Yes, Merit believes whole-heartedly in the power of simplicity and making digital currency approachable to non-technical users. But that doesn’t mean that we don’t take the underpinning technology seriously. In fact, the most elegant and usable solutions are often the most challenging to build. From our approach to mining to our upcoming roadmap features, this section of the site covers the technical thinking behind some of the core concepts in Merit. If you’d like to learn more about the reasoning behind our core decisions, check out the Why Merit section of the site.


The Merit approach to mining is one of its core innovations. As a refresher, the design goals with the Merit mining system are as follows:

A more level playing field
Instead of favoring the financial and technical elite, Merit strives to allow people from any background to benefit.

Better for the planet
Instead of utilizing huge amount of power and producing large amount of heat, Merit strives to be just as secure while running cool and on less power.

Instead of requiring users to have a personal computer, Merit strives to be truly accessible to all users worldwide, including those that only have smartphones.

To accomplish this, the Merit team invented Growth Mining. This new concept redefines how mining happens in a network: instead of only focusing on security, Merit mining covers both security and stewardship of the network. (For additional information around mining, read our Mining Primer here.)

To do this well, Merit considered a number of possible solutions.

Getting The Merit Core Client

Select your operating system and download the Merit Core Client.

Download the Wallet. The latest installer for the Mac wallet can be found here: Download Latest.

Copy to Applications. Simply copy the Merit Core applications to your applications folder.

Authorize the Application to Run.Merit is still waiting for approval from Apple to be listed in the Apple desktop App Store. Until approved, the Merit wallet is technically a self-published app, which requires explicit approval to run.

Enter an Invite Code. Enter the invitation code provided to you by a friend, contact, or colleague.

Wait until Confirmed. The friend who invited you must confirm the invitation. Feel free to nudge them.

Get Going. You are in! Now you can start to send, share, and even mine Merit!

Download the Wallet. The latest installer for the Windows wallet can be found here: Download Latest.

Run the Installer. Simply double-click the installer, and follow the on-screen instructions.

Launch Merit Core. Just double-click Merit Core to launch it.

Enter an Invite Code. Enter the invitation code provided to you by a friend, contact, or colleague.

Wait until Confirmed. The friend who invited you must confirm the invitation. Feel free to nudge them.

Get Going. You are in! Now you can start to send, share, and even mine Merit!

Download the latest Source. The latest source code can be found here: Download Latest Source.

Compile from Source. Compile for your flavor of linux following the instructions here.

Launch Merit Core. Just double-click Merit Core to launch it.

Enter an Invite Code. Enter the invitation code provided to you by a friend, contact, or colleague.

Wait until Confirmed. The friend who invited you must confirm the invitation. Feel free to nudge them.

Get Going. You are in! Now you can start to send, share, and even mine Merit!


First, the Merit team considered changing the consensus algorithm. This is the algorithm used by all the nodes on the network to choose to the winner of the ‘block generation’ award known as a Coinbase. (Different than the wallet/exchange provider with the same name.) The most common consensus-algorithm today is known as Proof-of-Work (PoW), which was introduced originally by Hashcash and later popularized by Bitcoin.

Proof-of-work involves all of the nodes on the network working to solve a computational puzzle. The difficulty of this computational exercise varies over time, and scales in proportion to the total compute power on the network at any given time. The first node to find a valid solution to this mathematical challenge earns the right to create the next block and earn the mining reward for it. This PoW approach helps to secure the blockchain by making it computationally expensive to falsify data. Furthermore, the more miners there are on the network, the lower the probability is that any one miner will win. Without being able to reliably win, a bad actor attempting to falsify data would be hard-pressed to meaningfully gain an advantage in the system.

There are a number of competing consensus algorithms adopted by other currencies, with the next most popular being Proof-of-Stake (PoS). Proof-of-Stake does not rely on computational puzzles to choose the creator of the next block. Instead, this node is chosen by a combination of their total wealth (in the form of the currency) and the amount of time they have held it. (Also known as Coin Age.)

The positives with Proof-of-Stake are largely related to it being less CPU-intensive, and thereby less power-hungry and better for the planet. The negatives are related to security and the vulnerabilities it creates on the blockchain. Because there is no technical cost to falsifying the data (like there is with Proof-of-Work), it is possible that a bad actor (with a large stake) could meaningfully impact the system negatively, even if they are economically incentivized not to do so.

Merit created a new approach to distributed consensus called Proof-of-Growth (PoG). Proof-of-Growth operated with similarities to Proof-of-Stake, but didn’t simply reward people for their own wealth. It instead, takes into account a nodes impact in growing the network through bringing in new members to the community. In essence, it considers not only the amount of Merit a user has, but also the Merit that they have helped to bring into the network by inviting new members.


