Daedalus's avatar
Daedalus _@daedalus.website 1 month ago
Some counter notes here to ponder on: "-Hash power, not even a state can attack it" Due to centralized ASIC mining, only a handful of companies control giant portions of mining power due to economies of scale. Companies are extremely susceptible to lawfare and state intelligence influence. Bitmain manufactures nearly ALL the ASIC miners used for Bitcoins simplistic sha256 algorithm. One backdoor in each can do anything to the blockchain remotely, and since they're proprietary black box chips you'd have no idea. US intelligence published an article stating concern about this I'll link it as a reply. Monero is mined most efficiently on gaming PC CPUs. Server CPUs are vastly more expensive relative to their hashrate, the most efficient is something you can buy on Amazon and any bro you plays PC games already has. Ryzen 9 series is crushing it now in price to performance. The egalitarian difference is clear here. Also regarding Moneros lower hash power, yes this is definitely true but only a result of price. I did an analysis a bit ago proving that Monero and Bitcoins hashrate is roughly equivalent when scaled for power expended per market cap, which is the real metric of security as energy is what's actually wasted in mining. RandomX is an intentionally inefficient algorithm so it takes an order of magnitude more energy to produce one hash than with sha256. So in synopsis, the energy spend on security would be equal for Monero as it would be for Bitcoin if market caps were identical. The difference would then be, with Monero you have an army of botnets and gaming PCs mining, vs an army of corporations mining all on the same chips from the same manufacturer designed to mine only Bitcoin. It's trivial to see which has the larger attack surface from state level adversaries. "-LN is very private when sending without extra configuration" I'd correct this to *LND* is very private when sending. Almost nobody uses their own LND node connected to a no logs peer behind onion connection etc etc. Most use either custodial solutions with worse than on-chain privacy, or LSP solutions like Phoenix which offer great sending privacy to the recipient but 0 to the LSP which is a huge centralized entity. This is a collosal issue with lightning. I'm not even getting into the hub and spoke centralization issue in routing paths which makes timing analysis way easier. "-Unlimited supply" this is deciding phraseology. More accurate to say, "No hard cap" or the like. The truth is Monero's supply is limited, it's limited to only 0.6XMR per block in perpetuity. This is about 0.6% supply increase a year at today's supply, and trails asymptotically to 0% given infinite time. Mathematically, this is by definition a limit. Search "Limits Calculus" or something to learn more about mathematical limits. "Not scaleable without losing decentralization" yeah you're kinda right in the sense that we'll get to a point if usage grows exponentially that nodes will run into bandwidth and processing limitations. I don't know when this is, most devs think it's far off, but still a methematical certainty. Still better than Bitcoin, though, which has successfully halted L1 scaling and moved it to L2s which I just discussed are extremely centralized with how almost all users use them. Monero has tail emissions and dynamic block sizes which eliminates the two biggest issues with Bitcoin L1 scaling: Fee bidding economy (more usage more expensive). Final point around hidden inflation. @Hanshan has been going off on this so I'll let him explain, but in synopsis: mathematics is either sound or it isn't. The simple arithmetic of adding up UTXOs to make Bitcoins total supply is no more sound than the Pedersen Commitments and Bulletproofs++ used in RingCT to hide transaction amounts in monero. Yeah you may not understand it, but your understanding doesn't change reality. These are mathematical proofs. Math isn't science, math is either true or it isn't. Not to say there can't be a bug, all software can have bugs, but any bug that arises will be found due to per transaction amount verification that occurs. This is all one verbal flow so excuse any typos I'm not gonna proofread this haha. I hope this helps and welcome your response.
↑ Parent

Replies (5)

Daedalus's avatar
Daedalus _@daedalus.website 1 month ago
Found it. I'll recalculate for today's prices and hash rate if you're interested. It'll have to be later today after mass, though.
