NERVA (XNV) is a privacy focused cryptocurrency built for secure transactions, private balances, and true financial fungibility.
Using proven Cryptonote privacy technology, NERVA obscures sender, receiver, and transaction amounts on chain.
This allows users to transact without exposing their financial history to the public.
NERVA is designed for long term decentralization through CPU only Proof of Work mining.
Its Cryptonight Adaptive algorithm helps resist ASIC and GPU dominated mining, keeping network participation accessible to everyday users.
NERVA utilizes exclusive Cryptonight Adaptive algorithm,
with the aim of promoting decentralization and a preference for CPU miners.
No ICO
NERVA believes facing the issues in crypto are far more
important than the personal wealth of individuals.
There was no ICO, just a fair launch for those who want to help provide a
brighter future for crypto.
Energy efficient
No need to run separate GPU mining rigs or other specialized hardware.
Mine coins on your current computer with no additional software.
Fast transactions
One minute block time means your funds arrive quickly.
Fast transactions, combined with low fees, allow you to send and receive NERVA quickly and cost effectively.
Secure
Based on Monero, NERVA combines cryptonote's
privacy and fungibility with an emphasis towards decentralization.
Transactions remain anonymous and keep their histories hidden.
Fair distribution
An emphasis on CPU mining and no additional mining software means anyone can get involved quickly and easily.
Our Mission
1
Crypto for everyone
Crypto should be for everyone, not just those who can afford the hardware to mine
it.
NERVA allows you to mine on standard desktop computers, without elaborate hardware or software configurations.
Because if crypto is going to be our future, then we all need to be able to be a
part of it. Read More
We are following up on this mission. We are actively working every day to produce
software that is easy to use for everyone.
We have API's in .NET and PHP to allow other developers to integrate NERVA into
their web and software projects. We also decided
to start work on our own GUI (currently in Beta) to build these ideals of simplicity
and ease of use into a lean, tidy cross platform package.
NERVA also enjoys a substantial following on Discord. So there
is always someone available to chat to or get help from.
Community is a big part of NERVA. This is truly a community focused and driven coin.
Where every miner, trader or hodler is treated equally.
The NERVA community all share a common ideal. To take crypto back from big
corporations and organised mining operations and give it back to the people.
The way crypto was designed and the way it was intended.
2
On the cutting edge
NERVA is widely known as an experimental coin. But that's just cause we're doing
things a bit differently.
With a custom Proof of Work algorithm, the focus on solo CPU mining and the
accelerated emission curve, NERVA
is changing the way people think about cryptocurrencies and how they are mined and
traded. Read More
As well as being a solid coin that is easy to mine on any old computer, NERVA is
also engaged in some more experimental aspects of crypto.
NERVA was the first coin to demonstrate a self adjusting algorithm by changing some
algorithm parameters every block. Now Cryptonight
Adaptive is in v5 and every single hash relies on different, randomly selected data
from the blockchain. This reliance on blockchain data improves resistance of the network,
to ASIC and FPGA attack.
The algorithms reliance on stored blockchain data also put NERVA at the forefront
of resistance to rented hash services like NiceHash and Mining Rig Rentals, which
also makes NERVA the best available coin for resisting 51% attacks
that have compromised the integrity of many blockchains before. NERVA is a coin you
can have total confidence in as a method of payment and as store of wealth in the
short or long term.
The other talking point of NERVA is the rapid coin emission, with all coins due to
be emitted within 3 years of the genesis block. But why? Monero and it's fork coins
(of which NERVA is one)
rely on the principle of the 'tail emission' after the last of the coins are
emitted. A flat block reward that is aimed to replace lost coins and keep miners
incentivised. But does it work?
Well no one actually knows. No Cryptonight POW blockchain has come to the end of its
work. NERVA is going to do that before any other. NERVA will be the project that
other
projects look to for answers and an example of how to manage that transition. So by
being a part of NERVA, you are getting into a project that will have the world's
attention on it in a couple of years.