Digging deeply into changing the consensus algorithm yielded a number of significant challenges. First and foremost, the risks to security felt less than ideal. While it is true that users in PoS and PoG systems have an economic incentive not to hurt the currency, the notion of it being easier to attack the system was unacceptable to the Merit team. Relying on a bad actor to have rational motivations did not feel like enough. Further, a bad actor might be able to compromise the account of a good actor, and therefore gain a possible foothold from which to attack the network.

Perhaps the biggest criticism of Proof-of-Stake (and transitively, Proof-of-Growth), is the nothing-at-stake problem. This problem manifests when nodes in the system break into multiple factions, creating what is known as a “fork” of the blockchain. Typically, these forks exist temporarily until all the nodes reach consensus that one is more accurate and valid than the other. From an incentives point-of-view, miners have the highest expected value if they mine on both forks of a chain. This way, they will earn the reward no matter which fork wins out in the end. Because there is no computational cost in mining both chains, economically-interested miners could unknowingly perpetuate false data without knowing it.

Further, because there is no significant computational cost to create blocks in PoS systems, there are other possible vulnerabilities. Malicious actors could generate a chain of blocks that is far ahead of the current block height (by millions of blocks, even). Without proper safegaurds in place, the other nodes may go along with this being the longest valid chain. While proponents of PoS algorithms argue that the chance of attack in these systems is still very small, any level of additional risk over PoW was concerning to the Merit team.

Finally, Proof-of-Growth could have fuzzy consensus problems, especially in extreme race conditions. Because PoG goes much further than simply taking into account one members coin-age, deciding on who should create the next block can get tricky when large amounts of Merit are moved from account to another. Say, for example, that one user sends 1,000,000 MRT from one account (referred by Miner A) to another account (referred by Miner B), if that transaction has not yet propagated to all nodes on the network, they may disagree about which Miner has the right to create the block.

Merit created a proof-of-concept of the Proof-of-Growth algorithm. The early simulations, testing, and discourse within the team, led us to strive for a better approach. We plan to open-source the proof-of-concept and early simulations in the near-future


After building more than one prototype, running simulations, and thinking critically about how to construct a fair system, the Merit team found that the most robust solution would be to combine the power of Proof-of-Work with a robust mechanism of rewarding ambassadors for growing the network. The driving principle here was the notion that we do not need to compromise security in order to provide better incentives than PoW mining does.

The secret here is to continue to use Proof-of-Work as the standard for high-security and scalability, while changing the way that rewards get distributed in each block.


The power of this approach is that Merit can reward those who are most impactful to the growth of the network while maintaining an inclusive reward ecosystem. The key here is to understand that PoS and PoW fundamentally incentivize different things. PoW is incentivizing users to get as much compute power as they can, which helps to make the network more secure and resilient to attacks. PoS, on the other hand, incentivizes users to buy as much of the currency as they can and hold it.

Either approach could make a credible argument that its incentive system is better for the overall community. Merit believes that, ultimately, both of these core sets of incentives is good for the community. Any good ecosystem wants to have both very high-security as well as stewards who help make the community better through their actions. One should not come at the expense of the other.


As a result, only the wealthiest will earn the large mining reward. The obvious challenge with this approach is the dynamic of the rich getting richer. The compound effect here is that the wealthiest people can simply pull away from the pack, making it very difficult for regular members of community to earn any kind of reward.

The Merit approach works to incentivize both security and stewardship, all while rewarding more users in the process and making the playing field more level. With Merit, the creator of the each block is chosen based on finding the winning solution to a cryptographic puzzle (Proof-of-Work). The cryptographic puzzle is based on an innovative algorithm that is more friendly to users with normal PCs, instead of favoring those with large data centers and application specific hardware. The mining reward is split between the miner and selected ambassadors, allowing many people to earn a reward each block.

Ambassadors are chosen based on who has helped to grow the Merit network the most. This selection is done as a lottery each period, with the most impactful ambassadors essentially earning more tickets to the lottery. As of today, there are five winning ambassadors each period. This lottery-based approach helps to provide great community-focused incentives, while still ensuring that even modest growth activity is rewarded.


The power of utilizing proof-of-work is that Merit never sacrifices safety in order to create these powerful new rewards.

Whereas in Proof-of-Stake, the winner of the block is chosen by their amount and age of wealth (stake), Merit chooses the creator of the block based on winning the cryptographic puzzle through Proof-of-Work. As such, Merit gets to enjoy the most powerful approach to securing a blockchain today, while rewarding stewardship and growth of the community.

