Bounty: development of efficient open-source FPGA/ASIC mining solution

[riX]

I guess it doesn't meet the bounty, though Because of this

Either of the above devices must cost no more than $0.60 USD per megahash per second that they provide, and must consume no more than 0.3 watts per megahash.

It easily meets the Watts per MH/s requirement. I measured 8Watts at the wall for the 50 MH/s design  and that's with a dev kit! But it obviously doesn't even come close to the $0.60 USD per MH/s requirement.

But I will continue to work and improve on it. The $0.60 USD requirement is insane, but so am I! 

It will be pretty hard to get below $0.60 USD with FPGAs, I really had the ASIC alternative in mind for my part of the bounty, but I will of course pay it for a FPGA solution that meet all requirements.

[1715044544]

1715044544

[1715044544]

1715044544

[Chris Acheson]

But I will continue to work and improve on it. The $0.60 USD requirement is insane, but so am I! 

I picked that requirement as a "competitive with GPU mining" price point.  I think I might be interested in investing in FPGA mining around a $2 per MH price point, so I'll add a second bounty for that.  Unless I'm misunderstanding what he said, ArtForz has already achieved this:

(05:56:15 PM) ArtForzZy: my S6 LX150s get 113Mhps for $180 per chip

It would be good the have bounties at various development milestones anyway.  If there's anyone else who wants to change their bounty requirement, let me know and I'll update the original post.


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I will offer an additional 10 BTC bounty with the same requirements as my previous bounty offered on 5/17/11, with the exception that the device must cost no more than $2.00 USD per megahash per second.

- -Chris Acheson, 5/24/11
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJN28jnAAoJEBgPDxtXUJkinbMQAJUuVqloTeofK+pp3RcU+S7s
eC0uWztf7vPYcXnpbigv0Jf2BMvY2CXDj2NmpxW19j0ItvsjdMpDcqib2uqXHjWf
UT7iJtoJsH9K0+5oiBvbtZtfUcBtFRA4rwQ8k8erj+ouNXYozMRT0ReGhMSV8SJh
Ohoc+jQtdJhSyKsghI9I+CSWDf5MC0wiFn89ZCqBy3kESsrYgGfStbcaMIfIYFqI
TZRDlhRNd3fVU4V5fnkieSqNW/8VPUV58xRMsyx3UL3rRL56fpP3dyPyyYkjoG8X
Aq9PTDDgRRcV13afG0QiLvkWK9rENegouQkLdIt+qPyudPkhA3N/3dqwvqTgNGTR
39RUI4Z6EwfaetmoVvrhyKke1SV2fC7OdG+0HGn0+oIOgqh7cy1USm8e1QeRaPfI
tLZJkQsOEG/P3gildyE11pFuq5q1Ottvy7z6GiqnV7ietgT+7hjb9RoQMwQS15BK
MKJ2tEht3DwNU7vT0WeSWG48RNirb8up+c4uJ9fHLdtRsJTo0Ywn28T5xZCjgJRJ
EsDajFrT8j0uJTo2DAzzhdfR5XRg/A3z+wI7LWfKe+9qNG+Kr0on/QAhn7wCZkA6
ONDAEiq4QxJ1/40mUcFXoiFN9ROSlwXPRZoiVeqoW91NK1sjOIA5vE0eVEiXsQH8
zrleqx/7nUrBwkS3wk8V
=OCTV
-----END PGP SIGNATURE-----

[Chris Acheson]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Unfortunately I'm not in a financial position to be offering bounties at the moment.  I withdraw the bounties that I offered on 5/17/11 and 5/24/11 until further notice.

- -Chris Acheson, 5/27/11
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJN3zYOAAoJEBgPDxtXUJkig+oP/jgbxVIxOL9EQ8NIJOOkS4gz
2TMpHms88zbUzo24zXPliEcdZp5GrbDKzsHdQlfiRQqpaycD2z/9JQehlh9eFRBK
CBGS3DhHP5qhtnhVBWqyJFJt9a1CwssVA3y2x4uWkWuagHXN4Pe1SG1boSS3KwZY
HynQ8bcXQ5SJC6Zl/ZvX11DIwX2+Nrv+Iikl1oixpT50VKiiCMMNN4C/3s4OZbNG
yKuMtSOlOKJx3vMnO8yNpJQJsXezB0srmpEgaY2MGOVrSVN6jUu9LekH1hVc50nc
WkyPmCxjTHcZznsH7SO/6+vJ8aN3J3eg05OQQkAEf4HDezDV5ewv3jeH7E+IFa/j
203r46XH96F6tf563jOXGNY4Fq464Fx1e2N+vEvaZgKmEqXRTY84pp7feAc68El1
EgWXieOfOvIDi+is+1A3cHyQrrFUe3ceUZSzkF3btfRyER+lip5I0yVgry4K7zKK
llodGl5EHD/LyaIUrYx/57X8hovx64ozZ5t3h/VtYJ0ZaGsedYk+H2x+nVgLi/qo
1XWgGiafFImig5Qd6QjTAbE4FMVZ7WyFWvr22dZ3xgBJUmuEcNNvgxTW8csQu39F
ptJBd3HrCo4kxCrzJ7OcHztEa+vjS07+mM/KggakSOKrlkR+rjd2F3yk8X9gaOxw
Uly9jB2gta7/jGiff8ye
=Gdgq
-----END PGP SIGNATURE-----

