTW so it takes 16 dies for a KNC (Nov) Jupiter to produce ~650 GH/s.

Yes you are right.  And no the OP # don't include these (and many other 2014 runs).  The original purpose was to estimate year end difficulty.  When I get some I time I will try to update it for 2014.  Many of the existing pre-order runs have been completed in full so we can look at current difficulty + undelivered future orders going forward.

Well with spray cooling you don't even need a heatsink.   The advantage is that it can handle extremely high heat loads 90W/cm2 is possible and with subcooling that can reach 300W/cm2 or more.   So pretty much insane power densities that would cause the component to melt with air cooling.

The disadvantage is that spray cooling requires some pretty incredible precision and if anything fails the chip will die in a matter of seconds (if that).  IMHO immersion cooling is already pretty complex as DIY project anything beyond that is starting to get into a serious engineering challenge.

Flow cooling (what you described) is also an option and it can handle higher thermal loads.  Another option is subcooling where the evaporated fluid is cooled below the boiling point (not just to the boiling point).   Some high end defense components use a third concept called spray cooling where a nozzle sprays fluid directly onto the chip.  

The advantage of two phase (semi) open bath cooling is the simplicity of the system.  You have a tank, the heat source (chips) boil some of the fluid, it rises as a gas, hits a colder condenser, changes back into a liquid and "rains" back into the tank.  You still need a method of keeping the condenser "cold" and that usually involves circulating water or glycol but the actual immersion tank itself is passive with no moving parts.  No fans, or pumps, pressure regulators, or spray nozzles.  The fluid level should be roughly constant so using a float switch one could just cut power to everything in the tank if the fluid drops below a threshold.

So for a DIY the relative simplicity of two phase makes it more attractive than other solutions which are capable of higher thermal loads.

I would strongly recommend not buying Fluorinert on eBay.  The chance of getting diluted, contaminated, or used fluid is simply too high.  There is no cheap way to test the purity of Fluorinert so most likely they way you find out is "poof" you instantly destroy thousands or tens of thousands of dollars worth of gear.

I purchased the Flourinert from here:
http://www.parallax-tech.com/fluorine.htm


They don't have the versions suitable for immersion cooling in stock but they can special order.   3M keeps pricing pretty tight so don't expect much price different between vendors.  Fluorinert runs about $80 per Liter depending on the amount purchased and the type of Fluorinert.  Novec is roughly the same but a little cheaper.