Perhaps what is most exciting about this innovative approach to mining is that it lays a foundation for even more powerful incentives. Because the Merit network is invite-only, and the blockchain keeps track of each users invites, the positive impact of each member is known to the others in the community. The Merit protocol can be hardened further by potentially utilizing this information to break ties or resolve disputes about valid chains, adding an even more significant layer of security atop the already robust PoW approach.


Not only does Merit innovate by incentivizing both traditional miners securing the network as well as ambassadors who help to grow the network, it innovates in the way that work is proven by security-focused miners.

It uses the Cuckoo Cycle as its Proof-of-Work algorithm. Cuckoo powerfully combines a memory-bound algorithm with graph-theoretic Proof-of-Work. There are many benefits to being memory-bound, and perhaps chief among them is the impact on our planet. Unlike a CPU-bound algorithm that would require maxing out the capacity of a CPU, creating more heat and utilizing a lot of electricity, a memory-bound approach only requires enough compute power to saturate the memory of a machine. This results in less power consumption, less heat dissipation, and more accessibility to individual miners who are not part of large corporate initiatives.

Perhaps the most powerful part of cuckoo is that it retains this memory-bound graph-theory approach, all while preserving high-speed verification. In other words, the graph-theoretic proofs take a significant amount of time to find, yet are verified nearly instantly by other peers on the network. This is perfectly suited to the Proof-of-Work use case.

CPU-bound approaches, which currently comprise the supermajority of PoW systems today, have seen a technological arms race in recent years. Top miners have build large data centers and have funded the production of super-powered application-specific chips for these intense computational exercises. These innovations, while increasing the total security of their respective PoW systems, come at the expense of individual miners without multimillion dollar budgets to procure this kind of hardware.

From a mathematical perspective, proofs take the form of a length 42 cycle in a bipartite graph with N nodes and N/2 edges, with N scalable from millions to billions and beyond. This makes verification trivial (and fast): compute the 42x2 edge endpoints with one initialising blake2b and 84 very cheap siphash-2-4 hashes, check that each endpoint occurs twice, and that you come back to the starting point only after traversing 42 edges. This happens to make Cuckoo Cycle, unlike Hashcash, relatively immune from Grover’s quantum search algorithm.

There has yet to be any kind of ASIC for a memory-bound Proof-of-Work approach. And, our hope is that such an ASIC would not yield a significant advantage over a normal system because commodity hardware is already quite well-suited for a memory-bound approach. This, combined with the power of growth mining, serves to create a more level playing field in the Merit ecosystem. Miners can earn Merit without a huge investment in hardware. And, in the case of ambassadors, no hardware is even required to earn rewards.

More about the Cuckoo cycle can be found at the open-source repository operated by its creator, John Tromp.


Safety is a critical pillar of the Merit community. To create a digital currency that is approachable by real people, Merit needs to provide non-experts with a way to keep their money safe. The primary challenge in accomplish this is the decentralized nature of digital currencies. The core design goals of the vaulting protocol are as follows:

Preserving the Power of Decentralization - The perceived safety that we’ve come to expect from traditional currencies and banks comes in the form of a central source of power that will make things right. While relying on a similar dynamic would have made vaulting easier-to-implement, it would have broken the integrity of a truly decentralized system.

Being Easy to Use - One of the most challenging things about cryptocurrency today is how difficult the best-practices of security and safety are to implement. Even for technical experts.

Practical, but Optional - One of the most freeing things about digital currencies is that they put the user back in control of their own money. Merit aims to preserve that freedom, while providing users with the ability to enhance their security if they choose to.

The Foundation for More - While vaults are a powerful security feature in their own right, they can be the foundation for so much more. Merit believes that many practical personal and business applications to currency can stem from the building blocks of Vaults.

To reach the above goals, Merit created a number of important innovations in its protocol. First and foremost is the creation of Vaults at the protocol level. Vaults are the building blocks to so much more; the Merit roadmap includes new concepts that push the boundaries of safety on the blockchain.


Get the Merit wallet and and become a part of the global currency community.




Merit is invite-only. You can apply for an invite below and get an answer from the Merit Community in less than 15 minutes.

- or -

Already have an invite? Get one of our easy-to-use wallets below!

Your download is starting...

Merit is Right Around the Corner

In just a few short steps, you will become an ambassador and pioneer of the world's friendliest digital currency.

Join the Community!

Need help or an invite? Join us in our public chats!

In your downloads folder, double-click on the installer and follow the instructions to install your wallet.

When the installation is complete, launch Merit Core by double clicking on the launcher icon.

Enter the invitation code provided to you by a friend, contact, or colleague. Don't have one? We can help.

Wait for your confirmation. The individual that invited you to Merit must confirm that invitation. Feel free to nudge them.

Woo! Now you can share, send, and mine Merit! Check out some of the advanced features here.