What does memory-hard means in ETH POW?


#1

I came across the term memory-hard while ready about ETH POW algorithm. What does it means when someone says that POW is memory hard?


#2

Excellent question!

As you know, Bitcoin’s PoW mining can be optimized by using specialized mining hardware. This is exactly what happened with Bitcoin: Mining migrated from CPUs, to GPUs, to FPGAs, and now to ASICs. Ethereum’s PoW algorithm, on the other hand, is designed to be “memory-hard” so that it can be ASIC-resistant.

Memory-hard (or sometimes also called “memory-bound”) means that the time it takes to compute a computational problem is based on the amount of memory required (i.e. the time spent accessing memory). The purpose of using a memory bound function is usually to discourage people from abusing resources. People have gotten really good at improving CPU speeds, but developing faster main memory is a much harder feat.

So in the case of Ethereum, by making the PoW function memory-bound (or memory-hard), it means it’s not easy for someone with a LOT of CPU (or GPU or ASIC) power to have a significant advantage in calculating the PoW hash.

In Ethereum, the PoW algorithm requires choosing pseudorandom subsets of a DAG that is dependent on the nonce and block header. This DAG is regenerated every 30,000 blocks (~5 days). The operations you perform to generate the PoW hash are random access (chosen pseudorandomly based on the hashing function), so trying to put the DAG in cache doesn’t help really, since the DAG is regenerated every 30,000 blocks anyway. Moreover, there’s no performance improvement from speeding up the operations required to calculate the hash with a beefy CPU (or GPU or ASIC) because in reality, fetching the DAG from memory is much slower than the operations required to calculate the hash. The best way to speed up the hashing algorithm is to speed up the DAG fetches from memory. That’s why the Ethereum PoW algorithm is “memory-hard”, since the system’s memory is what limits our ability to generate the hash. Hence why it’s meant to be ASIC resistant


#3

you also might find this helpful :slight_smile:


#4

Thanks. That was clear. :slight_smile: