How Monero’s proof of work works
blog.alcazarsec.com277 points by alcazar 17 hours ago
277 points by alcazar 17 hours ago
If folks are interested in the old Monero PoW function (and, uh, the reason they changed it), I wrote up a thing about it a long time ago:
https://da-data.blogspot.com/2014/08/minting-money-with-mone...
The history of people trying to design GPU or ASIC-resistant proof-of-work functions is long and mostly unsuccessful. I haven't looked into RandomX; it's possible they've succeeded here (or possible that with the alt-coin market mining profitability tanking after Ethereum moved to proof-of-stake, it just wasn't worth it).
Hmmm. That's not the reason we changed it. We just got tired of tweaking things to prevent ASICs.
I'll add that there was such a large influx of miners at the outset, that (statistically) it seems any crippling of the original algorithm was fairly futile - the edge was both short-lived and minimally impactful. We're over a decade later, and nobody mining in the first month (even with that unfair advantage) was able to gain any meaningful percentage of Monero's emission.
I'll add that RandomX has proven that it is indeed possible to create a GPU and ASIC-resistant PoW algorithm. I'd encourage you to dig in further - the closest to an "ASIC" is a multi-CPU miner (Bitmain X9) with a bunch of RISC-V CPUs in it.
Sorry, I was not quite saying my fun was the reason, but that the failure to create something GPU/ASIC resilient was the more general underlying cause.
But be careful about "proven" in that last sentence - the absence of a solution isn't exactly proof, it's more of a proof that _either_ it is possible to create an ASIC-resistant algo _or_ it has not been worthwhile to ASIC-ify it given the economics of mining XMR and the research & NRE required to do so. I haven't the foggiest which of those two it is, mind you, just that there are a few remaining valid explanations.
It's a proof that something is possible to show one example.
In this case the claim was ASIC-resistant PoW is possible, and the proof has been the historical behavior of miners after years of RandomX. Nobody said it would be eternally or entirely resistant to optimizations...
You are twisting words beyon any coherent meaning.
> It's a proof that something is possible to show one example.
Agreed.
> the proof has been the historical behavior of miners after years of RandomX.
> Nobody said it would be eternally or entirely resistant to optimizations...
These are contradictory statements. If historical behavior was a proof, then it would be eternally and entirely resistant.
The limit we set at the beginning was "no one can design a custom device for RandomX with more than a 2:1 efficiency advantage over general purpose CPUs". That is and will forever remain true.
In reality, no one has been able to build any device for RandomX that isn't actually a CPU. The closest thing to a "mining ASIC" is just a bunch of RISC-V cores.
RandomX is designed so that if you design a RandomX ASIC then you've designed a CPU. It writes and then executes random programs. To minimize the possible efficiency gains from matching the instruction set architecture, the same program is executed several thousand times, reducing the relative overhead of translating it to a different ISA.
I partially heat my home by running the default Monero client on old Xeons (heat ejects near my desktoes). As I only mine when it's cold outside (otherwise using resistive heating), there is no actual net electricity cost. IMHO it's not "worth it" for an individual to buy equipment specifically to mine crypto... but if you already have an old machine AND you heat without a heatpump, it's a free hobby/heater.
----
To anybody else that is syncing a fresh monero blockchain copy (i.e. installing the official client), I recommend using the custom node flag ` --db-sync-mode safe ` — which is slower but corruption-avoiding — before node's initial bootup. Without safemode, any halt of the client will [most likely] corrupt the local blockchain (losing days of DL/verification).
Also, if you use an SSD for storing any blockchain (as recommended by monero team... but not by me), know that its lifespan will be greatly reduced from the constant IO/access. Personally, I recommend safemode (see above) on a 7200RPM spinner (HDDs effectively don't wear during IO/access).
----
What are your thoughts on running xmrig vs. the default getmonero.org client? Would you in general agree that monero remains ASIC-resistant?
A heat pump would arguably be more efficient for society (can provide 4x heat for 1x energy), but if you make enough money on the mined monero I guess it might be rational.
Would be curious if the marginal savings from a heat pump would allow you to buy more monero than you mine with this energy.
The only heatpumps in my house are airconditioner[†] and waterheater (mild winter climate doesn't justify replacing HVAC — but if/when it dies, I'll put in a modern minisplit) [ƒ].
[†] It's an older model, without reversing valve (circa early-2000s).
[ƒ] ...and refrigerator (thanks /u/twic)
----
>if the marginal savings from a heat pump would allow you to buy more monero than you mine with this energy.
In a colder climate, DEFINITELY (to a point: see /u/nerdsniper's great point, below).
----
I replaced a 300W "toe heater" with this rig; by directing heat to only wear its needed (i.e. muh'toes), I can heat the entire house less (whether resistive or heatpump).
> In a colder climate, DEFINITELY.
Actually, I suspect heating-by-monero-mining is more likely to economically beat heat pumps only in the very coldest climates. Heat pump efficiency goes down when the temperature delta between inside and outside is very large. Below 0F or so, it's quite difficult to find heat pumps that will work sufficiently well, and generally they transition to resistive heating.
Caveat: I'm only talking about marginal advantage, ignoring the capital costs of the Xeon servers or the heat pump itself.
For hobbyists such as myself, the capital cost of already-owned (and obsolete) Xeons are infinitely less than replacing an otherwise-functional (albeit cooling-only) AC in a sub-tropical rainforest climate (like mine), which only has a few weeks of annual frost (snow "sticks" once every decade).
As far as placement of the machine: underneath your computer desk is ideal, as this directed heating allows you to keep the house's thermostat a few degrees cooler.
----
If anybody were to ask me "what would you BUY to mine monero@home," I would definitely tell them to [instead] buy a heatpump-heater, -watertank, -&c (presuming they don't have each, already).
Just use a Linux laptop with a working battery so you never have to worry about power outages or other system crashes. In that case, you don't need safe sync mode, and you don't have to kill your SSD.
Working battery ≠= avoiding system crashes | my local node has a UPS, and still Monero's client is dicey (Mac & Linux distros).
Particularly on its initial sync, Monero's daemon is flakeyAF.
If you (e.g.) don't allow `sync in background` (why is this not the default behavior?!), the official Monero client is notorious for locking up on wakeup. Once you kill the process, your local blockchain is [most likely] unusable.
Another reason to use safe-sync is (e.g.) if your system (Linux or whatnot) decides to update/restart during the several days it takes to sync-initially.
----
Just out of curiosity, why do you abuse an SSD so (safe-mode, or not)?
For SSD-diehards, I'd recomment getting a very large size because this'll last longer, presuming the drive self-levels.
> Once you kill the process, your local blockchain is [most likely] unusable.
Totally false. LMDB is perfectly crash-proof in that scenario and killing the process never damages the DB. The only thing that's not guaranteed is turning off syncs, in the face of an OS crash/power outage.
If you don't sync, you're not abusing the SSD. If you run on Windows, the OS is too unstable to use without safe sync mode though.
>Totally false.
This is a well-documented failstate. Usually results in "unable to connect to 127.0.0.1:18081" errorlog, which is most-commonly due to a corrupt database/blockchain (from hardstop/kill).