[BitterTea]

I'll move my 20 BTC bounty to the $2.00 price point. I think an open source approximation of ArtForz's capability is a good starting point. 

[teknohog]

I'll move my 20 BTC bounty to the $2.00 price point. I think an open source approximation of ArtForz's capability is a good starting point. 

Me too. Power efficiency is much more important in the long run.

[Fhtagn]

Seems the latest ASIC thread has been locked, for some reason.
 http://forum.bitcoin.org/index.php?topic=14910.0

How would you audit a project like that for security? If enough miners adopted the same ASIC, a >50% hashing power problem could present itself. It seems you'd have to trust the vendor.

[phillipsjk]

How would you audit a project like that for security? If enough miners adopted the same ASIC, a >50% hashing power problem could present itself. It seems you'd have to trust the vendor.

The problem is deeper than you realize. Modern computers are inherently insecure, and since at least 1996 software has been designed to work against the user. In the past decade, more and more hardware has been designed to work against the user as well.

Even if you trust Intel and AMD not to add a back-door that phones home for instructions upon seeing a specific 256bit number, do you trust the Chinese (or American) government not to tamper with the design and manufacture of those components?

Even if such tampering can be found, it can likely be explained away as an oversight or design defect; especially if the mechanism is subtle. Currently, no computer manufacturer will absolutely guarantee their systems will work as advertised. With GPUs, the full specs are not even publicly available. Building trusted, proven correct computers will likely take generations (like 150 years). If a computer is proven to implement a certain specification, you can sue if any "bugs" are found: since the design is 'proven correct', any 'bug' must be deliberate sabotage.

[njloof]

That is of course moon-man talk, unless you're planning on giving the ASIC its own Ethernet interface.

[phillipsjk]

If the host computer has a compromised Ethernet interface with Direct Memory Access, it doesn't matter.

I realize it is not practical to wait 150 years to experiment with a crypto-currency, but I still think Bitcoin will fail medium-term. Hopefully valuable lessons will be learned for bitcoin 2.0.

[njloof]

Dude, if you're worried about the evil ASICs taking over your computer, stick them in a external chassis and refuse to talk to them except through a USB port. With a large enough block size the communication between the ASICs and the host computer is minimal, even if you put a hundred of them in the box.

[Fhtagn]

I was referring to block chain integrity, not that of my personal computer. The current clients are open sourced to enable oversight. One dominant chip manufacturer could effectively have a back door to a large portion of the network.

This isn't such a paranoid concept if you consider where many semiconductors and boards would be manufactured. China already has laws against using digital currency for material goods. There are a lot of places in the manufacturing process where dishonest changes could be made. For this reason, some agencies have their own fabrication facilities.

The previous poster wasn't really addressing my concern. I most likely wouldn't be controlling ASIC arrays from a PC.

I don't claim to be a VLSI expert, I'm merely inquiring.

[Fhtagn]

My questions have been addressed on the (now unlocked) ASIC dev thread.

[JoelKatz]

How would you audit a project like that for security? If enough miners adopted the same ASIC, a >50% hashing power problem could present itself. It seems you'd have to trust the vendor.

There are mechanisms available that would allow a person to have confidence that the ASIC did what it claimed. In operation, the inputs and outputs of the ASIC would be completely controlled by software under the user's control.

Essentially, the ASIC is like a miner and the user is like a pool. Controlling the ability of a miner to harm a pool, ensuring the miner is doing what they claim to do, and the like are all well-understood problems with known solutions. It is trivial to confirm that the ASIC is doing what it claims to do, and there is no secret communication channel between the ASIC and its manufacturer.