Overall, NERVA defies the conventional wisdom of crypto and challenges people to
think differently about how cryptocurrency is mined and traded and how blockchains
are secured now and into the future.
3
A simple use case
Our use case is simple. To provide a stable blockchain with fast, low fee transfers
usable by anyone with a straightforward, no nonsense interface.
To provide the tools and resources to assist developers to integrate NERVA into
their systems and use NERVA as an alternate payment method. Read More
One person, or even one community as passionate as ours can't really change the
world. But we can take the first steps.
We provide tools and assistance to anyone who wants to help us revolutionise the way
people shop online and the currency they use to pay for goods and services.
Our WooCommerce plugin allows you to accept NERVA on your ecommerce site, just like
PayPal or credit cards. Our API's allow you to integrate NERVA
into your next ecommerce or analytics site. Maybe you'd like to make a new online
game and use NERVA as an in game currency. The possibilities are endless.
And when you base your next development on NERVA, or accept it as payment on your
store, you're basing it on a fast paced, extremely decentralized and stable
blockchain.
But what about if you're not a developer? Don't worry, we've got you covered. We
have very active development on multiple fronts,
creating more and more ways for you to trade and use NERVA. We are actively seeking
additional exchanges to list on to expand your
choices for buying and selling NERVA and actively working on bringing you great ways
to spend those coins you mine and buy.
Node Map
Nerva is decentralized due to its pool resistance and CPU-only mining. It is extremely resistant to 51% attacks because each miner operates full node. 1 CPU = 1 VOTE as Satoshi mentioned in his whitepaper.
Nerva's Roadmap
2026
Q2 / 2026
Software Development
Enhance Core Software and Services
Research and evaluate core software updates aligned with Nerva's long term goals. Begin development on new releases and continue improving existing Nerva services and infrastructure.
Q1 / 2026
Community Growth
Expand and Strengthen the Community
Launch a new Nerva subreddit and continue growing the broader community through engagement, education, and outreach initiatives.
Q1 / 2026
Exchange Expansion
Pursue New Exchange Listings
Following the 2025 delistings from XeggeX and TradeOgre, prioritize securing new exchange listings to improve liquidity, accessibility, and market resilience.
2025
Q1 / 2025
Grow Nerva's X Presence
Continue grinding on X and growing Nerva's account.
2024
Q4 / 2024
Release NervaOne Mobile
*** This was put on hold for now because growing our community was higher priority.
Develop, test and release working version of NervaOne Mobile before the end of 2024.
Q3 / 2024
Start working on phase 2 of NervaOne
NervaOne Desktop was developed and it replaced Nerva's old GUI. It's an open-source, non-custodial, multi-coin wallet and miner that currently supports $XNV, $XMR, $WOW and $DASH.
Start working on phase 2: mobile wallet that connects to your NervaOne Desktop to provide mobile wallet functionaity without the need to trust 3rd party.
Q2 / 2024
Create new GUI application
Our desktop application is build using no longer supported dotnet 5 technology and some people are having issues running it, especially on Linux and Mac.
Create new, slick looking desktop application that will run on Windows, Linux and Mac.
Q2 / 2024
Pursue more exchange listings
Try to get listed on 3rd exchange or a DEX.
Q1 / 2024
Grow Nerva's community
Continue building Nerva's community by engaging with current users and trying to attract new users.
Start doing more giveaways.
Continue sharing Nerva's vision of privacy and security.
Try to help make crypto more accessible to everybody.
2023
Q4 / 2023
Get listed on 2nd exchange
Get Nerva in front of new users by allowing them to trade on another exchange.
Q4 / 2023
Build X (Twitter) presence
Reach new users by sharing posts related to crypto, privacy and mining on X (Twitter), expanding Nerva's presence and user awareness.
Q2 / 2023
Mobile and Web Wallet
Nerva was added to DogeCash App, a custodial mobile and web wallet service. It's available in Google Play Store and Apple App Store.
2022
Q1 / 2022
Desktop Wallet Improvements
Desktop wallet (GUI) got stability improvements and one click miner button was added.