In order of crashout likelihood: Windows >> MacOS > Linux
>If you don't sync, you're not abusing the SSD.
If you don't sync then you're not (cannot be) a fullnode / network verifyer / ringsigner.
----
>LMDB is perfectly crash-proof
It is my understanding that once your initial-sync has completed, the default monero node behavior is to then automatically enter the --safe flag (I described above).
This may be old behavior... I go way back (years beyond a decade). My only modern use in xmrworld is as a personal foot-heating ATM.
> If you don't sync then you're not (cannot be) a fullnode / network verifyer / ringsigner.
I was talking about database sync, not blockchain sync. You don't need to use safe sync mode if you don't have to worry about machine crashes. And just killing the process will never corrupt the blockchain DB.
> This may be old behavior... I go way back
On this particular point, I go way back further than you.
There was a proposal on Ethereum that didn't succeed (progpow) since they were already in the late stage of transitionning to PoS. Ethereum did quite a good job at keeping asic advantage moderate (the speedup was 100% max - not orders of magnitude). RandomX is basically progpow that succeeded. You might be interested in Chia's Proof of Space and Time... and how it collapsed!
> You might be interested in Chia's Proof of Space and Time... and how it collapsed!
Because it was written by Bram Cohen, I'd be interested in reading two or three sentences about how it collapsed.
Because it's a blockchain-based cryptocurrency, feel free to stop writing after three or four sentences.
ProgPow was ridiculously simple and would never have accomplished its goal. I covered it briefly in my Monerokon talk as well.
I don't know if PoW based approaches make much sense in the modern environment, anyhow -even very clever ones that provide ASIC resistance. Ethereum has been doing real proof of stake (and not delegated proof of stake which is both easier and terrible from a system safety perspective) for quite a while and it's seemingly cheap, effective, and robust.
PoW is useful in far more situations than PoS. A derivative of RandomX is now used to protect TOR too (Equi-X). https://github.com/tevador/equix/blob/master/devlog.md
Yes I suppose it's difficult to stake something of value when the system you're securing is not stapled to a currency.
This was a super interesting read, and it highlights exactly the strength of cryptocurrencies. They turn game theory in their favor, so egoistic players (I don't mean this in an offensive tone) contribute to making it stronger and safer for everyone else.
Thank you for sharing!
They kinda do - I'll admit honestly that the final game I played in the cryptocurrency space I played solely to profit. (It was a minor, uh, **coin that didn't have a lot of redeeming value to start with). Though it turns out the incentives remained somewhat aligned: I ended up providing the developer with some security bug fixes to make sure someone couldn't mess with the cash cow. :)
(To be clear: We were just optimizing mining; in the process of looking for ways to mine it faster, I found some security bugs and fixed them. We weren't exploiting the bugs, that crosses a line for me.)
Monero has used Random X for 7 years
Why even mention that era? Your fascinating by that time was shorter than its post Random X lifecycle
They had to design a specialized verification function, which I imagine would be the easy way to break it.
The brilliant part of Bitcoin is that it uses very widely known crypto primitives - verification is the same as getting the right seed (you just happen to be told what the right seed is, rather than having to pay for it to be discovered).
You must be on drugs. There is no separate specialized verification function. It's the same algorithm for verification as for mining.
Correct; both Bitcoin and Monero use Hashcash as PoW, only differing in the choice of hash function. Verification is only different from a solution attempt in asymmetric (i.e. non-Hashcash) PoW, such as Cuckoo Cycle or (the poorly named) Equihash.
As PoW goes, this is cool.
One thing I didn't understand though is Light mode:
> Fast mode is for mining. Light mode is for verification. The reference README says
The post only describes Fast mode, right?
Presumably verification is done by miners who already have the memory set up so Fast mode would be faster for them.
Verification is still relatively fast because you don't have to try gazillions of nonces so who is Light mode necessary and how does it work?
Light mode is used mostly by the monerod, validating incoming blocks. But on a machine with sufficient free RAM, monerod can also be set to use Fast mode instead.
The post described both modes. The only difference is that Fast mode processes the cache to generate the full 2.1GB dataset, so subsequent programs can just reference it as needed. Light mode uses only the 256MB cache and generates the required dataset values individually, on each access. That saves RAM but costs more CPU time.
In terms of software that genuinely fascinates me Monero would have to be up there (along with Postgres, ZFS and OpenBSD). It's in my opinion one of the only (but probably the only) cryptos that has actually held true in terms of its principles of privacy (which was a perceived principle of crypto by users) and mass ability to mine and not be dominated by ASICs.
I've since taken to running a non-public Monero node, which will become public when I can ensure my network security as it's being run from my home.
In saying that, there is a lot of concern around the new Carrot changes. To preface, I don't understand it enough to have an opinion either way, but a good chunk of the vocal user base seems to be worried that making “optional” view keys show both incoming and outgoing transactions will force the hand of the remaining exchanges, and be a condition of adoption of new exchanges to support Monero.
I haven't really seen a dumbed down explanation from the core Monero team as to exactly what the change looks like, and what the theoretical implications could be. It would be nice if Monero had more accessible PR for non-technical users to encourage adoption and squash FUD when it arises or at least acknowledge it from a top level in a blog post or something so that the already hyper-paranoid user base doesn't unnecessarily drive a mass anti-Monero campaign.
>held true in terms of its principles of privacy (which was a perceived principle of crypto by users)
Crypto wasnt so much straight up privacy, but like high information / low revelation. The idea was to create an economic system where you the individual could have relative anonymity while being able to go online and audit the bank in detail. Not a criticism of you enjoying monero I just think this got lost somewhere.
I think Ethereum is probably going to strike the closest balance eventually, but it depends on a lot of factors.
I walked through the design at Monerokon in 2019 here https://www.youtube.com/watch?v=4Hkd-n1W_e4
I never quite understand this stuff, maybe someone can help.
Are cryptocurrencies supposed to be a potential replacement for real life cash? This was my understanding of the motivation behind Bitcoin, at least.
If so, why does it make sense that people can "generate" cash by proving some amount of work done? This of course cannot be done with normal cash.
Is the main functionality of these cryptocurrencies supposed to be "people can send currency to each other", or "people generate currency -- a number -- and sell this currency for real life money"?
Before a new currency exists, it doesn't exist. Someone has to mint it. It has to be inflated into existence, in the monetary sense. How is this done?
For a state or central bank the answer is obvious: The state or bank itself prints it.
For a private actor the technical means is perhaps less obvious, but the actor behind the currency obviously gets to decide.
For a decentralized open source project, it is less clear. You could do it so every node in the system gets a piece of every newly printed unit of currency, but if it is free to run a node everyone could just run a billion nodes and take all the currency for themselves.
Bitcoin solved the problem with Proof of Work, which is elegant because both the double spend problem and the minting problem is solved together. Every node has to prove it has run a unit of useless computation and inflation is spread evenly across worker nodes. This led to a split between nodes and miners with the use of specialized hardware, but the basic premise still holds.
