RandomWOW/README.md
tevador 8298c9faf8 Much more detailed design description
Added runtime distribution test
Fixed inaccurate results of performance simulations
Program publicly accessible in randomx_vm class
2019-06-01 11:02:40 +02:00

6.1 KiB

RandomX

RandomX is a proof-of-work (PoW) algorithm that is optimized for general-purpose CPUs. RandomX uses random code execution (hence the name) together with several memory-hard techniques to minimize the efficiency advantage of specialized hardware.

Overview

RandomX behaves like a keyed hashing function: it accepts a key K and arbitrary input H and produces a 256-bit result R. Under the hood, RandomX utilizes a virtual machine that executes programs in a special instruction set that consists of a mix of integer math, floating point math and branches. These programs can be translated into the CPU's native machine code on the fly. Example of a RandomX program translated into x86-64 assembly is program.asm. A portable interpreter mode is also provided.

RandomX can operate in two main modes with different memory requirements:

  • Fast mode - requires 2080 MiB of shared memory.
  • Light mode - requires only 256 MiB of shared memory, but runs significantly slower

Documentation

Full specification is available in specs.md.

Design description and analysis is available in design.md.

Build

RandomX is written in C++11 and builds a static library with a C API provided by header file randomx.h. Minimal API usage example is provided in api-example1.c. The reference code includes a benchmark executable for testing.

Linux

Build dependencies: make and gcc (minimum version 4.8, but version 7+ is recommended).

Build using the provided makefile.

Windows

Build dependencies: Visual Studio 2017.

A solution file is provided.

Precompiled binaries

Precompiled benchmark binaries are available on the Releases page.

Proof of work

RandomX was primarily designed as a PoW algorithm for Monero. The recommended usage is following:

  • The key K is selected to be the hash of a block in the blockchain - this block is called the 'key block'. For optimal mining and verification performance, the key should change every 2048 blocks (~2.8 days) and there should be a delay of 64 blocks (~2 hours) between the key block and the change of the key K. This can be achieved by changing the key when blockHeight % 2048 == 64 and selecting key block such that keyBlockHeight % 2048 == 0.
  • The input H is the standard hashing blob.

If you wish to use RandomX as a PoW algorithm for your cryptocurrency, we strongly recommend not using the default parameters to avoid compatibility with Monero.

CPU mining performance

Preliminary performance of selected CPUs using the optimal number of threads (T) and large pages (if possible), in hashes per second (H/s):

CPU RAM OS AES Fast mode Light mode
AMD Ryzen 7 1700 16 GB DDR4 Ubuntu 16.04 hardware 4100 H/s (8T) 620 H/s (16T)
Intel Core i7-8550U 16 GB DDR4 Windows 10 hardware 1700 H/s (4T) 350 H/s (8T)
Intel Core i3-3220 4 GB DDR3 Ubuntu 16.04 software 510 H/s (4T) 150 H/s (4T)
Raspberry Pi 3 1 GB DDR2 Ubuntu 16.04 software - 2.0 H/s (4T) †

† Using the interpreter mode. Compiled mode is expected to increase performance by a factor of 10.

GPU mining performance

SChernykh has developed a CUDA miner for NVIDIA GPUs. Benchmarks are listed here.

Note that GPUs are at a disadvantage when running RandomX since the algorithm was designed to be efficient on CPUs.

FAQ

Which CPU is best for mining RandomX?

Most Intel and AMD CPUs made since 2011 should be fairly efficient at RandomX. More specifically, efficient mining requires:

  • 64-bit architecture
  • IEEE 754 compliant floating point unit
  • Hardware AES support (AES-NI extension for x86, Cryptography extensions for ARMv8)
  • 16 KiB of L1 cache, 256 KiB of L2 cache and 2 MiB of L3 cache per mining thread
  • Support for large memory pages
  • At least 2.5 GiB of free RAM per NUMA node
  • Multiple memory channels may be required:
    • DDR3 memory is limited to about 1500 H/s per channel
    • DDR4 memory is limited to about 4000 H/s per channel

Does RandomX facilitate botnets/malware mining or web mining?

Efficient mining requires more than 2 GiB of memory, which is difficult to hide in an infected computer and disqualifies many low-end machines such as IoT devices. Web mining is infeasible due to the large memory requirement and the lack of directed rounding support for floating point operations in both Javascript and WebAssembly.

Since RandomX uses floating point math, does it give reproducible results on different platforms?

RandomX uses only operations that are guaranteed to give correctly rounded results by the IEEE 754 standard: addition, subtraction, multiplication, division and square root. Special care is taken to avoid corner cases such as NaN values or denormals.

The reference implementation has been validated on the following platforms:

  • x86 (32-bit, little-endian)
  • x86-64 (64-bit, little-endian)
  • ARMv7+VFPv3 (32-bit, little-endian)
  • ARMv8 (64-bit, little-endian)
  • PPC64 (64-bit, big-endian)

Acknowledgements

  • SChernykh - contributed significantly to the design of RandomX
  • hyc - original idea of using random code execution for PoW
  • nioroso-x3 - provided access to PowerPC for testing purposes

RandomX uses some source code from the following 3rd party repositories:

The author of RandomX declares no competing financial interest in RandomX adoption, other than being a holder or Monero. The development of RandomX was funded from the author's own pocket with only the help listed above.

Donations

If you'd like to use RandomX, please consider donating to help cover the development cost of the algorithm.

Author's XMR address:

845xHUh5GvfHwc2R8DVJCE7BT2sd4YEcmjG8GNSdmeNsP5DTEjXd1CNgxTcjHjiFuthRHAoVEJjM7GyKzQKLJtbd56xbh7V