Topic: Do you think Bitcoin should modify to POW + POS ? █████ Poll █████ - page 5. (Read 7535 times)
January 06, 2015, 02:01:20 PM
Whatever we think it proves, the "still working on it" implication should be a clear signal that PoS is immature, and as such, why should the devs take the Karpeles approach ? ....
January 06, 2015, 01:51:47 PM
[Anyone interested in the discussion Jonald is trying to repeat can read the link above]
Tl:dr
Thread states A and B.
Jonald says "see, it says A"
You say "It also says B"
Jonald "It clearly says A"
You "It says A and it says B"
Jonald "In plain english, it says A"...
And you can go around in circes until you're blue in the face. Then repeat yourself a few weeks later
Jonald, you are misrepresenting what the authors are saying by excluding what you don't like.
I refer you to the thread above in response to you next post
I am tired.
Tl:dr
Thread states A and B.
Jonald says "see, it says A"
You say "It also says B"
Jonald "It clearly says A"
You "It says A and it says B"
Jonald "In plain english, it says A"...
And you can go around in circes until you're blue in the face. Then repeat yourself a few weeks later
Jonald, you are misrepresenting what the authors are saying by excluding what you don't like.I refer you to the thread above in response to you next post
I am tired. legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
January 06, 2015, 01:38:20 PM
You're repeating yourself.
That's true.
Quote
Your misrepresentation has been debunked once.
No, it hasn't.
Cool story bro
The paper says in plain English that Nothing at Stake is a problem
as I quoted above.
You can sit there and say "nuh uh" till you're blue in the face
for all I care. Anyone can read the paper and make their own
judgement.
January 06, 2015, 01:32:19 PM
You're repeating yourself.
That's true.
Quote
Your misrepresentation has been debunked once.
No, it hasn't.
Cool story bro
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
January 06, 2015, 01:26:24 PM
You're repeating yourself.
That's true.
Quote
Your misrepresentation has been debunked once.
No, it hasn't.
January 06, 2015, 01:20:59 PM
You're repeating yourself. Your misrepresentation has been debunked once.
Actually, the td;dr version is:
- multibranch forging gives measurable possibility to earn more fees. I guess Nxt should not ignore it in long-term as the profitable activity will be implemented by somebody sooner or later
- there's no long-range attack against a blockchain V. Buterin described, only short-range. The short-range attack doesn't allow double-spending but gives multibranching forger possibility to earn more fees in singlebranch environment by producing few blocks in a row. However producing few blocks in a row could be an issue too (e.g. evil forger may postpones orders submissions etc) but not critical at the moment.
- not explicitly stated in the paper but easily derived, a long delay between blocks not only annoying but also a security problem as it's the moment for short-range attack could happens
- we have formally defined nothing-at-stake attack(again, using Buterin's informal definition) and made initial simulations. We haven't included their results in paper as they are seems to be too raw, but I can reveal them here: N@S attack could happens only in short-range, e.g. for within 20 blocks for 10% stake, so with 30 confirmations we haven't observed the successful attack. Also please note the attack has pretty unpredictable nature for attacker, so he can hardly enforce it, even in theory(in practice it's even harder to get it done properly). The correlation with stake size is still the open question, but it's nearly impossible to attack a proof-of-stake currency with "1% stake even" as stated by Buterin
So yes, there máy be problems with certain forms of N@S, and that needs to be researched. Research means keeping an open mind, not cherrypicking and taking out the last sentence and twisting it to mean what you want to mean.
They do nót say "Nothing at stake is a real problem that hasn't been solved." They say "We have made a simulation that produces a N@S as described and we are going to find out what it does."
You have seen the paper but it is still obvious you haven't read it.
There is a fourth paper being written with the results, as jonald well knows. The authors aren't worried about N@S being a problem.
I don't have the time/energy to fully digest what the paper
is saying, but the conclusions of the author seem to say that
Nothing at stake is a real problem that hasn't been solved.
is saying, but the conclusions of the author seem to say that
Nothing at stake is a real problem that hasn't been solved.
Quote
As we have all the algorithms developed to simulate N@S attack we
present result in the separate paper along with possible ways to resist it.
Giving some results now we present not the full picture of the problem. Fol-
lowing this section it is reasonable to get the impression that this problem
actually matters and we concentrate to possible solutions at the moment....
...The open question for the future work are: (1) the PoS consensus depen-
dence on the measure function (2) the ways to avoid N@S attack if any (3)
the optimal confirmation length investigation (4) the optimal multibranch
depth investigation.
present result in the separate paper along with possible ways to resist it.
Giving some results now we present not the full picture of the problem. Fol-
lowing this section it is reasonable to get the impression that this problem
actually matters and we concentrate to possible solutions at the moment....
...The open question for the future work are: (1) the PoS consensus depen-
dence on the measure function (2) the ways to avoid N@S attack if any (3)
the optimal confirmation length investigation (4) the optimal multibranch
depth investigation.
Actually, the td;dr version is:
- multibranch forging gives measurable possibility to earn more fees. I guess Nxt should not ignore it in long-term as the profitable activity will be implemented by somebody sooner or later
- there's no long-range attack against a blockchain V. Buterin described, only short-range. The short-range attack doesn't allow double-spending but gives multibranching forger possibility to earn more fees in singlebranch environment by producing few blocks in a row. However producing few blocks in a row could be an issue too (e.g. evil forger may postpones orders submissions etc) but not critical at the moment.
