Cryptocurrency Mining: Decentralized CentralizationJan 14th, 2022
I dipped my toe into Ethereum mining over the holiday break. My intention was not to make money1, but to learn the underlying infrastructure powering cryptocurrencies. After all, most of my career has been spent on dealing with distributed systems. The journey impressed me. I am fascinated to see how much centralization there is despite the best intentions that were put into designing a decentralized system. I am also amazed by the creative entrepreneurs who discovered and delivered on business opportunities through decentralized centralization.
Understanding cryptocurrency mining
To understand how cryptocurrency mining works under the hood, I followed the 2013 article titled How the Bitcoin protocol actually works by Michael Nielsen. The article strikes the balance of enough technical discussion and not too many implementation details. While it focused on Bitcoin, the general principle applies to Ethereum and other Proof-of-Work based cryptocurrencies.
In a nutshell, cryptocurrencies are distributed ledgers among a trustless network, and Proof-of-Work is the mechanism that allows the decentralized network to come to consensus, or agree on things like account balances and the order of transactions. The mechanics typically includes finding a nonce which, when concatenated to a message, produces a SHA256 hash that, when interpreted as an unsigned 256-bit integer, is less than the network-specified target, i.e. the mining difficulty. A nonce needs to be found for every block, which is produced regularly over time - about every 10 minutes for Bitcoin and every 10 seconds for Ethereum. The network participant who finds such a nonce first will get rewarded with a certain amount of the corresponding cryptocurrency. The reward is created out of thin air and part of the consensus protocol. Finding a nonce is computationally expensive, and the reward is an incentive for network participants to provide computing resources and to play by the rules.
The general concept seems reasonable so far. The protocol is beautifully designed to allow trustless consensus to form in a decentralized network. How does it work in practice then?
The first tactical decision for me was whether to join a mining pool. My GPU could compute hashes at a rate of about 33M per second(33MH/s), compared to the total hashing power of the Ethereum network at 1PH/s. In probability terms, that means I could expect to find a good nonce for every 30,000,000 blocks. Assuming a 10-second block time, that translates to getting a reward once every 9.5 years! That is obviously bad for a whole host of reasons:
- That 9.5-year number is an expectation, not guaranteed. So I may have to wait even longer.
- The total hashing power is likely to increase over time, furthering delaying my expected payout.
- Any down time in my mining computer would work against me as well.
- The Ethereum network will probably switch to Proof-of-Stake long before my expected payout, rendering my mining useless.
Given all of these, it is a no-brainer for a hobbyist miner like me to join an established mining pool. A mining pool participates on the Ethereum network as one single entity, but it leverages the computing power of all the members in the pool. Even a small-ish mining pool with 1% of the total hashing power is expected to get awards for 3.6 blocks every hour, which greatly smooths out randomness in the earning curve.
Joining a mining pool is straightforward, but it represents a philosophical shift. I would not need to trust anyone by mining directly on the network, but now I need to trust a central authority, the mining pool operator. After all, they get the block awards directly in their own wallet, and I need to trust that they will calculate my share correctly and pay me on time. In fact, the rules of my mining pool dictate that members get paid once they hit a certain amount2, which will take me about 200 days to get. That is certainly better than once every 9.5 years, but in a sense I am offering a no-interest loan to the mining pool operator whom I was incentivized to trust despite not knowing anything about them.
A mining pool is obviously a great business with strong network effects. The more hashing power a mining pool has, the smoother the earning curve will be for its members. The more members it has, the more hashing power it gets. The pool operators charge 1% to 3% from their members, which is a classical software service with zero marginal cost. The strong network effects naturally lead to centralization. In fact, the leading Ethereum mining pool, Ethermine, accounts for more than 30% hashing power of the entire Ethereum network. The top three commands 56%, enough to launch a 51% attack. Ethereum mining is not something an average user can afford to do alone any more. The situation is not too different for Bitcoin or any other mainstream cryptocurrencies.
The second tactical decision was to choose a mining software. My first intuition was to lean on open source mining software, but most of them have not received major updates for years. On the other end, closed source mining software is a booming business. They typically charge a commission of 1-2% for fully integrated solutions which push your GPUs to their limits while protecting their longevity. Such software is sketchy though. They use anti-reverse engineering techniques to protect the binary executables. This is perfect reasonable since otherwise it would be super easy to hack the binaries and avoid paying the commission. However, it does trigger plenty of warnings from most anti-virus software, and invites questions about what is actually happening under the hood.
Nevertheless, the business of closed source mining software seems to be getting more popular by the day. It is such a competitive business that they even employ consumer promotion tactics like lottery draws for loyal customers. This business is also built on network effects with typical software margins. The more money the developer makes, the better job they can do in improving usability and performance. The more usability and performance improves, the more users they will attract. The more users, the more commission they will make. This space is more fragmented than mining pools though, presumably because it is not super difficult to create high-performing miners. If mining pools are SaaS businesses, mining software is a freemium software business without App-Store-like distribution3. The centralization is still staggering and potentially dangerous since no outsiders know what is in the software binaries.
Both mining pools and mining software are centralized businesses built on network effects inside a decentralized ecosystem. Credits must go to the early entrepreneurs who discovered and executed against these business opportunities. In a sense this is not too different from how aggregators like Google built powerful businesses. The Internet itself is decentralized by design. Google did not become powerful by controlling every website. It built a strong business by aggregating all websites and making it a no-brainer for consumers to ask Google for information. The centralization is a natural result of network effects. The zero marginal cost nature of Internet and software made such network effects stronger than ever.
Such centralization can also be dangerous though. Top mining pools can execute a 51% attack by just coordinating with a small number of counter parties. Popular mining software developers can change their commission rate without revealing it. Even if they are honest and operate with integrity, the centralization makes them ideal targets for outside attackers. Someone can launch simple denial of service attacks against top mining pools to cause major disruptions to the entire Ethereum network4. They can also plant malicious code into popular mining software without users noticing.
Ethereum’s giant migration from Proof-of-Work to Proof-of-Stake could probably alleviate the problem, but staking pools are already emerging to be the next natural point of centralization. Solana’s Proof-of-History is another interesting alternative, but it is an even high barrier of entry to run a Solana validator node.
Centralization naturally arises where network effects emerge. Decentralized networks bring down marginal cost and beget network effects. Moxie’s first impression of web3 discusses the ways centralization emerges in the user-facing application space on top of major cryptocurrencies. To be fair, the application developers do intend to reduce reliance on centralized services. My experience with mining shows that such centralization is even more lopsided in the infrastructure layer where blockspaces are provided. More interestingly, the infrastructure centralization aligns interests between big and small players, which means the centralization is unlikely to break. Personally I am not paranoid about the philosophical debate of centralization versus decentralization. It is much more interesting for me to watch dynamic businesses get built to meet real user demands in real markets.
If I understand correctly about how the Ethereum protocol works, sudden loss of major hashing power could lead to decrease of mining difficulty. An attacker would have the incentive to take down major mining pools and run their own mining operation on the side with reduced mining difficulty, which allows them to get rewarded richly within the rules of the network. An ambitious and resourceful attacker could even temporarily control more than 50% of total hashing power while the top pools are down. ↩