Daedalus's avatar Daedalus
https://redlib.nadeko.net/r/Monero/comments/qm2hax/comparing_bitcoin_network_to_monero_network/ This is some rough math from years ago, I read a more recent article but can't find it at the moment. Point is relative to Bitcoin, monero actually has a proportionally higher effective hashrate. That does effective hashrate mean? Well they can't be compared one to one directly since Bitcoin is ASIC mined and Monero RandomX. For equal cost, Bitcoin mining will produce a hugely greater number of hashes than Monero by design. Moneros mining is designed to be most efficient in CPUs with no ability to create specialized ASICs. According to that users calculations, Monero's effective hashrate was about 4% of Bitcoins at the time. You'd have to calculate these numbers today relative to the market cap difference but at the time of the post Nov 3 2021 Monero market cap was $4.9 Billion and Bitcoin at 1.2T placing Monero market cap at 4.08% (Data from coinlore.com). I encourage someone to recalculate this today I'm curious if the security budget is still 1-1 with Bitcoin relative to market cap as it was Nov 3 2021 but suffice to say Monero is not massively more insecure compared to Bitcoin. It is proportionally secure.
View quoted note →
Hanshan's avatar
Hanshan hanshan@hanshan.io 1 month ago
basically I agree with homeboy here. there is a trivial, but non-zero chance that I could craft a transaction that creates Bitcoin out of thin air. but the moment I send it, someone picks up on the fact that there are more Bitcoin than there are supposed to be. therefore it isn't " hidden inflation ". there is a trivial, but non-zero chance that I could craft a transaction that creates Monero out of thin air. but because of the hidden amounts the transaction does NOT get immediately detected and we have to wait for some autist who's looking for non-standard transactions to notice it and wonder what it's doing. but to my way of thinking, are you going to spend your life worrying about really small probabilities? there's also a trivial but non-zero chance that I could come up with an exploit that allows me to spend satoshi's coins... are you going to worry about that? boomers don't trust Bitcoin because they're afraid somebody could " hack " their bitcoin. they don't understand about public pair cryptography and the DLP. Maxis don't trust Monero because they're afraid somebody could " hack " the range proofs that guarantee supply. same picture. everybody has to make their own decisions about where they place trust when they can't personally verify things.
1 replies ↓
Cyph3rp9nk's avatar
Cyph3rp9nk cyph3rp9nk@getalby.com 1 month ago
I disagree with the first part. While what you say about chips is true, this also applies to mining Monero on conventional software. The advantage in this case for Bitcoin is logistics. How much would it cost a state to gather all the hardware necessary to attack Bitcoin? The second part is true. You should add LN with your own node.
2 replies ↓
Daedalus's avatar
Daedalus _@daedalus.website 1 month ago
Idk how my point about ASICS applies to Monero mining software. Xmrig is the main software and its free and open source
GitHub
GitHub - xmrig/xmrig: RandomX, KawPow, CryptoNight and GhostRider unified CPU/GPU miner and RandomX benchmark
RandomX, KawPow, CryptoNight and GhostRider unified CPU/GPU miner and RandomX benchmark - xmrig/xmrig
 its a very small codebase. Bitmain ASICS are proprietary hardware. Perhaps you could elaborate on that. Relating to attacks, I made the point that state adversaries don't need to outcompete the current mining market. They can use lawfare and regulations to control each giant mining company. This is extremely cheap for state actors, and in the case of taxation, can be profitable. Also hardware level backdoors via Bitmain are a genuine threat too, at least according US intelligence. Can't do that on Monero when most hashrate comes from gaming PCs and botnets. On Monero you'd have to outcompete the current hashrate, or convince existing miners to join a malicious pool as the recent Qubic attack did. You're right that this is a way cheaper attack on monero considering its like 15x smaller market cap, but we have to acknowledge that difference of scale when weighing either security model appropriately. I will also make an appeal to tradition here. Satoshi famously wrote "one CPU one vote". Monero uses RandomX for the sole purpose of making the CPU the most efficient miner. ASIC resistance came from Satoshi first, we just carry the torch. I don't think Satoshi would be cool with the current "Proof of ASICs" as Bitcoin currently is.
1 replies ↓