2021
Q4 / 2021
XNV Treasury Buybacks
Continue the XNV Treasury buyback via Tradeogre. 100100 Coins are currently in the Treasury Wallet.
Q4 / 2021
Rebrand to a New Domain
Set up Nerva services on nerva.one domain, release new version of Nerva software and update outside links.
Q4 / 2021
Bitbucket to Github Migration
Migrate the Nerva Bitbucket repository to Github making it accessible to more developers.
To check a paper wallets balance you have to restore the wallet: Restoring a wallet There is no way to check a balance offline because nerva is a privacy coin.
There will be around 18.5 million coins issued before "tail emission" occurs, which is a small 1% annual inflation to keep miners incentivized, replace lost coins and provide future liquidity.
NervaOne Wallet and Miner, version 0.8.5.0 has just been released.
New functionality includes the ability to run as wallet only by connecting to remote node and Net Hash Threshold. It also includes some bug fixes and other minor improvements.
This is a .NET runtime exception (0xe0434352 = CLR exception code) that surfaces as an unhandled crash at process startup, before the application window even opens. The root cause is not a bug in NervaOne itself — it is a dependency change introduced in Avalonia 12.
Avalonia 12 upgraded its rendering backend from SkiaSharp 2.x to SkiaSharp 3.119+. This new version of SkiaSharp dropped support for DirectX 11 and now requires DirectX 12 as its Windows rendering backend.
DirectX 12 requires Windows 10 (version 1507 or later) at minimum. Any system running an older version of Windows does not have DirectX 12 and cannot load the SkiaSharp native library. The result is a hard crash at startup — no fallback, no error message, just APPCRASH.
The Avalonia team is aware of this. The issue was reported on GitHub (avaloniaui/Avalonia #20710) and was officially closed as “by-design.” There is no planned fix. Avalonia 12’s minimum supported platform on Windows is Windows 10 build 19045 (22H2).
Any Windows version that shipped before DirectX 12 is affected. This includes:
Operating System
DirectX Version
Affected?
Windows Server 2012 R2
DirectX 11.1
YES – crashes
Windows Server 2012
DirectX 11.0
YES – crashes
Windows 8.1
DirectX 11.1
YES – crashes
Windows 8
DirectX 11.0
YES – crashes
Windows 7
DirectX 11.0
YES – crashes
Windows Server 2008 R2
DirectX 11.0
YES – crashes
Windows Server 2008
DirectX 10.1
YES – crashes
Windows 10 early builds (pre-1507)
DirectX 11.3
YES – crashes
Windows 10 (1507 / build 10240+)
DirectX 12
Works
Windows Server 2016 and later
DirectX 12
Works
Android
Avalonia 12 also drops older Android support. The officially supported Android tier now requires Android 12 (API level 31) or higher. Devices running Android 8, 9, 10, or 11 may encounter rendering issues or crashes.
Linux
Linux systems without Vulkan support or with very old Mesa drivers may also experience startup failures under Avalonia 12’s new rendering stack.
What We Observed
We confirmed this after trying to run NervaOne on VPS servers with Windows Server 2012 R2. The crash is 100% reproducible:
NervaOne built with Avalonia 11.3.14 -> starts and runs correctly
NervaOne built with Avalonia 12.0.x -> crashes immediately on startup
What NervaOne is Doing
NervaOne will NOT be upgrading to Avalonia 12.
We are staying on Avalonia 11.3.14 (the latest 11.x patch release) to maintain compatibility with:
Windows Server 2012 R2 and older Windows Server editions
Windows 8.1 and earlier
Older Android devices (Android 8+)
Low-end VPS environments
We take compatibility seriously. Many Nerva users run NervaOne on modest hardware and server environments, and we do not want an upstream rendering dependency to silently break the app for those users.
We will revisit the Avalonia 12 upgrade path if the team introduces a software fallback renderer for DirectX 11 systems. Until then, Avalonia 11.3.14 is stable and fully functional for our needs.
No actual code for potential HF14 and HF15 yet. Just a plan for now.
