Examining Bitmain’s Claims about ASICBoost

The Difference Between Overt and Covert ASICBoost

I’ve written about ASICBoost before, but I’ve seen a lot of confusion about the difference between overt (or version-based) ASICBoost and covert (Merkle Root based) ASICBoost. In order to examine Bitmain’s claims properly, we need to understand the difference between the two.

A Little Bit about Bitcoin Block Headers

The Bitcoin block header is exactly 80 bytes long. It consists of the following fields:

Hat Tip to Jeremy Rubin

How Does Overt ASICBoost Work?

Overt ASICBoost keeps the same Previous Block and Merkle Root for every run and changes the version. There are 4 bytes in version, or 32 bits that can be manipulated. This turns out to be plenty for ASICBoost to work and in fact, you really don’t need more than 4 bits or so of the 32 bits.

How Does Covert ASICBoost Work?

Covert ASICBoost keeps the same version and Previous Block for every run and changes the Merkle Root. But note that Merkle Root bleeds into the 16 bytes that ASICBoost cares about. Specifically, the last 4 bytes.

Some Facts about Covert ASICBoost

Covert ASICBoost requires a lot of memory. You need to store about 2²⁴ Merkle Roots which are 32 bytes at a minimum. That’s 256 MB of really fast memory, and probably more to accommodate for unlucky searches. You can reduce this memory requirement by getting less collisions.

Bitmain and ASICBoost

Bitmain claims to have tested ASICBoost on Testnet, but have not used it on Mainnet. This only refers to overt ASICBoost. They specifically referred to covert ASICBoost as “not practical in a production environment”. Further, they claim their circuit design supports ASICBoost, but that almost certainly refers to overt ASICBoost only.

Examining Claims

Finding overt ASICBoost is easy on Testnet as block headers would have weird version values. Indeed this seems to be the case as I’ve shown in the code published here. There are a bunch of testnet blocks around block 300,000 (October 2014) which have version fields that look pretty random and aren’t used ever again. Normal blocks near those blocks have the version number of 2. The same analysis on mainnet blocks shows that there are no weird version-number blocks.

Conclusion

In this light, Bitmain’s claims of having used overt ASICBoost on Testnet, but not on Mainnet are fully consistent with the data on their respective blockchains. Specifically, it looks as though overt ASICBoost was tested by someone (likely Bitmain) around October of 2014.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jimmy Song

Jimmy Song

Bitcoin Educator, Developer and Entrepreneur. Book: https://amzn.to/2RSlnTb PGP Fingerprint: C1D7 97BE 7D10 5291 228C D70C FAA6 17E3 2679 E455