Crypocurrencies in general are very different. Ethereum, the second most popular, was created by a private actor and the that actor decided to print 72 M for themselves and promptly sold 80+% before the release of the software which gave rise to the term ICO which was very trendy for several years. After the initial release inflation continued according to the miner model.
> Are cryptocurrencies supposed to be a potential replacement for real life cash?
They are supposed to be a medium of exchange. “Real life cash” is one of many forms of money; even for any particularly currency, like dollars, a very small fraction of use is “real life cash”. But, yes, in the most extreme visions, cryptocurrencies replace other currencies for all uses. More moderate visions, however, exist. So, as always when you use “supposed”, the answer is undefined without qualifying it as to by whom it is supposed.
> If so, why does it make sense that people can "generate" cash by proving some amount of work done?
Because there needs to be some mechanism to provide the currency supply, and also some incentive for people to provide the infrastructure on which the currency system relies. For fiat money systems the first is typical policy making in a central bank, and the second is government action to control competition in the banking space and to support banks, reinforcing the profitability of banks. Mining serves both of those functions in a cryptocurrency system (both reinforcing the profitability of transaction network participants and providing the mechanism by which currency supply is managed.)
> Is the main functionality of these cryptocurrencies supposed to be "people can send currency to each other", or "people generate currency -- a number -- and sell this currency for real life money"?
Participants in a currency system selling it for other currencies (FOREX) is a feature of every currency system in a world with more than one currency. Again, the degree to which each of those is “supposed” to be the main function depends on exactly whose supposition you are looking at it.
> More moderate visions, however, exist. So, as always when you use “supposed”, the answer is undefined without qualifying it as to by whom it is supposed.
And in some cases, which mutually-inconsistent argument the same entities are making. For example, when the thing's a dollar-replacing currency at the start of the interview, and can't-miss investment commodity by the end of it.
One of the weird things about our world is that money is central to everything, but it’s hard to understand how it works. There’s a great deal of handwaving around how, for example, dollars are created, much of which is, in fact, not correct at all (most dollars are created not by the government, or even the Federal Reserve, but by private banks, via a mechanism which I will not pretend to fully understand).
The big flaw of Bitcoin, to my mind, is that it is an inherently deflationary currency. Deflation is one of those things that seems great on the surface: prices go down, not up, but when that happens it ends up creating an economic incentive to avoid spending since why buy something today if it will be cheaper tomorrow, and this ends up causing economic activity to slow down or stop entirely. A small amount of inflation, on the other hand creates an incentive to either spend money or invest it in something that will provide a better than inflation return, whether that’s putting it in a high-yield savings vehicle or making capital or financial investments. With deflation, you can just leave your funds in cash (where they will not provoke any economic growth) and get a return.
> most dollars are created not by the government, or even the Federal Reserve, but by private banks, via a mechanism which I will not pretend to fully understand
Fractional reserve banking. Basically, bankers start getting very anxious when they see the masses of people depositing mountains of cash into them. They look at the cash hoard they have suddenly amassed and think, we can't just leave this pile of cash here doing nothing, we have to efficiently allocate all of this capital. So they lend it out to people who need cash, charge interest and pay account holders their yields.
Deposit $100. Bank loans out $90, and $10 sits in its reserves. Your account still says $100, even though the bank is now leveraged against loans to third parties. Guy who took the $90 loan pays some bills, and that $90 ends up deposited right back into the same bank. So it keeps $9 and loans out $81. There is now $100 + $90 + $81 in circulation, but only that $100 is real money, the rest are all made up. They only become real when loans are repaid. So, the $81 gets spent, deposited back into the bank, and so on, and so forth, expanding the money supply like a fractal until the amounts become too infinitesimal to track. Thus $1,000 easily becomes $100,000 literally overnight. Government could run its presses 24/7 and it would not be able to outcompete the banks when it comes to inflating the money supply.
Banks are the financial call stacks of society. Better hope there aren't any exceptions (defaults), or the whole thing unwinds and comes crashing down.
It's like a society wide financial version of ISP oversubscription. The assumption is nobody is going to stress test the system by saturating the link 24/7. Everything breaks the second the invariants are violated. Banks similarly assume that not everybody will need all of their dollars immediately, which lets them "efficiently allocate" all of those dollars. Entire government systems exist just to bail out the banks where this assumption fails to be load bearing.
Allen Farrington makes a solid case in this essay [1] about deflation being the more effective mode of economy.
I thought private banks create money the moment they take out a credit from the central bank. The central bank's job is to set the interest rate for those loans, et viola.
That's one method, but consider what happens when someone deposits a million dollars at a bank. This million dollars can be lent out to another person as a mortgage, and guess where that person accepts that money? That's right, a bank. That same 1 million dollars could be lent out to 10 different people, expanding the supply of money many times over. The only limit to this are the capitalisation ratios legislated and enforced by government (the bank must retain some % of total outstanding liabilities as capital it can move immediately). There are a few other ways I understand (and probably many more I dont) that the monetary supply can be expanded via, but that is the simplest one to conceptualise.
I’d argue that this is more of a feature than a bug.
The assumption behind the “deflation is bad” argument is that spending itself is the goal. But spending is not automatically good. Productive spending and productive investment are good. Wasteful consumption, speculation, and forced risk-taking are not.
If money holds its value, people become more selective. They still buy food, housing, tools, entertainment, experiences, and things they genuinely want. Humans have needs, preferences, status impulses, advertising pressure, and finite lives. Demand does not disappear just because money is sound. What disappears is some of the artificial urgency to spend before your cash loses value.
The more important point is investment. In an inflationary system, holding money is punished, so everyone is pushed out onto the risk curve. You are not only investing because an opportunity is great; you are investing because the currency is being diluted and you need to escape it. That distorts the real cost of capital and makes mediocre investments look better than they are in nominal terms.
With harder money, investment has to beat the return of simply holding the money. That is a healthy hurdle rate. Capital should have to prove that it creates real value. If an investment only makes sense because the denominator is being debased, or because everyone is forced into assets to avoid inflation, then maybe that investment was not as productive as it looked.
This also matters for inequality. Inflation does not hit everyone equally. People with capital can protect themselves by owning stocks, real estate, ETFs, businesses, and other assets. They can diversify, borrow against assets, and ride asset inflation. Poorer people are more likely to hold wages and cash, so they are the ones whose purchasing power gets diluted first. Then they are told to “just invest,” but they are competing against people who already have capital, better access, better tax treatment, and more room to take risk.
So inflationary money quietly forces the poor to compete with the rich on the rich person’s playing field: asset ownership. A broad ETF may look like a safe wealth-preservation tool for someone with money, but for someone living paycheck to paycheck, the need to buy risk assets just to avoid being diluted is itself a problem.
A deflationary or hard-money system would probably reduce some marginal consumption and speculative investing. But that is not obviously bad. It may mean fewer bad investments, less artificial asset inflation, and more pressure for capital to flow only into things that genuinely outperform money itself. It would also be much more sustainable, not just economically but materially: if money no longer pressures everyone to consume and invest constantly just to outrun debasement, there is less incentive to waste real-world resources on unnecessary production, overconsumption, and short-lived goods.
