News
ECIP-1049: Change the ETC Proof of Work Algorithm to Keccak256
What is an ECIP?
ECIP: 1049
Title: Change the ETC Proof of Work Algorithm to Keccak256
Status: Draft
Type: Meta
Author: Alexander Tsankov ([email protected])
Created: 2019-01-08
Abstract
A proposal to replace the current Ethereum Classic proof of work algorithm with Keccak-256.
Motivation
A response to the recent double-spend attacks against Ethereum Classic. Most of this hashpower was rented or came from other chains, specfically Ethereum (ETH). A seperate proof of work algorithm would encourage the development of a specialized Ethereum Classic mining community, and blunt the ability for attackers to purchase mercenary hash power on the open-market.
As a secondary benefit, deployed smart contracts and dapps running on chain are currently able to use keccak256() in their code. This ECIP could open the possibility of smart contracts being able to evaluate chain state, and simplify second layer (L2) development.
Specification
Reason 1: Similarity to Bitcoin
The Bitcoin network currently uses the CPU-intensive SHA256 Algorithm to evaluate blocks. When Ethereum was deployed it used a different algorithm, Dagger-Hashimoto, which eventually became Ethash on 1.0 launch. Dagger-Hashimoto was explicitly designed to be memory-intensive with the goal of ASIC resistance [1]. It has been provably unsuccessful at this goal, with Ethash ASICs currently easily availalble on the market.
A CPU-intensive algorithm like Keccak256 would allow both the uniquness of a fresh PoW algorithm that has not had ASICs developed against it, while at the same time allowing for organic optimization of a dedicated and financially commited miner base, much the way Bitcoin did with its own SHA256 algorithm.
If Ethereum Classic is to succeed as a project, we need to take what we have learned from Bitcoin and move towards CPU-hard PoW algorithms.
At first, most users would run network nodes, but as the network grows beyond a certain point, it would be left more and more to specialists with server farms of specialized hardware. - Satoshi Nakamoto (2008-11-03) [2]
Note: Please consider this is from 2008, and the Bitcoin community at that time did not differentiate between node operators and miners. I interpret "network nodes" in this quote to refer to miners, and "server farms of specialized hardware" to refer to mining farms.
Reason 2: Value to Smart Contract Developers
In Solidity, developers have access to the keccak256() function, which allows a smart contract to efficiently calculate the hash of a given input. This has been used in a number of interesting projects launched on both Ethereum and Ethereum-Classic. Most Specifcally a project called 0xBitcoin [3] - which the ERC-918 spec was based on.
0xBitcoin is a security-audited [4] dapp that allows users to submit a proof of work hash directly to a smart contract running on the Ethereum blockchain. If the sent hash matches the given requirements, a token reward is trustlessly dispensed to the sender, along with the contract reevaulating difficulty parameters. This project has run successfully for over 10 months, and has minted over 3 million tokens [5].
With the direction that Ethereum Classic is taking: a focus on Layer-2 solutions and cross-chain compatability; being able to evaluate proof of work on chain, will be tremendously valuable to developers of both smart-contracts and node software writers. This could greatly simplify interoperability.
Implementation
Work in Progress:
Example of a Smart contract hashing being able to trustlessly Keccak hash a hypothetical block header.
References:
https://github.com/ethereum/wiki/wiki/Dagger-Hashimoto#introduction
https://satoshi.nakamotoinstitute.org/emails/cryptography/2/
https://github.com/0xbitcoin/white-paper
EthereumCommonwealth/Auditing#102
https://etherscan.io/address/0xb6ed7644c69416d67b522e20bc294a9a9b405b31