Conversation with AI agent:
Can you look at the privacy setting that Nerva currently offers and compare it to Monero?
Let me explore the codebase to understand Nerva’s privacy implementation.
Agent: Nerva vs Monero privacy feature analysis
Analyze the Nerva cryptocurrency codebase at d:\Code\Crypto\Nerva\nerva for privacy features. I need a thorough comparison vs Monero. Specifically look for:
1. RingCT implementation β what ring size is used? Where is it configured? (look in cryptonote_config.h, src/ringct/, any MIN_MIXIN or ring size constants)
1. Ring size: 5 vs 16 Nerva’s DEFAULT_MIXIN = 4 gives ring size 5. Monero upgraded to ring size 16 in 2022. A larger ring makes statistical decoy analysis harder β with ring size 5, tracing heuristics are significantly more effective.
2. MLSAG instead of CLSAG Nerva still uses the older MLSAG signature scheme. Monero migrated to CLSAG (Concise Linkable Spontaneous Anonymous Group) in October 2020. CLSAG reduces tx size by ~25% and is considered more efficient, but both provide the same theoretical privacy guarantee.
3. Bulletproofs v2 instead of Bulletproofs+ Monero upgraded to Bulletproofs+ in August 2022, which are ~5β7% faster to verify and ~6% smaller. Nerva is on the older v2.
4. No Triptych / Seraphis roadmap features Monero is working toward Seraphis/Jamtis which would further increase ring sizes and improve privacy. Nerva has no equivalent research effort.
Bottom Line
Nerva’s privacy model is solid but dated β roughly equivalent to Monero circa 2020. The stealth address + RingCT + Dandelion++ foundation is sound. The practical weaknesses are the small ring size (5) and MLSAG vs CLSAG. These are the highest-leverage improvements if you wanted to close the gap with Monero’s current privacy posture.
What changes would you make to update/improve Nerva’s privacy?
Three changes, ranked by impact:
1. Ring size 5 β 16 (highest priority) This is the single biggest practical privacy improvement. Small rings are vulnerable to EAE (Eve-Alice-Eve) tracing and chain-reaction deanonymization. Monero’s analysis showed ring size 11+ breaks most known heuristics; they settled on 16. The cost is ~3x larger ring signature data per tx, which increases blockchain growth rate and sync time β already a concern for Nerva given the post-930k slowdown.
2. MLSAG β CLSAG Well-proven migration β Monero did it in October 2020, the code is battle-tested. You’d get ~25% smaller ring signatures and faster verification. This partially offsets the size increase from a larger ring. The implementation effort is moderate: the Monero CLSAG code could be backported directly since Nerva is a fork.
3. Bulletproofs+ (replacing v2) Smallest gain of the three β roughly 6% smaller range proofs, 5β7% faster verification. Worth doing if you’re already touching the ringct layer for CLSAG, since it’s a contained change with no protocol-level downside.
The natural order would be: CLSAG + Bulletproofs+ together (they touch the same layer), then ring size increase as a separate hardfork since it has the largest chain-size impact and needs its own performance analysis against Nerva’s already-slow sync.
Want me to sketch out what the implementation would look like, or discuss the sync impact first?
Sketch out the implementation.
Good β CLSAG doesn’t exist in this codebase at all, which means it’s a full backport, not a modification. Here’s the complete implementation sketch:
Implementation Plan: 3 Privacy Upgrades
Overview
These are delivered as two sequential hardforks to keep each change isolated and auditable:
HF14 β CLSAG + Bulletproofs+
HF15 β Ring size 16 (separate fork because it has chain-size implications that deserve independent community discussion)
Change 1: CLSAG (replaces MLSAG for new transactions)
CLSAG doesn’t exist here. The full implementation lives in Monero’s src/ringct/clsag.h and clsag.cpp as of their October 2020 hardfork. This is a direct file copy + wiring job.