The fear is that nobody would spend. But people do not stop buying things just because they expect their money to hold value. They stop buying things that are not worth giving up good money for. That sounds like discipline, not economic failure.
In a deflationary system, rich people just hold money, and earn more in interest from holding the money, than everyone else earns combined. They use that interest to buy things from the poor while not producing or investing themselves. Poor people realize if they switch currencies they can have more things because they don't have to give a percentage of everything to the rich. This makes the system unstable.
Bitcoin might be approaching it.
Spending shouldn't be the goal, but exchange of goods and services should be. Representation of real value should be a goal. If you can receive real goods and services as a consequence of holding numbers on a spreadsheet, instead of a consequence of providing real goods and services yourself, the economy has a problem. Maybe a system with zero inflation or very slight deflation can be stable, but the extreme deflation seen in Bitcoin is destabilising.
This still does not work.
“Holding money and earning interest from holding it” is a category error. Holding Bitcoin pays zero yield. No coupon, no dividend, no debtor, no tax stream, and no mechanism by which poor people pay holders a percentage. If someone earns interest, they are not merely holding money; they are lending it, which means they are taking risk and providing capital.
The “numbers on a spreadsheet” objection is also just an objection to money itself. Money exists so someone can produce value today, save the claim, and exchange it later for real goods and services. That is not a bug. That is saving.
A non-inflationary currency is actually a better representation of real value, because the unit is not constantly being diluted. Inflationary money lets nominal wealth rise even when no real value was created. Hard money makes the test harsher: did you actually create value, or did the measuring stick just get worse?
And no, people would not “just sit on Bitcoin.” People still eat, rent, travel, build, compete, seek status, start companies, buy homes, and take risks to outperform others. The only thing that changes is the hurdle rate: an investment has to be better than simply holding money. That is not economic failure. That is discipline.
The fair criticism of Bitcoin is volatility and unequal distribution, not this imaginary mechanism where holders magically receive interest from the poor by owning spreadsheet entries. That mechanism does not exist.
EDIT: The rich/poor angle is almost backwards. In an inflationary system, holding money is a guaranteed loss, so ordinary people are forced to become amateur investors just to avoid being debased. Rich people are already positioned for that: they own assets, businesses, real estate, equities, and can borrow cheaply against them.
In a non-inflationary or hard-money system, simply holding money is not a guaranteed losing strategy. You keep your share unless you voluntarily take risk to increase it. That is a very different game. The rich can still get richer, but they have to outperform by allocating capital well, not merely by being closest to the asset-inflation machine.
Same with wages. Under inflation, your employer can cut your real salary without saying anything: they just give you a raise below inflation, or no raise at all. You have to fight constantly just to stay even.
Under hard money, that hidden pay cut is much harder. If prices are falling or money is appreciating, keeping the same nominal salary can mean your real wage rises. To reduce your real compensation, the employer has to make the cut explicit or offset it with benefits. That is a completely different power dynamic.
So no, inflation is not obviously pro-poor. Very often it is a quiet tax on people least able to escape cash and wages.
Real value deteriorates due to entropy. If I harvested some lettuce this week, in a year I don't still have lettuces - I have a pile of stinky mush. Keeping value steady requires a continual input of effort.
I'd accept "leaky currency" as a substitute for inflation. The important thing about inflation is that you have to keep running just to stay in one place - not that the numbers keep going up. Stable prices are nice, I agree on that.
Bitcoin's volatility is caused by its deflationary nature. Monero is inflationary, and much less volatile.
In an inflationary system, normal people are forced to keep earning money. "Becoming amateur investors" is your way to say "keep generating real value". If you want to surpass Elon Musk you have to invest, but that's nothing to do with the inflationary currency. That's because Elon Musk uses deflationary currencies like land and Ponzi currencies like Tesla stock. He just sits on them, and he will get out of the Ponzi ones before the top because he controls them. As they say, bad money drives out good. But you cannot build a stable economy on hyper-volatile gambling.
Monero is disinflationary, not inflationary. The rate of new coin emission is only enough to maintain equilibrium with the rate of coins being lost (due to people losing wallet keys, etc.). So your comment about being forced to keep earning doesn't apply to Monero.
The price is intended to decrease. If people are losing money (causing the price to increase) at the same rate the price decreases that's on them.
This mixes up real depreciation with monetary debasement.
Lettuce rotting is not an argument for money rotting. Perishable goods decay, machines depreciate, buildings need maintenance, and inventories have storage costs. Prices can reflect all of that. The measuring unit does not also need to decay.
Money is not supposed to preserve lettuce. It is supposed to preserve a claim on value across time. If I produce value today and save the proceeds, I should not be forced to lose purchasing power just because the unit of account was designed to leak.
Also, “forced to keep earning money” and “forced to become an investor” are not the same thing. In every system, people have to keep producing if they want to keep consuming. The difference is that under inflation, even after producing and saving, your savings are diluted unless you buy risk assets. That does not necessarily mean “generating real value.” Often it just means bidding up existing assets.
Bitcoin’s volatility is not simply “caused by deflation.” It is caused by uncertain demand, adoption cycles, liquidity, leverage, regulation, speculation, and the fact that it is still monetizing. A fixed supply makes price more sensitive to demand shocks, sure, but that is not the same as saying deflation mechanically causes volatility. Monero’s tail emission is also tiny, under 1% and declining over time, so it is hardly a normal inflationary currency.
And the Elon Musk example basically proves the opposite point. Rich people already escape inflation by holding scarce assets: land, equity, businesses, real estate. Poor people are the ones stuck holding wages and cash. A harder money system does not eliminate inequality, but it at least stops making cash itself a guaranteed melting ice cube.
>In a deflationary system, rich people just hold money, and earn more in interest from holding the money, than everyone else earns combined.
Wrong, in a 'deflationary' system the more a rich person holds money in proportion to the total money the less interest they are likely to extract/get. If they hold all the money interest they will be effectively get/extract will be zero.
> But spending is not automatically good. Productive spending and productive investment are good. Wasteful consumption, speculation, and forced risk-taking are not. That is indeed a great distinction that you have pointed out.
I think it's good to remember neither saving nor spending is the goal. The goal is productive real activity. Money is a means to get there.
Yes, Bitcoin is a replacement for central banking currencies. Its the first few lines of the white paper.
This is how money works. If you use a medium of exchange and unit of account for goods and services then that medium must increase at the same rate as the increase in goods and services otherwise you get second and third order effects such as inflation, contraction, rising unemployment, etc., directly impacting its ability to act as a unit of account.
In Bitcoin you don't generate cash, you earn block rewards for acting as a consensus broker which otherwise would require a central banking settlement layer. This activity, tied directly to the transaction layer, acts to maintain the equilibrium between increases in goods and services and expansion of the money supply.
Wall Street got ahold of it and now Bitcoin is primarily acting as a Store of Value for the purpose of speculative investments. Driven primarily by the fear of missing out and market manipulation since Bitcoin is heavily centralized.
