This whole ASICBoost bullshit is yet another distraction from Blockstream/Core keeping the blocksize at 1M and screwing everyone else over.
ASICBoost was out of the bag ages ago, patents don't stop any nameless mining farm from building their own ASICBoost rigs. If Core don't like ASICBoost, they should just fix the damn code instead of crying about it every year.
The
ASICBoost write paper used way too much tech jargon, and when it comes to implementations all you get is "We will not discuss the optimal solution in this paper, but further information can be provided by the author on request."
So a year later half the devs still don't know how it works, if the devs can't even figure it out, it'll be even worse for users, so you end up with all these trolls trying to get away with making the most ridiculous statements, creating new enemy-of-the-week trying to distract people from Blockstream/Core's own fuck ups.
ASICBoost is:
1. A programming short cut of using 3 sha256 operations instead of 4 when mining a block hash.
2. It is possible because sha256 processes data in 64 bytes chunks, but the header is 80 bytes long.
3. So the block header is split into 2 chunks when sha256 computes its hash.
4. The merkle root inside the block header, spans over the position that sha256 split the chunks.
5. The merkle root is 32 bytes, 28 bytes of it (head) ended up in the first chunk, 4 bytes of it (tail) ended up in the 2nd chunk.
6. The second chunk has 16 bytes of data and 48 bytes of padding.
7. Of the 16 bytes of the data in the second chunk, 4bytes is the merkle root tail, the other 12 bytes are time/difficulty/nonce, all known values by the miner.
8. That means if a miner can generate a bunch of hash with the same last 4 bytes, then the entire 2nd chunk, all 16+48 bytes of it becomes a fixed known value.
9. A fixed value means it can be reused, this allows miners to simplify the sha256 mining loop, so that it only uses 3 sha256 operations instead of 4 and increase efficiency.
10. The more 'hash with the same last 4 bytes' a miner can generate, the more times they can use the short cut, the more performance gain, this process is called 'finding partial hash collision'.
11. To generate these partial hash collisions, miners have to keep changing the data on the block then get a new hash at high speed, but different ways have different costs, only a few of them is worth while.
12. One of the fastest way to find hash collisions is to keep changing the extranonce in the coinbase, at the same time keep reordering tx in the block. This modifies both side of the merkle tree parallelly and allow further math shortcuts to take place.
13. Changing the coinbase and reordering tx is computationally costly, it is only worthwhile if you can do both at the same time without affecting each other.
14. In regular Bitcoin, modifying tx changes the right side of the merkle tree, and modifying the coinbase changes the left side of the merkle tree, the coinbase on the left doesn't care what happens to the tx on the right, and vice versa. There are no double overhead modifying data on any side, so in the end you can gain a 20% advantage with ASICBoost.
15. But if the coinbase merkle root includes the hash of all the tx, then ASICBoost is no longer worth the effort, in fact it'd make mining slower, because now every time you reorder the tx, the coinbase also changes, and you have to use an extra 10 or so operations to update the left side of the merkle tree. That 20% advantage is gone.
16. This is what happens in BIP-141 SegWit, the coinbase has a new merkle root call the 'witness root hash', that includes all regular and side tx. This makes the reordering tx also updates the coinbase, miners have to run extra operations for each reordering, this double overhead makes it too costly to use ASICBoost.
17. Extension Block is base on BIP-141, they have the same commitment structure, so Extension Block is immune to ASICBoost.
18. If anyone is using ASICBoost, the 'overt' method involves modifying block header data directly, so you'll see strange version numbers and other weird data, the 'covert' method involves reordering of tx, or empty blocks, these are also obvious.
19. If there is a new way to use ASICBoost without obvious side effects, then it's just another valid optimization on generating hash, optimization happens all the time.
20. The excuse of ASICBoost patent may lead to centralization is also silly, there are so many patent involved with mining already, from chip to connectors to cooling, everywhere you look there is a patent. Mining is so competitive, every year there are a bunch of new optimizations with a new bunch of patents. The biggest problem with ASICBoost is once it's used, it'll leave obvious patterns in the blockchain, the anomalies will be spotted very quickly.