New files to add:
src/ringct/clsag.hsrc/ringct/clsag.cpp
The Monero implementation exports four functions β these are exactly what you’d copy:
Add the clsag struct serialization and wire proveRctCLSAGSimple / verRctCLSAGSimple into the existing genRctSimple / verRctNonSemanticsSimple dispatch:
// In genRctSimple β add CLSAG branchif (rct_config.clsag) {rv.p.CLSAGs.push_back(proveRctCLSAGSimple(...));} else {rv.p.MGs.push_back(MLSAG_Gen(...));}// In verRctNonSemanticsSimple β add CLSAG branch if (rv.type == RCTTypeCLSAG) {return verRctCLSAGSimple(message, rv.p.CLSAGs[i], rv.mixRing[i], ...);}
src/ringct/rctTypes.h: Add the BulletproofPlus struct (structurally similar to Bulletproof but with different field counts β copy exactly from Monero).
if (hf_version >= HF15_VERSION) {if (key_offsets.size() < DEFAULT_RINGSIZE_HF15) {MERROR_VER("Ring size too small for HF15: " << key_offsets.size());return false;}}
The natural order is to do CLSAG and Bulletproofs+ together as one PR (they activate at the same hardfork and both touch rctSigs), then ring size as a follow-on.
Want me to implement this?
Yesterday, you did CryptoNight-NX algo change to make Nerva’s algo more ASIC/GPU resistant. Where would you put that in the hard forks?
It’s already slotted as HF13 from the previous session β the hardfork table in src/cryptonote_config.h has {13, 1100000} as a placeholder.
The full sequence would be:
HF
Change
Height
HF12
Last existing Nerva fork
~930,000
HF13
CryptoNight-NX (ASIC/GPU resistance)
1,100,000 (placeholder)
HF14
CLSAG + Bulletproofs+ (privacy upgrade)
TBD
HF15
Ring size 16 (anonymity set)
TBD
The ordering makes sense for two reasons: mining algorithm changes should stabilize before touching the transaction signing layer, and CLSAG needs to be live before increasing ring size so the larger rings don’t make tx size even worse with MLSAG.
The 1,100,000 height for HF13 is still a placeholder β you’d want to confirm what the current chain height is and give the community enough lead time (typically 2-4 weeks) before setting it in stone.
Let me explore the codebase to find the pool resistance mechanisms.
Agent:Explore pool resistance mechanisms
In the Nerva cryptocurrency project at d:\Code\Crypto\Nerva\nerva, find all code and documentation related to mining pool resistance. Look for: solo mining enforcement, pool detection/blocking, algorithm design choices that prevent pooled mining (e.g. "one-cpu-one-vote", Cryptonight variants, DAA), any consensus rules or protocol-level restrictions against pools, and relevant comments or config. Search for terms like "pool", "solo", "asic", "RandomX", "CryptonightR", "one-cpu", "pool-resistant", "stratum". Report what you find with file paths and line numbers. Thoroughness: very thorough.
Nerva’s pool resistance operates on multiple layers:
How Nerva is Mining Pool Resistant
1. Architectural Requirement (the core mechanism)
Each miner must hold a full copy of the blockchain. Traditional mining pools work by distributing work to miners who don’t run full nodes β Nerva’s PoW algorithm pulls parameters directly from blockchain data, so you can’t participate in mining without a full node. This makes the typical “pool server hands out work, collects shares” model architecturally impossible.
The CryptoNight variants use per-block randomized parameters derived from block height, nonce, and blockchain history:
v10Β (tx_utils.cpp:727-766): Mersenne Twister PRNG seeded from blockchain data produces randomized block sizes and 4 parameters (xx,Β yy,Β zz,Β ww) per block
v11+Β (tx_utils.cpp:687-725): HC128 stream cipher seeded from the blob hash drives per-block scratchpad layout
Height-dependent iteration count:Β (height + 1) % 64Β varies work per block β a pool can’t pre-compute or batch this
3. Memory-Hard Scratchpad
src/crypto/hash-ops.h:91-93 defines a 1 MB scratchpad (CN_SCRATCHPAD_MEMORY = 1048576). The sequential AES operations over this scratchpad:
Prevent efficient GPU parallelization (each thread needs 1 MB of fast cache)
Prevent ASIC optimization
Favor standard CPUs with AES-NI
4. No Stratum / Pool Protocol
There is simply no Stratum server or pool share-accounting code anywhere in the codebase. The miner (src/cryptonote_basic/miner.cpp) supports only solo mining with an optional donation percentage β no multi-miner address aggregation.