> In Bitcoin you don't generate cash, you earn block rewards for acting as a consensus broker which otherwise would require a central banking settlement layer. This activity, tied directly to the transaction layer, acts to maintain the equilibrium between increases in goods and services and expansion of the money supply.
Block rewards have no connection to transaction volume or economic activity, the protocol is designed such that bitcoin supply increases at a predictable (and diminishing) rate. Bitcoin is deflationary by design, which is one of the major issues that stopped it from becoming anything other than a speculative store of value.
Yes, they absolutely do. That's what dictates difficulty. It is not deflationary, deflation is not the same as supply constraint. Deflation is a reduction in price level, constraining supply is precisely how it moderates the equilibrium of value which is why it is a threat to existing monetary control.
The bitcoin price level reduces as an effect of bitcoin's design, therefore it's a deflationary design.
Well, for now. Obviously it can't reduce forever, and it will eventually slam back up to infinity (bitcoin will collapse) when no normal person feels like it's worth getting any because so much of it is already owned by wealthy people. Until that happens we're surfing the Ponzi wave. Inflationary designs are way more stable.
> Wall Street got ahold of it and now Bitcoin is primarily acting as a Store of Value for the purpose of speculative investments
Insomuch as beanie babies are a store of value. Speculative assets only have value as long as there are more greater fools to buy in. When you've exhausted the supply of greater fools, there is no more reason to buy the speculative asset because its price won't go up, so it will fall to its intrinsic value, which is the worth of a normal stuffie for a beanie baby (roughly $5) or the worth of a number stored on other people's disks for a Bitcoin (roughly $0), which is the value ultimately stored. Wall Street is only involved in Bitcoin to facilitate trade between fools because we have collectively done a poor job of regulating this madness, allowing so many fools to eventually lose their money to a distributed Ponzi scheme and sanctioned countries.
Roughly the same argument could be applied to gold, and yet it has been used as a value store for ages.
Can't say I like crypto, but I think better arguments can be made against it.
Gold has a use value.
90% percent of gold is used in jewelry or bars so use value isn't that much unless price is prohibiting use cases.
Jewellery is a use for gold, people like it because it is pretty and shiny and easily worked not just because it is rare.
The artificial scarcity and lack of actual use of bitcoin really isn’t the same.
So do beanie babies. Might be less than gold, but that's why I'm calling this argument flawed.
The second part is that despite these disclaimers, I don't think gold has, in modern history, or will in our lifetimes, reach a price reflecting just the use/intrinsic value. The reasons being twofold: the storage of value IS a use itself; and importantly, which applies to Bitcoin and others, there are always people that will be willing to buy the dip, which is how the requested new generation of "fools" comes from.
1 Trillion of market cap can stay wrong longer than some random loud mouth on the internet can stay right about why everybody else is wrong. There is no 'intrinsic' value to most bits of information written on paper or disks, by some definition.
You can't send a Beanie Baby to someone on the other side of the planet instantly.
> If so, why does it make sense that people can "generate" cash by proving some amount of work done?
Think of it this way: If you pay with physical cash, there are people somewhere who do the work of digging ore out of the ground, smelting it, shaping it into coins, cutting and printing paper and so on. All these people do that, because they get paid in the same currency that they themselves have minted.
It turns out that nobody has yet found a way to create a digital decentralized currency that that works without incorporating a similar concept of incentivizing the creation of currency.
ETH is trying right now with proof of ownership.
Which automatically makes in possibly centralized (you can never ever guarantee that not a single entity - or group of colluding entities - hold the majority stake and thus excert control).
The same is true for PoW, though. You can never guarantee that a single entity or a group of colluding entities will not gain control of most of 50+% of the compute power required. If the compute hardware is useful for other purposes than mining your particular coin, the risk is in fact greater - someone could build or buy up this compute power, destroy the currency, and then use the assets for other purposes, recouping some of their investment. With PoS, at least this much is not possible - anyone who would want to destroy the currency would lose their whole investment.
There is some information on energy usage (production and consumption). There is not much information on crypto ownership besides private keys
There are mechanism in place to prevent attacks, that require more than 51% control of staked ETH. The team behind ETH probably stayed on PoW for a long time to build the market cap such as to make attacks unlikely by the sheer amount of capital required.
Isn't the point of Proof of Stakes that you hold some amount of coin to exert that control. If someone or some group get majority stake, doing anything nefarious would result in crashing the coin value, and thus nuke their own coin value?
Yes, but thinking this is a safeguard presumes the exchange value of the coin must outweigh any other concerns the actor has.
Yes, but they can make it up with some other gain in value. For example if you're a US state agency tasked to destroy the Chinese economy, you might overall benefit from buying a ridiculous amount of Chinese money and then setting it on fire, if it means everyone else's Chinese money catches fire too.
Bitcoin was designed to be a replacement for real life cash, but it ultimately failed in this role. Nonetheless it was a great experiment that essentially invented the industry.
Most cryptocurrencies, if we go only by their number, are designed to make their creators rich and moderately succeed at that. This is your ERC20s, pump dot fun, et cetera.
If we only consider ones that have any serious chance of being usable as actual currencies, these days they're usually designed to run arbitrary money-like programs known as "smart contracts", of which traditional money is just one.
Money can't be sent until it's generated, that's the same whether you're talking bitcoin or dollars. There's always a rule for who gets the new money when it's created, and somehow the rule always ends up being "rich people get the new money". Dollars go to politicians and big bankers, bitcoins go to big compute farms, ethers go to big bankers, monero goes to big compute farms. The aforementioned get-rich-quick currencies go to their creators, if course.
It's just a mechanism to incentivize mining. The alternative is that miners are paid only via fees, but that risks making it prohibitively expensive to transact. Minting new coins distributes the cost of mining over all holders by inflating the currency a little bit. Fees are still necessary to avoid spamming.
Bitcoin was intended to be funded entirely by transaction fees and the minting was just to jumpstart the currency, which is why the new coin minting rate tends to zero. This was a naïve mistake. Other cryptocurrencies have start high and approach a lower nonzero value.
In a distributed system you still need all the features of the centralised system.
For a currency, that means you still need issuance, and you still need security.
Miners, glossing over a lot of theory, provide security in exchange for receiving issuance. They can be seen like the decentral bank of the crypto world.
You can't "generate cash" for doing some amount of random work. You are getting paid for securing the network and keeping it decentralized, and this payment is done in the native token of the network. It's an incentive mechanism, it's a reward for the people who provide the infrastructure for the network.
They're meant to replace the bank.
Cryptocurrencies allow market participants to communicate value to each other without having to trust other market participants or an institution. Mining verifies transactions and commits them to the public record, earning the miner a fee for their work.
> This of course cannot be done with normal cash.
Normal cash is just printed out from thin air by those who have the power. In that sense (some) cryptocurrencies are better because at least the process is open.
Fiat money is proof of stake, except the failure mode is economic collapse or military collapse.
Is it not printed out of thin air by those that have compute power ?
There are two parts of an answer to this, because your questions are somewhat divergent:
> why does it make sense that people can "generate" cash by proving some amount of work done? This of course cannot be done with normal cash.
