Security Announcement

A bug related to transaction priority handling may allow an attacker to crash Zcash nodes (Denial of Service) via a specially crafted transaction. A fix is implemented in zcashd release 1.0.8-1.
Please see the official announcement for more details and update your Zcash node to 1.0.8-1.


Why Equihash?

Zooko Wilcox and Jack Grigg | Apr 15, 2016

In our last blog post, we announced that we have started using Equihash as the proof-of-work for block mining in Zcash (#27).

Equihash is a Proof-of-Work algorithm devised by Alex Biryukov and Dmitry Khovratovich. It is based on a computer science and cryptography concept called the Generalized Birthday Problem.

Why are we using it?

Equihash has very efficient verification. This could in the future be important for light clients on constrained devices, or for implementing a Zcash client inside Ethereum (like BTC Relay, but for Zcash).

Equihash is a memory-oriented Proof-of-Work, which means how much mining you can do is mostly determined by how much RAM you have. We think it is unlikely that anyone will be able to build cost-effective custom hardware (ASICs) for mining in the foreseeable future.

We also think it is unlikely that there will be any major optimizations of Equihash which would give the miners who know the optimization an advantage. This is because the Generalized Birthday Problem has been widely studied by computer scientists and cryptographers, and Equihash is close to the Generalized Birthday Problem. That is: it looks like a successful optimization of Equihash would be likely also an optimization of the Generalized Birthday Problem.

Nevertheless, we can't know for certain that Equihash is safe against these issues, and we may change the Proof-of-Work again, if we find some flaw in Equihash or if we find another Proof-of-Work algorithm which offers higher assurance.

How can I mine?

The same way as before! Just add gen=1 to your config file, or run ./src/zcashd -gen.

What are the mining requirements?

The memory requirements for testnet mining are currently set very low, because the implementation is not optimised. So currently, anyone who was mining before can still mine.

Once we have optimised the implementation (#857), we will bump up the memory requirements to around 1 GB of RAM (#856), so you will need that much free memory per mining thread.

What's next?

The next step in our use of Equihash is to write an optimised implementation. Once that is done, we will reset the testnet with higher-memory parameters.

Further down the track, our goal is to have the Equihash solver optimised for running on smartphones. We hope that this will greatly aid the decentralization of mining — users could mine Zcash while their phones are plugged in and unused overnight!

Stay tuned for an upcoming blog post about how Equihash works!

mining, Equihash | View all tags