The most the manufacturer could do is something like designing the chips to fail to ever find solutions that exceed a particular difficulty. To check for these kinds of defects, someone would have to imagine each particular subtle flaw and test for it.

[fpgaminer]

The most the manufacturer could do is something like designing the chips to fail to ever find solutions that exceed a particular difficulty. To check for these kinds of defects, someone would have to imagine each particular subtle flaw and test for it.

I don't see what benefit that would have to the manufacturer, unless they created a competing company that sucked up all the business after the "scam" was discovered, essentially getting people to buy the same chip twice ... which is actually ingenious. MWAHAHAHA

Anyway, you'd just feed the chip Difficulty 1 work to work-around the "feature". The chip should be operating on Difficulty 1 work anyway, because there's no reason to have the extra logic in the chip to check for other difficulties.

[JoelKatz]

The most the manufacturer could do is something like designing the chips to fail to ever find solutions that exceed a particular difficulty. To check for these kinds of defects, someone would have to imagine each particular subtle flaw and test for it.

I don't see what benefit that would have to the manufacturer, unless they created a competing company that sucked up all the business after the "scam" was discovered, essentially getting people to buy the same chip twice ... which is actually ingenious. MWAHAHAHA

I don't see either. I'm just pointing out that it's something they could do. I can't defend the claim that there are no imaginable vulnerabilities.

Anyway, you'd just feed the chip Difficulty 1 work to work-around the "feature". The chip should be operating on Difficulty 1 work anyway, because there's no reason to have the extra logic in the chip to check for other difficulties.

The chip could still silently discard all found hashes that exceed a particular difficulty level. Testing with difficulty 1 work, you'd be none the wiser. Eventually, people using the ASIC would be getting shares from pools but not finding blocks.

Now that I've pointed out this specific threat, it's obvious how to test an ASIC for it.

[teknohog]

There is an issue that worries some of us at the modular miner thread, and I think it is highly relevant here. Many of the better FPGAs require paid-for software licenses in order to develop any code. For example, the modular miner thread has agreed on a chip that needs $2000 a year for such a license.

It is debatable whether this makes the project any less "open source"; after all, even the $0 software for FPGA development is closed source. However, my question is, do we include such a license fee in the Mhash/$ criterion?

It may be possible that other people can use the generated design without the software, so we should only factor in the hardware cost. However, in that case I would not consider the whole package "open source", because I would not be able to play with the code at that price.

I generally refuse to buy any hardware that I cannot program freely, and I think this is particularly important when buying something for a singular purpose. Even if Bitcoin fails in the near future, I can continue to use my GPUs and FPGAs in other fun ways.

[Mousepotato]

Nobody will ever sell you an ASIC miner.

EVERYTHING has a price.

[Silverpike]

Nobody will ever sell you an ASIC miner.

EVERYTHING has a price.

Riiiiight:

Sell 1000x ASIC bundles for $1k-$10k

OR

Mine for 6-months and make 10x that much money.

Nobody in their right mind would choose to sell chips at this stage of the game.  Maybe in a year or so when the reward goes to 25, or some other external factor changes the dynamics.  But there are very few Bitcoin miners able to afford paying for an ASIC array, and there's too little profit to be made selling the chips themselves.  Now and for the foreseeable future there is zero economic incentive to actually sell chips capable of mining in the GH range.  Having a tactical advantage of using ASICs isn't worth selling even some of them, since a first-mover of ASICs would want to keep that leverage for as long as possible (which dis-incentivizes mining AND selling chips). 

I could only see public sale of ASICs happening if it became known that there was more there was more than one ASIC implementation in existence, and the advantage of being first was lost.  Then it might make sense to start selling publicly.

Those factors notwithstanding, I applaud the efforts of the community to find a viable implementation.  However, there are 2 big problems facing the community that have, as far as I'm aware, no solution:
1. ASIC design engineers are very scarce (especially ones who really know how to do more than one part of the design flow)
2. Providing funding for this project is very difficult due to the up front NRE.

The only people I've ever heard willing and able enough to overcome this are:
1. Artforz (who has a private implementation)
2. The Canadian guys (They claim to have a team working on this, but I can't find their posts.  Search and you will find them.)

Anyways, good luck to everyone on this project.  It would be nice to see a  publicly accessible solution.

[Anoynomous]

other people can use the generated design without the software

If the benefit of the work is open to the whole community and designers(who already have the software) have the freedom to tweak it then i think its pretty much open source... Tough as it already is, including the price of the software means dropping the bounty altogether...

[Bicknellski]

No bounty left unpaid?