People do generate money when they work, in a sense, because money doesn't have value. Money represents value. To really understand that you need to think about what money is and why it was invented in the first place.
Before the invention of money there was only direct exchange; I do/give something for/to you and you do/give something for/to me in return. But what if you want what I have but I don't want what you have? Or what if we want something from each other but are too far apart to make the exchange directly? Well, we find a third participant who can act as a kind of transfer agent. They could, for instance, have something I want that you don't want and also want something from you. They trade with you first so now you have something from them that you don't want that you can then trade to me for the thing you want, and everyone is happy. This extends to arbitrarily many, dozens or hundreds even, of intermediate steps.
Now it should be easy to recognize two things:
1) Everyone needing to store a bunch of stuff they don't actually want just so they can pass it on to the next person can become a huge burden for everyone. And how do you store labor anyway? You can't. You can only store goods.
2) Organizing dozens of intermediate links is an extremely difficult problem to solve just so you can get what I have.
The first one can be solved by exchanging IOU vouchers instead. The holder of the voucher becomes entitled to the thing that hasn't yet been given or done. Storing those vouchers is trivially easy compared to storing the things. And you can just as easily store vouchers for work that hasn't been done yet as you can for goods that haven't been given yet.
The second one can be solved by saying what if people put their vouchers into a central voucher bank instead of passing all their vouchers around to each other directly, and then the central voucher bank organizes all the intermediate steps for people without people needing to figure out who has the vouchers they need to complete the chain.
And then once you're there, why even use specific IOUs at all? Why not have all the vouchers be generic but you get different amounts of them instead of different kinds that you can then use freely for anything? And that's obviously what money is.
And from there a new thing should become obvious: The money itself doesn't have any intrinsic value. The labor/good behind it does. Money is just a way of representing the value of something you did/produced in a form that can be easily traded for other things. It's the medium of exchange, not the product. And when there are fewer vouchers in the system relative to what's being produced, each voucher becomes worth more (deflation), and vice versa (inflation). And then the government literally prints and destroys vouchers as needed to try to keep a balance. That is a thing that happens. And so what if there can be prolonged time delays between you doing your work and you receiving your vouchers under some systems? Time delays are not inherent, just practical for bookkeeping. And when long time delays are not practical for bookkeeping they become shorter.
> Are cryptocurrencies supposed to be a potential replacement for real life cash? This was my understanding of the motivation behind Bitcoin, at least.
Only as an unrealistic pretense in the current climate. The reality is that a currency needs to be both moderately inflationary and also very stable to be useful as a medium of exchange of goods/services. You never want it to be a better financial decision to hold onto currency forever instead of using it, and you also never want people to randomly wake up destitute. And regardless of whether bitcoin is technically inflationary in the near term, it is not practically inflationary, and it's definitely not stable.
> Before the invention of money there was only direct exchange; I do/give something for/to you and you do/give something for/to me in return.
This is ahistoric. Widespread barter is only really takes place in post-currency societies. Pre-currency societies mostly engaged in reputation or "gift" economies. When I have a surplus, I share with peers, with the understanding that they have done and will do the same in the future. It can be tempting to map that social obligation onto currency debt, but reputation doesn't really behave the same way as currency does. It's not linearly combined (giving someone with no bread a loaf of bread is going to provide you much greater than half as much standing with that person than giving them 2 loaves), its transaction costs are much, much lower (you probably wouldn't pay the village idiot, but if you enjoy listening to his tall tales, you probably think fondly enough of him to help him out in a pinch, or share some extra berries you found, or you might value the fact that your neighbor gave a loaf of bread to the guy with none from the earlier example, but it would be weird to pay him for that indirect, incidentally service), and it's barely portable: maybe your kid might benefit somewhat from your prestige in the community, but unless he lives up to it it doesn't matter if you saved the village by single-handily slaying the lion that was picking off children and livestock. Likewise you can't just hop over to the next village and expect people to help you any more than basic hospitality rules demand.
I would say Bitcoin was a good attempt to create digital fiat money but it ultimately failed, both because it's deflationary and because of throughput limits. Monero succeeded a little bit more but will eventually collapse because of storage limits and the impossibility of pruning, and it's banned in most countries because their intelligence agencies can't track it.
> If so, why does it make sense that people can "generate" cash by proving some amount of work done?
Because you need an incentive for 'miners' to participate in transaction processing.
Main functionality is transactions which are not controlled by any single entity (like the government).
Most of it is speculation unfortunately, which gives it a bad name, drowning out real usecases.
So now I'm wondering, why wouldn't they just charge a transaction fee in Monero?
Why mine at all?
If you want to scale up to Mastercard levels.
A transaction fee of what? To take a fee from a transaction there has to be a transaction to take a fee from, which needs some sort of "coin" that came from somewhere. Somebody has to create a money supply and distribute it somehow. When the network first comes into existence, nobody has any money, so where does it come into being from?
Mining is what generates the coins. And you need mining because otherwise you need some other issuing organism. Without decentralized mining you get a central issuer, and that's untrustworthy and possible to shut down.
It is subtle, but PoW mining itself doesn't generate coins. It isn't like someone is digging a hole in the ground and extracting gold.
PoW miners are rewarded for correctly validating transactions, with newly minted coins.
The whole proof of work thing is that you proved that you validated a transaction by expending energy, and the network pays you for that security service.
Miners then need to sell those coins on the open market in order to pay for their capex/opex, which creates the market.
The open question is that if you have a fixed supply of coins that eventually runs out, what will carry the miners?
It'll be increased fees or the network will switch to another solution.
Agreed with your explanation.
I would add a different way to make sense of it.
Proof of work allows for what Keynes called "Bancor". BTC is succesful because unlike fiat central banks, the money supply isn't dictated by interest rates (and thus loans) but by the effort of participants. The price of BTC is almost irrelevant, BTC itself is a paradigm shift.
Regarding the fixed supply, it's only fixed because participants agree to the consensus algorithm that fixes it. Many cryptocurrencies have different tokenomics, such as ETH's rules under PoS. BTC miners could vote onchain for a hard fork to change the 21M cap - or another solution.
The money supply of BTC has a fixed schedule. It has nothing to do with the effort of participants.
Full disclosure, I was a bitcoin, and 5MW litecoin miner, and 150,000 GPU ETH miner, so I was pretty deeply involved in it for many years.
Correct on the rest, but I just want to say that I was intentionally avoiding discussing specific tokens or the politics due to HN's stance on crypto.
I believe transactions are quite optional though? A miner could choose to mine empty blocks if they truly wanted, which transactions to include if any is up to them.
Correct, one can mine empty blocks, but in practice, dumb idea. Most people mine with a pool. The pool decides what goes into a block. Even at scale. The point is that it smoothes out the reward cycle. For ETH, we mined with a pool that dual mined ETH+ZIL, which increased our overall rewards.
> Are cryptocurrencies supposed to be a potential replacement for real life cash? This was my understanding of the motivation behind Bitcoin, at least.
This was the original stated purpose, yes. But this works poorly in practice. Hypothesized frictionless tooling that would make it easy to make purchases with crypto has not emerged.
