We often imagine blockchains as towers made of crystal. Bright, fascinating, landmarks looming above the fields of cryptography, data science and economics. Inspiring but also intimidating for those that approach them. The ledger of transactions is public, continuously validated by each participating full node. Every user can track funds as they jump from address to address or smart contracts as they get formed, used and expired.
Blockchains do not need arbiters or regulatory organisms, as the rules that govern them are enforced by every node. The process and the results are transparently visible to every participant.
Unlike the Proof of Work blockchains they serve, ASIC manufacturers usually fail to provide the same levels of transparency. Unknown amounts of hashrate owned for self-mining, undisclosed sizes of the batches they sell (so customers can’t estimate their profitability, which ends in saturated markets where no miner gets profit) or mining in secret before the release of the hardware are among their most criticized practices. The latter most case is especially concerning. Mining is a highly competitive process where all the miners share a fixed block reward according to their owned hashrate. When a next-generation ASIC is designed for a blockchain, its first owners will get most of the profits, as they quickly out-compete the previous generation of ASICs or the GPUs/CPUs they replace. By self-mining and not releasing the hardware to the public for a time, ASIC manufacturers can enjoy this privilege (and thus its profits) in exclusivity. In other words, they get a market advantage by out-competing their own customers.
Being that blockchains are a paradigm of transparency, unsurprisingly multiple cases of friction and confrontation have aroused between crypto communities and manufacturers over the last 2 years. The world’s manufacturer leader, Bitmain, has recently undergone a campaign of, in their own words, “radical transparency” and “dialogue with the cryptocurrency communities” (1, 2, 3 & 4). On its most recent blog entry , on July 25, 2018 we can read the following:
Zero tolerance policy against ‘secret mining’. (…) Bitmain itself has been unfairly accused of this practice. In the end, Bitmain values transparency and fair competition. We therefore remain opposed to this practice and maintain our long-held zero-tolerance policy regarding same
This assertion, however, goes drastically against the way Bitmain actually behaved on the Sia network at the end of last year. This article is aimed to provide evidence, abundantly explained, that shows how Bitmain mined in secret Siacoins during the two months previous to the presentation of their Sia miner back on January, among other dishonest practices. As readers might not be familiar with the context, I find important to narrate the events and the disruption caused on the Sia community and blockchain by Bitmain when they introduced their Sia miners.
Sia meets Bitmain:
Without any previous communication, on January 17th, Bitmain announced its Antminer A3 miner for the Sia network and opened the sale immediately. Batch 1 sold out after only a few minutes.
This should have not be an issue by itself for the community. However, six months before, the Sia core developers created an ASIC manufacturing subsidiary, Obelisk, opening pre-orders for what was believed it would be the first ASIC to hit the Sia network. Many contributors and community members in general participated on the pre-sale. The just-announced Bitmain A3 was going to hit the market first, many months ahead of Obelisk’s, ripping the expected profits of the latter. The last ingredient of the drama was the announcement that the Obelisk miner had on its design the backup capability of mining an alternative algorithm, and that a fork on the Sia network to embrace it would be enacted, invalidating Bitmain’s miners, if Bitmain showed damaging behavior against the Sia project. While reserved for a case of emergency, many community contributors, coders and moderators pushed for an unconditional fork. Among those who purchased the A3 on the Bitmain’s flash sale, there were contributors, coders and moderators to boot.
To fork or not to fork? Either choice would tear apart the community. Either choice the community would lose members and contributors. Some left it already even after the final decision. My anxiety, ATH. In the end it was decided not to fork. The echoes of the decision are still conditioning the life of the community and will haunt it for many years. For those interested on further details about this episode, I recommend this non-partisan timeline by the Sia contributor mtlynch and this recent talk from cofounder of Sia at the Zcon0 conference
The aggressive commercial arts of Bitmain did not help. While Bitmain claimed (and keeps claiming) they limited the sale to one miner per purchaser, the reality is that this policy was never enforced: during the days after the sale the A3-batch 1, it was easy to find pictures of basements with multiple A3 and even purchase receipts with multiple units. While Bitmain also claims they did not saturated the market, analyzing the steps on the hashrate chart of Sia (above) it is easy to calculate batch 1 consisted on around 13,000 units (0.81 TH/s per unit) and batch 2 on 20,000. Subsequent Bitmain batches overlap with the shipping of another manufacturer, Innosilicon, so it is not possible to calculate the size of these batches. There are, however, no reasons to believe they were any smaller. Anyway, the 33,000 units of the first two batches were enough to sink the ROI of the Bitmain A3 purchasers, that started to complain how their expected ROI was extending to more than six months or even beyond a year. In the end, Bitmain killed the profitability of their own customers by flooding the network with more miners than what the network macroeconomics could possibly sustain. And thus the hashrate kept scaling batch after batch of A3s and thanks also to the Innosilicon miners. Of course, this also ruined the possibilities of ROI of Obelisk backers.
Community consequences aside, releasing ASICs without warning could have had seriously devastating effects for the blockchain functionality. Without an appropriate Difficulty Adjustment Algorithm (DAA), the dramatic increase in hashrate that followed could have provoked the inclusion of thousands of blocks before the next difficulty adjustment. The file storage contracts of the Sia network measure time in blocks, what could have provoked multiple contracts to expire prematurely without the renters having time to renew them, driving to data loss. We were lucky that an optimized Difficulty Adjustment Algorithm was introduced just a few weeks before the Bitmain announcement. Nevertheless, this illustrates the dangers of unannounced ASIC introductions.
On the same release day of the A3, AntPool, the mining pool of Bitmain, opened a branch on the Sia network, becoming the sixth known pool of Sia. On the first days of the pool, their API showed a very small number of workers (<100) and hashrates around the five percent of the network. By March, the number of workers grew to several thousands and the hashrate to figures around twenty percent of the network, remaining in that level until the present date. All this info was recorded by SiaStats and can be accessed on https://siastats.info/pools/antpool This apparent gradual grow of their hashrate, if true, would have been compatible with their vision against secret mining, as the pool only got organic grow after their batch 1 was delivered.
In any event, it has to be noted that the Sia community detected during November and December sudden spikes of the network’s hashrate accompanied by bursts of blocks mined by unknown pools, representing up to twenty five percent of the total blocks. Previously, the rate of these unknown pools remained under five percent. This data can be accessed at https://siastats.info/mining_pools in the chart “Mining pools evolution”. Some members suggested the possibility of Bitmain, others suggested alternatives, like the manufacturer Baikal (including myself). The time has proven those blocks were indeed Antpool’s, as we will analyze in a moment.
Despite the “radical transparency” messages from Bitmain, the fact is that Antpool is acting as the most opaque and dishonest mining pool on the Sia mining scene:
- No signature on their mined blocks. Most of the pools in Sia use a single payout address for the block reward and a standard message on the arbitrary data field of the block. These two variables allow blockchain explorers to identify without doubt the pool that mined the block. Antpool instead has used so far more than 2600 different addresses and the arbitrary data of their blocks is an encrypted string, different each time. This prevents the independent validation of who mined the block.
- Failure on reporting blocks. In absence of a signature, explorers must trust whatever Antpool claims on its site. To date, Antpool has only claimed 687 blocks. Their list of claimed blocks include multiple gaps of several thousands of blocks (see the image below). Considering their hashrate (around twenty percent of the network), these gaps are impossible statistically, meaning that they are refusing to report many of their blocks.