Proof-of-Work: RandomX
Justification: The protocol must resist centralization at the hardware level. Bitcoin's use of SHA-256 has led to an industry dominated by a few specialized ASIC manufacturers, undermining the "one-CPU-one-vote" ideal. Zensia adopts RandomX, a Proof-of-Work algorithm optimized for general-purpose CPUs. This choice binds the security of the network to the vast, globally distributed, and highly competitive commodity CPU manufacturing ecosystem (e.g., Intel, AMD, ARM). This market is far too deep and liquid to be captured by a single entity, thus restoring a practical and resilient foundation for decentralized hashpower production.
Specification:
Algorithm
RandomX, as specified in the reference implementation documentation. Modes: Miners MUST use "fast mode" (requiring ~2 GB RAM). Verifying nodes SHOULD use "light mode" (requiring ~256 MB RAM) for efficiency.
Key (K)
The K parameter for the RandomX virtual machine is derived from blockchain data to prevent miner-selectable optimizations. For a block at height h, the key K is the block hash of the block at height h_{key} = h - (h \pmod{2048}). This provides a new, unpredictable key approximately every 2048 blocks (~14 days).
Input (H)
The input to the RandomX hash function is the 80-byte block header, serialized as standard.
Attacker Cost Model
An attack on Zensia is not a hardware manufacturing problem but a capital expenditure problem. An attacker cannot secretly design a more efficient ASIC. Instead, they must acquire a dominant share of the global CPU hashrate, likely by renting massive capacity from cloud providers or assembling large botnets. While possible, this shifts the attack surface to a more transparent and far larger market, significantly raising the practical cost and logistical complexity of a sustained 51% attack compared to specialized hardware environments.
Coinbase Reward Smoothing (Pay-Last-N-Finders)
Justification: The primary economic driver of mining pool centralization is the need to reduce the high variance of block rewards, especially for smaller miners. The "Pay-Last-N-Finders" rule directly addresses this by building a variance reduction mechanism into the consensus protocol itself. By distributing each block subsidy among the finders of the last N blocks, the system effectively creates a global, trustless, and fee-free PPLNS (Pay Per Last N Shares) payout scheme. This makes solo and small-pool mining far more economically predictable and sustainable, directly weakening the gravitational pull of large, centralized pools.
Formal Definition:
Let h be the current block height being produced. The smoothing window is a constant N = 144 blocks. The number of coinbase recipients, k, is defined as k = min(h + 1, N). The total block subsidy S (initially 50 ZNS) plus any transaction fees F is the total reward R = S + F. This total reward R is divided into k equal shares: share = R / k. Any remainder from integer division is added to the share of the current block's finder (the output at index 0). The recipients are the miners of blocks h (the current finder), h-1, h-2,..., h - k + 1. A recipient is identified by the scriptPubKey of the first output (index 0) of the coinbase transaction in their respective historical block.
Coinbase Transaction Layout:
The coinbase transaction for block h MUST have exactly one input and k outputs.
- Output 0: Pays share + (R \pmod k) to the scriptPubKey chosen by the miner of block h.
- Output 1: Pays share to the scriptPubKey from output 0 of the coinbase transaction in block h-1.
- Output i (for 1 <= i < k): Pays share to the scriptPubKey from output 0 of the coinbase transaction in block h-i.
Size Overhead:
A standard P2PKH output consists of an 8-byte value, a 1-byte scriptPubKey length, and a 25-byte script, totaling 34 bytes.
For N=144, a mature chain will have k=144 outputs. The additional 143 outputs add 143 \times 34 \text{ bytes} = 4862 \text{ bytes} (~4.8 kB) to the coinbase transaction. For a larger N=720, the overhead would be 719 \times 34 \text{ bytes} = 24446 \text{ bytes} (~24.4 kB). This overhead is non-trivial but is considered an acceptable cost for the significant decentralization benefit it provides. It is non-witness data and consumes block weight accordingly.
Variance Reduction vs. Pool Incentives
The single most powerful incentive for miners to join pools is to reduce the variance of their income. A solo miner with a small fraction of the network's hashrate may go months or years without finding a block, an economically untenable position. The "Pay-Last-N-Finders" rule directly attacks this problem at the protocol level. For a miner controlling a fraction p of the total hashrate, the probability of finding any given block is p. In a winner-take-all system, their income is a series of large, infrequent jackpots. Under the N-rule, their expected income over an N-block window is p \times N \times (R/N) = p \times R. While the long-term expected value is the same, the distribution of payments is dramatically different. Instead of one large payment, the miner receives many small payments from blocks found by others, smoothing their revenue stream into a predictable flow that is directly proportional to their hashrate contribution.
Pool Commoditization Effect
This mechanism effectively commoditizes the primary service offered by mining pools. By providing variance smoothing as a native, trustless feature of the protocol, Zensia fundamentally weakens the economic moat of large pools. Pools can no longer justify high fees solely for this service. While they may still compete by offering secondary services like optimized block template construction or private transaction relay, their core gravitational pull is significantly diminished.
This should foster a more decentralized and competitive ecosystem of smaller pools and make solo mining a rational choice for a much wider range of participants, directly countering the oligopoly observed in modern Bitcoin.