Nowadays it's held more like a speculative asset with value that comes from scarcity and demand, much like gold (though gold has some industrial application which Bitcoin does not).
[flagged]
It's also couple percent cheaper to send money internationally using bitcoin as the "rails" when compared to e.g. Wise. Even for sending money from classical bank in one country to a classical bank in another country. On bigger amounts you can save quite a lot of money.
yes, Bitcoin was hijacked by the company, Blockstream and they injected the SegWit and RBF attacks to kill it as a currency, Bitcoin Cash still functions as Bitcoin however.
Monero is similar to Bitcoin Cash, a useful replacement for cash in most cases.
segwit is an optimization, not an attack wtf. I'd get it if you said Ethereum Classic, since that fork actually did come from an attack on the protocol that successfully reversed transactions on the main chain, but Bitcoin Cash is not of that nature.
The article skip over the results? Did the design succeeded? Which hardware do miner uses, and is it evenly distributed? Can I mine Monero on potato hardware?
The design has been working perfectly from 2018 till today.
https://old.reddit.com/r/Monero/comments/1h6e4nk/randomx_5_y...
Most miners use AMD Ryzens. Couldn't tell you the actual breakdown of CPU types in use. Apple's M series CPUs are quite efficient at it too. Bitmain now sells a "Monero RandomX Mining ASIC" which is just a bunch of RISC-V cores, seemingly based on Sophon SG2042 SOCs. There's nothing special or more cost-effective about their product.
You can mine on old smartphones quite easily. I use a bunch of old Android TVboxes myself. Their hashrates are nothing to crow about, but their hashes/watt are still competitive with faster CPUs.
There is a RandomX V2 that will be deployed soon. Its main improvement is even cheaper verification cost.
Can someone explain to me why RandomX miners don't just generate programs without branching? I'm a bit confused on why that's not possible
The program is randomly generated and I am guessing that the seed for this is deterministically determined from the current block head (or something similar) making it hard to attack.
It might lead to scenarios where a miner may optimise block generation itself, I guess?
I was more curious about the possibility of generating optimised branchless variants and then running them in parallel on multiple ASICs to ensure you cover every branch and submit all the results and hope you’re fast? Would that be more inefficient than relying on branch prediction and CPUs?
Read a little and turns out Monero requires a chain of programs, each with a Blake hash construction to generate the next one. That makes it very hard to optimise since it adds a layer of “hard to avoid” branching.
And this also makes it hard to generate favorable programs.
It can skip but it has 7 more programs to go and it can only know the program after completing the first one so after first one there is no advantage
Because it's designed to be hard to execute on anything that is not a CPU.
Right, but the program is generated by the miner. So the miner could just generate a program that has no branching, and run it on a GPU.
Each program is guaranteed to have a certain number of certain types of instructions, such as (IIRC) exactly one divide instruction.
Since the programs are randomly generated, there's no guarantee that any particular program always uses some number of any particular instruction. There's only a probability, X/256 instructions will be somesuch operation.
Proof of waste. I wonder for the base price of the currency what the cost of energy and environment are to create it.
Side question: what's the least scammy and complicated way to buy Monero these days?
Buy some other crypto like Litecoin then exchange it for Monero, there are quite a few exchanges around that do it anonymously.
...such as?
I've seen https://kyc.rip but haven't tried it so far.
That's just using Trocador with referral fees.
You could just use Trocador directly and skip the "hackerish" aesthetic and save 2% on fees.
I made a comment about that here (https://news.ycombinator.com/item?id=47858801)
[]
I'm sorry that happened—the banking system sucks. You can just buy Litecoin instead and swap.
Personally, I'm going to look into RetoSwap, but I appreciate Kraken sticking it out keeping it listed. I might not have gotten any Monero if not for Kraken.
RandomX has some interesting use cases beyond Monero
RandomX in Javascript (web mining?)
https://github.com/l1mey112/randomx.js/
Bitcoin with RandomX (agentic cash?)
I had hoped this would describe a system that did not use very large amounts of power. Sadly it does.
How can you have proof of work without consuming large amounts of power?
By having a small daily dollar value (the column "PoW Produced (24h) in [1]). All but the top 15 coins sorted by that column have less than $10k emitted per day in block rewards, which limits the power that miners can spend on competing for it.
That would mean all but the top 15 coins are exploitable for under $10k per day
But the value of a 51% attack is roughly proportional to marketcap, so while they are cheaper to attack, there's less incentive for the attack. The most (relatively) vulnerable coins are those where the daily dollar value is low relative to the market cap.
[flagged]
[dead]
[flagged]
[flagged]
You'll get nothing but up votes here on HN, a lot are still angry they missed the boat.
But solving the problem of how to transfer value trustlessly and anonymously, instantly anywhere in the world is one of the biggest breakthroughs since the Internet.
Amazing how in a few short years kids started growing up with Bitcoin and don't understand how it work or why it exists :(
If it's actually a transformative technology, there's no boat to miss.
But it's still mostly about the speculation, it seems.
It’s an interesting technical problem to solve. But after 15y still has no meaningful benefits for our societies. Other than gambling/speculation/illegal stuff. The transformative cryptocurrency shift didn’t happen
No meaningful benefit? Tell that to the people in emerging economies who now have access to digital US dollars.
Bitso processes 10% of US-MX remittances. 12% of people in Argentina use stablecoins. The shift is happening in real time.
Some people think communication mechanisms shouldn't enforce policy. They don't want their phones automatically disconnecting if they talk to a friend about illegal or immoral things. They don't want their TVs shutting off if they watch stuff that's politically unacceptable. So it follows that they don't want their money throwing an exception if they try spending on an transaction too unsavory for Stripe or your bank.
Free speech is for all the stuff you personally detest and personally choose to avoid. In a free country you hold your nose and allow others to engage in it.
If money is speech, then having a kind of money that doesn't pass through policy gates is an essential component of a free society.
Is that something we want though? Why would it be beneficial to let money be used for anything without restrictions? Society has always relied on interdependence, not complete individual freedom. You have to make the case for it.
Respectfully, I disagree that anyone has to make the case for it. That's exactly what freedom is: if society fails to "make the case" for prohibiting something, it defaults to legal. There's no general law requiring people to be good people, or to have common sense, which would be the same as defaulting to illegal. I presume you wouldn't like that, or the surveillance state that would be required to enforce it.
Complete individual freedom as a concept is not a human right. There has never been a society oriented on it and it is not self evident why it would be beneficial for society as a whole to allow an individual to do whatever they like. If you want the benefits of a society, you must reciprocate; otherwise you can go live in the woods by yourself.
You seem to be earnestly and repeatedly attacking this strawman of "complete individual freedom" as antithetical to society, but I'd prefer that you not conflate it with the position I've taken in this discussion.
Happy to continue discussing if you'd like to reply to what I wrote.
When the USA collapses it could become the new global reserve currency (it won't but it could)
Point is, it's a currency you can use right now independently from the increasingly unstable-looking US dollar.
You could also use euros, yuan, rupees, or Australian dollars but it's really hard to get an account in those currencies if you don't live in those countries. Crypto is much easier to get access to.