5. Stated Design Intent
README.md:18-22 explicitly: “Each miner requires a copy of the blockchain, hence there is no support for pool mining.” This is enforced at the protocol level, not just policy.
In short: It’s not just a rule against pools β the PoW algorithm physically requires blockchain data that only a full node has, making pool-style work distribution impossible without each “pool member” running a full node (at which point they’re just solo mining anyway).
How does this compare to Monero’s RandomX algo?
This is a good comparison to make β the two algorithms share goals (CPU-friendly, ASIC/GPU-resistant) but take fundamentally different approaches.
Nerva CryptoNight Variants vs. Monero RandomX
Core Design Philosophy
Nerva (CryptoNight v9βv12)
Monero (RandomX)
Approach
Fixed AES scratchpad + randomized parameters
Random program execution in a VM
Scratchpad
1 MB
2 GB dataset / 256 MB scratchpad (fast mode)
Pool-compatible
No β requires full blockchain DB
Yes β Monero has pools
Blockchain dependency
Yes β parameters pulled from chain DB
No β seeded from block template hash only
ASIC resistance
Per-block parameter randomization
Random instruction mix defeats fixed circuits
GPU resistance
Sequential AES, 1 MB cache per thread
Branch-heavy random programs defeat SIMD
How RandomX Works (the key difference)
RandomX generates a random program (roughly 256 instructions) from a seed derived from the block template hash, then JIT-compiles and executes it in a sandboxed VM. The 2 GB dataset is computed from the seed and kept in RAM; the 256 MB scratchpad is what each hash uses actively.
Critically: the seed is just the block hash prefix β no blockchain DB access required. A pool server can generate valid work units and hand them to miners who never touch the chain. This is why Monero has thriving pools.
How Nerva Differs
Nerva’s resistance is architectural rather than algorithmic:
v11+ algorithm callsΒ db.get_cna_v2_data()Β andΒ db.get_cna_v5_data()Β (src/cryptonote_core/cryptonote_tx_utils.cpp:696-708) β these pull salt data from the live blockchain database, not just the block header
A pool serverΒ cannotΒ generate these parameters without running a full node, and if it does run a full node, each “pool member” still needs chain access to verify and submit β functionally collapsing back to solo mining
RandomX doesn’t have this property at all. It’s designed to be efficiently verifiable (light mode uses 256 MB) and distributable.
Trade-offs
RandomX is stronger as an ASIC/GPU deterrent β the 2 GB memory requirement and random program execution are much harder to optimize in hardware than Nerva’s 1 MB AES scratchpad. GPU farms can mine Nerva with some efficiency loss; RandomX’s branch-heavy random code punishes GPUs far more severely.
Nerva is stronger as a pool deterrent β RandomX does nothing to prevent pools; Nerva’s blockchain-data dependency makes pools architecturally impossible without each participant running a full node.
Nerva’s 1 MB scratchpad is a notable weakness relative to RandomX. The smaller scratchpad means modern CPUs with large L2/L3 caches handle it easily, but GPUs with high bandwidth and many cores can still parallelize it more than RandomX allows.
Summary
RandomX solves “how do we keep ASICs and GPUs out?” better. Nerva solves “how do we keep pools out?” in a way RandomX never attempted. They’re complementary approaches to different problems β Nerva sacrifices pool-compatibility resistance for pool impossibility, at the cost of a less aggressive memory footprint than RandomX.
What would you change to make Nerva’s algo more ASIC/GPU resistant?
