Hmmm. That's not the reason we changed it. We just got tired of tweaking things to prevent ASICs.

I'll add that there was such a large influx of miners at the outset, that (statistically) it seems any crippling of the original algorithm was fairly futile - the edge was both short-lived and minimally impactful. We're over a decade later, and nobody mining in the first month (even with that unfair advantage) was able to gain any meaningful percentage of Monero's emission.

I'll add that RandomX has proven that it is indeed possible to create a GPU and ASIC-resistant PoW algorithm. I'd encourage you to dig in further - the closest to an "ASIC" is a multi-CPU miner (Bitmain X9) with a bunch of RISC-V CPUs in it.

RandomX is designed so that if you design a RandomX ASIC then you've designed a CPU. It writes and then executes random programs. To minimize the possible efficiency gains from matching the instruction set architecture, the same program is executed several thousand times, reducing the relative overhead of translating it to a different ISA.

There was a proposal on Ethereum that didn't succeed (progpow) since they were already in the late stage of transitionning to PoS. Ethereum did quite a good job at keeping asic advantage moderate (the speedup was 100% max - not orders of magnitude). RandomX is basically progpow that succeeded. You might be interested in Chia's Proof of Space and Time... and how it collapsed!

I partially heat my home by running the default Monero client on old Xeons (heat ejects near my desktoes). As I only mine when it's cold outside (otherwise using resistive heating), there is no actual net electricity cost. IMHO it's not "worth it" for an individual to buy equipment specifically to mine crypto... but if you already have an old machine AND you heat without a heatpump, it's a free hobby/heater.

----

To anybody else that is syncing a fresh monero blockchain copy (i.e. installing the official client), I recommend using the custom node flag ` --db-sync-mode safe ` — which is slower but corruption-avoiding — before node's initial bootup. Without safemode, any halt of the client will [most likely] corrupt the local blockchain (losing days of DL/verification).

Also, if you use an SSD for storing any blockchain (as recommended by monero team... but not by me), know that its lifespan will be greatly reduced from the constant IO/access. Personally, I recommend safemode (see above) on a 7200RPM spinner (HDDs effectively don't wear during IO/access).

----

What are your thoughts on running xmrig vs. the default getmonero.org client? Would you in general agree that monero remains ASIC-resistant?

This was a super interesting read, and it highlights exactly the strength of cryptocurrencies. They turn game theory in their favor, so egoistic players (I don't mean this in an offensive tone) contribute to making it stronger and safer for everyone else.

Thank you for sharing!

They had to design a specialized verification function, which I imagine would be the easy way to break it.

The brilliant part of Bitcoin is that it uses very widely known crypto primitives - verification is the same as getting the right seed (you just happen to be told what the right seed is, rather than having to pay for it to be discovered).