sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
JHistone has quit [Quit: Leaving]
pro has joined #bitcoin-wizards
Emcy has quit [Read error: Connection reset by peer]
Emcy has joined #bitcoin-wizards
Emcy has joined #bitcoin-wizards
Emcy has quit [Changing host]
Giszmo has joined #bitcoin-wizards
snthsnth has joined #bitcoin-wizards
btcdrak has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
tromp_ has joined #bitcoin-wizards
bitcoin-wizards1 has joined #bitcoin-wizards
<petertodd>
tromp: what do you mean?
<tromp_>
i mean factoring composite numbers is more interesting:)
<petertodd>
tromp: yeah, I meant that as "factor things into primes" :)
<petertodd>
tromp: eh, in the context of someone so excited about RSA that they'd skip their own wedding, I think it's a reasonable mistake to make!
<tromp_>
like i said, i was just curious if you had inserted that excitement on purpose:)
<petertodd>
tromp: I'm not sure I'd quite say "on purpose" - but it's a good excuse :)
<petertodd>
tromp: it actually took me awhile before I came up with a wording that sounded natural; my first (more accurate) attempts didn't sound right
<tromp_>
btw. my CUDA equihash solver is now far behind the state of the art
<petertodd>
tromp: oh yeah? where are we now?
<tromp_>
it does about 33 Sol/s where the latest GPU miners reach 200 Sol/s
<tromp_>
although those are all on AMD/openCL
<petertodd>
tromp: how much ram do they use?
<Taek>
how fast can the best cpu implementation go?
<tromp_>
CUDA has claimed 134 Sol/s miner, but supposedly sold for private use, so unverifiable
<tromp_>
cpu tops at about 30 Sol/s
<tromp_>
by running multiple single threaded solvers
<tromp_>
GPU solvers vary in memory use
<tromp_>
between 200 and 800 MB mostly
<tromp_>
sometimes multiplies by 2 or 3 instances
<petertodd>
tromp: hmm, the low end of that is low enough some fpgas have that available on chip (ignoring the brand new high-end HBM stuff I mention in my blog post)
<Taek>
tromp_: do you have any knowledge about what % of the hashrate is currently CPU mining? This is a great time to verify the hypothesis that it's good enough to be within an order of magnitude
<tromp_>
high memory fpga's are very expensive though and wont be competitive
<petertodd>
tromp: it's also interesting to note that SRAM has better power efficiency than DRAM, even for high usage applications
<tromp_>
SRAM also not cost effective at 100x higher expense
<tromp_>
for only 10x performance incr
<petertodd>
tromp: they are, but they are expensive because of inefficiencies inherent to FPGAs, and low yields; they suggest what's possible on an ASIC
<tromp_>
my hope is that widespread use of memory hard pow will lead to energy use improvements in commodity drdam
<tromp_>
DRAM
<petertodd>
tromp: again, don't be sure that 100x higher expense is the limit of what's possible; there's likely all kinds of interesting improvements you can make when you sacrifice specifications that PoW doesn't need, like reliability
<petertodd>
tromp: so basically, you're hoping people will make ASICs for it...
<tromp_>
ASIC memory controllers, basically
<tromp_>
but they dont need to be all that optimized
<tromp_>
only to saturate DRAM
<tromp_>
and are more easily added to consumer electronics that alrd have DRAM than bitcoin ASICS
<petertodd>
tromp: commodity DRAM isn't even optimised right for that usecase; hence GDDR's bandwidth specialization, and more recently, high-bandwidth-ram
bitcoin-wizards1 has quit [Quit: Page closed]
bitcoin-wizards2 has joined #bitcoin-wizards
<tromp_>
but energy efficient RAM of whatever kind, has big enough advatages to become commoditized
<petertodd>
tromp: there's already pressure to make RAM energy efficient; making things energy efficient for PoW will most likely involve tradeofs that make it no longer commodity
<tromp_>
see my cuckoo cycle project page where i discuss that
<tromp_>
DRAM can indeed use energy improvements; and they benefit everyone
<petertodd>
tromp: yes I read that; highly specialized ram that meets your criteria already exists, and it does that by making tradeoffs that don't make sense for commodity ram
<tromp_>
right now DRAM is overly optimized for performance/dollar, at the expense of energy efficiency
<tromp_>
the papers i mention propose changes that make a lot of sense for commodity ram
<tromp_>
one problem is they need joint developement of better memory controllers
<petertodd>
tromp: DRAM comes in multiple different types you know, optimized in different ways
<tromp_>
what we need is more configurable DRAM that can dynamically adapt bus width
<tromp_>
and other parameters
<petertodd>
...so we need something that's no what's available commodity. Maybe ram PoW will drive those changes; IMO it's more likely thtat just shows that the idea is still such that custom hardware can be built with big efficiency improvements over commodity.
<petertodd>
tromp: for a while when writing my cypherpunk desert bus post, I had briefly mistaken your cuckoo cycle github page for equihash, and got exicted when you had basically made my point for me :) but then I realised I was mistaken, and had to work for a few more hours to make it
<tromp_>
nice write-up of your ceremony participation
<tromp_>
i wondered why you didn't invite a friend a long to help out with things
<petertodd>
thanks!
<petertodd>
basically because the reality of hardware security is that a "friend" could have easily backdoored the laptop
<petertodd>
so the result would have been parameters where you had to trust myself _and_ that friend to be honest
<tromp_>
most ppl who trust you will also trust you to pick your friends
<petertodd>
tromp: they shouldn't - and hell, the pool of people I know who were in a position to do that is pretty small; remember that I already asked someone and didn't get a response back in time
<tromp_>
i see
<tromp_>
did you keep the dvd's?
<petertodd>
tromp: yes
<tromp_>
are there published checksums of them?
<petertodd>
tromp: most everything is stored in a tamper evident fashion in a secret location
<petertodd>
tromp: yes
<petertodd>
tromp: er, actually, not yet published; need to make a github repo public
<petertodd>
tromp: but they're committed via a tweet I made after the ceremony
<tromp_>
ok; so ppl can at least convince themselves that what you wrote on your dvd's is what's actually part of the publick key
<petertodd>
yes, and also we can audit the dvds to see if there were any compromises done via the dvd communication mechanism (subject to the caveat that dvd's are complex things and not necessarily write-once)
<tromp_>
have the other 5 participants published anything about their particpation yet?
<tromp_>
your is the first i see
<tromp_>
yours
<petertodd>
tromp: I'm aware of one other writeup, but I'm not sure if the author meant to make it public yet