The single highest-impact change would be dramatically increasing the scratchpad size β from 1 MB to something in the 4β8 MB range. GPUs parallelize by running thousands of threads simultaneously; each thread needs its own scratchpad, so a larger scratchpad multiplies VRAM consumption per-thread and kills GPU occupancy. The trade-off is that it also hurts low-end CPUs (older laptops, small caches), which conflicts with Nerva’s accessibility goal of “mine on your CPU.”
The second change I’d make is adding random program execution on top of the existing chain-data dependency β essentially a hybrid: keep the blockchain-DB seeding (which preserves pool resistance), but replace the fixed AES scratchpad loop with a RandomX-style JIT-compiled random program seeded from that chain data. Fixed instruction sequences, even with randomized parameters, are still vulnerable to custom silicon; truly random code execution makes ASIC design economically infeasible because the circuit has to be general-purpose. The cost is implementation complexity and a larger attack surface in the VM/JIT layer.
The combination β large scratchpad + random programs seeded from chain data β would give you RandomX-level ASIC/GPU resistance while preserving Nerva’s unique pool-resistance property that RandomX doesn’t have. Want me to sketch out what a hybrid implementation would look like in the codebase?
Sure, sketch it out.
Good β I have a clear picture of the full stack. Here’s the sketch:
The idea is to keep Nerva’s chain-data seeding (pool resistance) and bolt on a RandomX-style random program loop in place of the fixed AES scratchpad body. Call it CryptoNight-NX (“NX” = Nerva + eXecution).
Layer 1 β Seed Construction (unchanged, keeps pool resistance)
// In get_block_longhash_v13()uint64_t stable_height = height - 256;// Pull chain-rooted salt β requires full blockchain DB (pool resistance)db.get_cna_v2_data(&context->random_values, stable_height, CN_SCRATCHPAD_MEMORY);db.get_cna_v5_data(context->salt, &rng_state, stable_height);// Per-nonce seed: blob hash XOR'd with chain saltcrypto::hash blob_hash;get_blob_hash(blob, blob_hash);// XOR blob_hash with first 32 bytes of chain salt -> unique seed per nonce+heightuint8_t seed[32];for (int i = 0; i < 32; i++)seed[i] = blob_hash.data[i] ^ context->salt[i];
The seed is now height-rooted (chain data) and nonce-rooted (blob hash). A pool server without a full node cannot compute it.
Layer 2 β Program Generation (new, ASIC/GPU resistance)
Add a lightweight VM that generates a random program from the seed. This lives in a new file src/crypto/cnx_vm.h:
CNX_OP_CBRANCHΒ β conditional branches cause GPU warp divergence; different threads in a warp take different paths, serializing execution and killing throughput
The cn_hash_context_t in hash-ops.h:113-124 already heap-allocates the scratchpad, so increasing its size for v13 contexts is straightforward.
What This Buys You
Threat
v11 defense
v13 defense
GPU farms
1 MB per thread (weak)
4 MB + branch divergence (strong)
ASIC
Randomized AES params
Truly random instruction mix
Pools
Chain DB dependency
Unchanged β still pool-impossible
FPGAs
Fixed AES circuit
Variable program defeats fixed logic
Verification cost
Same as mining
Same as mining (no light mode needed β no pools anyway)
Biggest Risk
The VM execution in cnx_execute must be deterministic across all platforms and compilers β any UB or platform-specific behavior breaks consensus. The existing cn_slow_hash.c is careful about this (packed structs, explicit integer widths). cnx_vm.h needs the same discipline. I’d write it in pure C with no floats, no UB, and explicit uint64_t everywhere.
Want me to start implementing any of the layers?
Can you create a new branch under my repository: https://github.com/R0BC0D3R/nerva And make the 4 layer implementation that you outlined above? Let’s see what you got.
Branch is live at https://github.com/R0BC0D3R/nerva. Here’s what landed:
What’s in feat/cryptonight-nx (1 commit, 529 lines)
The sandbox blocked make release-static-win64 -j4 (no linker available in this environment), so run that yourself from your MSYS2 terminal to verify it compiles clean. The activation height 1100000 is a placeholder β you’ll want to set a real target before any testnet deployment.