144
Block Smoothing Window
The number of previous blocks whose miners receive a portion of each new block reward
99.3%
Variance Reduction
Theoretical reduction in income variance for a miner with 1% of network hashrate
0%
Protocol Fee
Unlike pools which charge fees, Zensia's protocol-level smoothing is completely free
DAA Responsiveness and Hashrate Stability
ASERT's design provides a predictable and stable response to hashrate shocks. The halflife parameter of 2 days means that for any deviation from the target block time, the algorithm will correct the difficulty by 50% of the error over a 2-day period.
Hashrate Increase
If network hashrate doubles, block times will temporarily shorten. ASERT will begin increasing the difficulty with every block, smoothly guiding the block interval back towards 10 minutes. This prevents the "hour-one ripping" problem at launch, where early miners can extract a disproportionate number of coins before the first difficulty adjustment.
Hashrate Decrease
(e.g., 51% Attack or Minority Chain scenario): If 50% of the hashrate suddenly leaves the network, block times will temporarily double to 20 minutes. ASERT will immediately begin lowering the difficulty, ensuring the chain remains usable and does not enter a "death spiral" where blocks become too difficult to find. This rapid response is critical for the survival of a minority chain after a contentious fork and mitigates the profitability of "coin-hopping" attacks where mercenary hashrate switches between chains to exploit slow difficulty adjustments.
Network & Operations
This section defines the practical, operational aspects of running Zensia software, ensuring a clear path for miners and node operators to participate in the network.
Download Software
Obtain the reference implementation with built-in solo miner
Verify Integrity
Check binary hashes against published values
Run Node
Connect to the network and begin validating transactions
Start Mining
Contribute CPU power directly to secure the network
Reference Implementation: Node and Solo Miner
A core component of the Zensia project is the provision of a well-maintained, open-source reference implementation. To fully realize the "one-CPU-one-vote" principle, this implementation must include a capable and easy-to-use solo miner.
Reference Solo Miner
A reference CPU miner, based on the high-performance XMRig codebase, will be included directly in the main client repository. It will be configured by default for solo mining against a local node. The configuration will be managed via a simple config.json file with sane defaults for thread count, huge pages, and NUMA node affinity, which are critical for RandomX performance. This lowers the technical barrier for individuals to contribute hashrate directly to the network and participate in transaction selection, rather than ceding this role to a pool operator.
Default Node Configuration
The reference node will use conservative network parameters similar to Bitcoin Core, including default mempool size, transaction relay policies, and peer connection limits, to ensure stability and resilience against DoS attacks.
Reproducible Builds
The project will provide a deterministic build system using a containerized environment (e.g., Docker). This allows any third party to compile the source code and verify that the resulting binaries are identical to the officially released ones, ensuring no hidden code has been introduced.
Technical Requirements
The reference implementation is designed to run on commodity hardware:
- CPU: Any x86-64 processor with AES-NI support
- RAM: 4GB minimum (8GB recommended)
- Storage: 50GB for full blockchain storage
- Operating Systems: Linux, Windows, macOS
Fair Launch Specification
The launch process must be transparent, unpredictable, and devoid of any insider advantage to establish credible neutrality from genesis.
Pre-Launch Protocol
Code Freeze and Publication
A specific git commit hash representing the final 1.0.0 source code will be declared several weeks prior to the potential launch window.
Reproducible Build Verification
The project will publish the source code, deterministic build scripts (Dockerfiles), and the corresponding SHA256 hashes of the binaries for all major platforms (Linux x86-64, Windows x86-64, macOS ARM64/x86-64). A period of public review will allow independent developers to verify that the published binaries are a direct result of the published source code.
Launch Trigger and Genesis Block
The network will begin at a future, unpredictable moment, determined by a publicly verifiable external event. This prevents any single party from knowing the exact start time and gaining a mining advantage.
Trigger Specification
The Zensia network will launch upon the discovery of the first Bitcoin block that meets a specific, arbitrary condition.
Example Trigger: "The Zensia network will activate at the moment of the first Bitcoin block at or after Bitcoin block height H=900,000 whose block hash, when interpreted as a 256-bit little-endian integer, is divisible by the prime number 1009."
Monitoring Script
A simple, auditable script (e.g., Python, Bash) will be provided. This script will monitor a public Bitcoin block explorer API or a local Bitcoin node for the trigger condition. Upon detection, it will automatically construct the genesis block and start the Zensia node and reference solo miner.
Genesis Block Parameters
- Timestamp: The timestamp of the triggering Bitcoin block.
- Parent Hash: The hash of the triggering Bitcoin block.
- Subsidy: 50 ZNS.
- Coinbase Output: The 50 ZNS subsidy will be paid to an unspendable OP_RETURN script, effectively burning the first block reward to demonstrate fairness.
- Difficulty: The nBits field will be set to the maximum possible target (lowest difficulty).
Post-Launch Guidance & Disclosures
First-Day Guidance: Simple, clear instructions will be provided for early participants: "1. Download the software and verify its hash. 2. Run the provided auto-start script. 3. Your computer will begin solo mining when the trigger condition is met. No pool is required."
Legal and Ethical Disclosure: A formal statement will be included in the project's README and website: "Zensia is a free, open-source software experiment. There has been no pre-mine, founder's reward, Initial Coin Offering (ICO), or sale of any kind. The software is provided 'as is' without warranty. There is no central entity, company, or foundation responsible for this network. All coins are issued exclusively via the Proof-of-Work algorithm described in this document and are available to anyone willing to contribute computational work."