We can create various use case scenarios, that‘s what has been done since 2009, but there is no signs that’s something we are moving towards and so far the only use cases that stuck are the ones I mentioned. For a global currency you would need something stable and while the US is declining, in comparison cryptocurrencies (ignoring stablecoins) are a nightmare of instability
We are very far from 2140, the year the last bitcoin will be mined. 15 years is nothing, this is a very long term paradigm shift.
You seem confused. The claim has never been that the paradigm will shift when all bitcoins have been mined. When all bitcoins are mined BTC will be even more deflationary and miners won’t get rewards from mining. But that has nothing to do with bitcoin being useful for society. And it should be pretty obvious that a deflationary currency is a terrible currency. If it is actually useful as a currency in 2140 it is also way more likely that it will be forked to postpone that deadline, but that’s beside the point.
We are 15y in and there is still no trace of a meaningful use case outside of the ones I mentioned. I don’t think it’s a failure of bitcoin itself (it’s a neat proof of concept), I see it more as a complete delusion of people pushing cryptocurrencies
Is 2140 how far we're moving the goal posts now? All these resources burned will totally be worth it in over a hundred years?
No, Bitcoin is absolutely a waste by every measure. It was a prototype that never should have continued after all of its flaws became apparent.
There was a boat to jump on? To gain what?
Uh, billions of dollars? If you bought or mines bitcoin when it was new and sold it today, you're now at least a hundred millionaire.
Well, it seems he wasn't, he's not gonna get upvotes though, HN is startup culture and startup culture is selling dreams until it works or you notice too late you got robbed.
And who's gonna admit that bitcoin is a ponzi scheme when all of their savings are in it? you can't, it would devalue your own money, so you're trapped, you can only further invest in it.
It was mainly the early wall street types that cashed in big. If it was used as suggested by satoshi, then you were using it as spending cash rather than an investment to sit on, in which case you shouldn't have made much money on it.
Don't forget about the pineapple fund : https://en.wikipedia.org/wiki/Pineapple_Fund
Also wall street never considered it seriously until a few years ago.
You would be surprised at how efficient cryptocurrency mining is compared to other ways of storing value. And most improvements happen to reduce the overall cost of securing value (PoS, PoST, etc)
Once you buy gold, you don't have to rely on other people continuing to burn resources indefinitely. You pay upfront for the cost of mining, and that's it.
It's both a waste of compute and it also solves problems. Namely, how to transfer money without the government stopping you.
Having dealt with hackers (not the HN variety unfort) who go to extraordinary lengths to cryptojack pennies, I completely agree. They always use Monero for some reason. In sum, what is this technology good for?
1. Illegality 2. Speculation (i.e., gambling)
So yes, +1. :-(
This talking point is so silly
I can use my compute and energy how I like, whether that’s for AI or crypto or a Minecraft server. You don’t have a right to call one “wasteful” and one not
Legalities aside, You can use compute how you want, that doesn't stop anybody from accurately measuring its usefulness. Given that this is an objective measurement.
I can have a computer on an endless loop without any idling, consuming as much CPU time as it can, I do not know any other classification of this action than wastefulness. crypto mining is useful of course, the end goal of mining is to get crypto, of course, there is no further goal beyond that.
How is it an objective measurement? What is useful and what is not useful? Is Minecraft useful? What does useful mean?
Via comparison of the solutions, we measure objectives and actions performed and the time it requires to do them.
Objectively, Minecraft is a game, an objective of many games is to waste time, therefore this cannot be used as a measurement, but enjoyment is. as a game it fulfills its role. wastefulness could be classified in comparison to other solutions/clones, like minetest. If minetest fulfills exactly the same goals with less action as minecraft, then minecraft is in comparison wasteful.
Another measurement is mining solutions can we achieve the action of mining with less compute? can we not mine at all? does not mining achieve the same goal? if it does, then mining is objectively wasteful.
The objective of crypto is replacing fiat currency, it does not do this, therefore it is wasteful. Of course, this is only true until it does replace it, which is why we must compare, would this cryptocoin scale to the entire world? does it require more work for it to do so? if so then it is wasteful.
Hackernews is completely oblivious to cryptocurrencies. There we major hacks in April involving values 100x bigger than whatever gets upvoted here, and still I saw 0 posts commenting about it.
Just as an example, aave lost 295 million last month due to a hack in another protocol, and nothing was posted here.
is privacy of financial transactions not a valuable problem to be solved in your opinions?
It's great for buying drugs though! (Which is funnily the only actually legitimate usecase)
And sending donations to causes the government doesn't endorse.
A good example was the truck manifestation in Canada a few years ago, they went after all the donors for what was a legitimate protest. Anyone using bank transfers or any crypto that wasn't Monero was persecuted.
Those who used Monero had their privacy assured and zero issues.
I'm not sure that I'd cite being able to donate to terrorists as a legitimate use case. I mean, at the protocol level, donating to a terrorist is the same as donating to anyone else, so a system that lets you donate to anyone will necessarily let you donate to terrorists, but it wouldn't be the example I'd bring up in polite conversation.
You can be sure that those truckers were not terrorists.
Courts deemed as unlawful this government persecution to whoever donated to the protest using transparent cryptocurrency: https://usethebitcoin.com/news/canadian-court-rules-against-...
The point is that only those who used monero were safe from unlawful government persecution.
I bought legal things with Monero a while back when I was into "crypto". I've never bought illegal things with Monero (or any other currency/cryptocurrency).
I was interested in Monero because it actually was what people thought Bitcoin was.
Absolutely true, no one needs monero when you can have bitcoin (and lightning for private instant bitcoin payments).
That is obviously ignoring that transactions on that old tech are transparent (no privacy whatsover) and governments will persecute whomever donates to inconvenient causes: https://usethebitcoin.com/news/canadian-court-rules-against-...
The reason why cryptocurrencies exist is precisely to detach money from governments, reason why Monero is persecuted by every single western government whereas that coin you mention is endorsed by them. There is quite a world that needs and uses Monero every day.
Lightning Network, ready in 18 months for the last 5 years! Lol.
What exactly are you missing that i.e. PhoenixWallet or Electrum is providing? The only thing missing is merchant adoption - but bitcoin is far ahead monero in this field.
Monero has utterly failed in merchant adoption. If you go to something like cryptwerk, which is what getmonero themselves recommends as a vendor list, It has about 1/2 the vendors of even the roughly same market cap coin Litecoin.
Where I live there is only Monero as serious cryptocurrency to use between people.
Wouldn't risk sending large transactions where everything is visible to others when compared to LTC or any other non-private virtual coins.
Well that's because it's illegal in most countries, and the reason it's illegal are the same reasons it's a good currency. States can't tolerate competition.
Still a global blockchain though with the associated throughput limits. You can't buy cereal with monero because you do that too often.
I have used LN quite a lot for the last 3-4 years or so. Seems to work good enough for quite many use cases.
ugh, "GiB"
author sold his soul to marketmen
So many people here know how bitcoin works but don't know that it doesn't.
It is hilarious.