- not explicitly stated in the paper but easily derived, a long delay between blocks not only annoying but also a security problem as it's the moment for short-range attack could happens
- we have formally defined nothing-at-stake attack(again, using Buterin's informal definition) and made initial simulations. We haven't included their results in paper as they are seems to be too raw, but I can reveal them here: N@S attack could happens only in short-range, e.g. for within 20 blocks for 10% stake, so with 30 confirmations we haven't observed the successful attack. Also please note the attack has pretty unpredictable nature for attacker, so he can hardly enforce it, even in theory(in practice it's even harder to get it done properly). The correlation with stake size is still the open question, but it's nearly impossible to attack a proof-of-stake currency with "1% stake even" as stated by Buterin
So yes, there máy be problems with certain forms of N@S, and that needs to be researched. Research means keeping an open mind, not cherrypicking and taking out the last sentence and twisting it to mean what you want to mean.
They do nót say "Nothing at stake is a real problem that hasn't been solved." They say "We have made a simulation that produces a N@S as described and we are going to find out what it does."
You have seen the paper but it is still obvious you haven't read it.
There is a fourth paper being written with the results, as jonald well knows. The authors aren't worried about N@S being a problem.
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
January 06, 2015, 01:13:04 PM
Where is the proof POS is insecure that isn't argument from authority or strong belief?
Even Vitalik admits there is a fundamental flaw in PoS which is essentially
the nothing-at-stake issue, meaning anyone can attempt stake grinding
to extend the chain at essentially no cost. Vitalik's article on
"weak subjectivity" attempts to solve this issue by requiring minters
to post security deposits, but this doesn't really help because one
can still fake the deposit. It also opens another attack vector where
stake holders can start to block security deposits from others and monopolize
the network.
You only read papers that fit your agenda, and when they don't, you interpret them in a way that makes them fit. "Weak subjectivity" may indeed be necessary, but please go on: How would you grind stake for free? Your pos.pdf doesn't state any specifics, but this paper here uses hard math to state that long range attacks are not possible, and short range attacks are very hard (for Nxt) and the worst case is that the will delay blocks, or the attacker will get some fees:
https://nxtforum.org/consensus-research/the-paper-on-long-range-attack-nothing-at-stake
Vitalik talks about a time frame from where you receive funds to where you are able to mint/forge. How would you fake deposits?
I try to stay open minded. If something is good
and works, I would advocate it for Bitcoin.
I did advocate PoS at one point before I learned
more about it. I still advocate that PoW+PoS
would be a good thing for Bitcoin given the
right implementation.
I followed your link to the "multistrategy.pdf"
paper. I have seen this paper before.
Please note it says:
Quote
Following
this section it is reasonable to get the impression that this problem
actually matters
this section it is reasonable to get the impression that this problem
actually matters
(this problem = nothing at stake problem)
and:
Quote
The open question for the future work are... ...the ways to avoid N@S attack if any
Regarding the stake grinding attack, suppose you must
keep coins for 1000 blocks with a security deposit in
order to mint. You buy coins at block 1000, keep them
till block 2000, get your deposit back, and
sell them at block 2001, and then broadcast
a fake chain from block 2000.
January 06, 2015, 12:59:19 PM
Code does not lie.
10 Print "The sky is green not blue"
20 GOTO 10
Disproven, next.
January 06, 2015, 12:52:41 PM
PoS schemes to me roughly translate to trusting people not to lie, because they bribe them slightly not to.
Code does not lie.
January 06, 2015, 12:49:01 PM
Where is the proof POS is insecure that isn't argument from authority or strong belief?
Even Vitalik admits there is a fundamental flaw in PoS which is essentially
the nothing-at-stake issue, meaning anyone can attempt stake grinding
to extend the chain at essentially no cost. Vitalik's article on
"weak subjectivity" attempts to solve this issue by requiring minters
to post security deposits, but this doesn't really help because one
can still fake the deposit. It also opens another attack vector where
stake holders can start to block security deposits from others and monopolize
the network.
You only read papers that fit your agenda, and when they don't, you interpret them in a way that makes them fit. "Weak subjectivity" may indeed be necessary, but please go on: How would you grind stake for free? Your pos.pdf doesn't state any specifics, but this paper here uses hard math to state that long range attacks are not possible, and short range attacks are very hard (for Nxt) and the worst case is that the will delay blocks, or the attacker will get some fees:
https://nxtforum.org/consensus-research/the-paper-on-long-range-attack-nothing-at-stake
Vitalik talks about a time frame from where you receive funds to where you are able to mint/forge. How would you fake deposits?
January 06, 2015, 12:36:11 PM
The "TL;DR" for me is that everything else can be simulated and faked by sufficient ingenuity, except large amounts of computational power (Given a strenuous test against the network, not figures on a website like fake cloud hashing) Hash is no BS.
PoS schemes to me roughly translate to trusting people not to lie, because they bribe them slightly not to.
PoS schemes to me roughly translate to trusting people not to lie, because they bribe them slightly not to.
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
January 06, 2015, 12:32:57 PM
Where is the proof POS is insecure that isn't argument from authority or strong belief?
Even Vitalik admits there is a fundamental flaw in PoS which is essentially
the nothing-at-stake issue, meaning anyone can attempt stake grinding
to extend the chain at essentially no cost. Vitalik's article on
"weak subjectivity" attempts to solve this issue by requiring minters
to post security deposits, but this doesn't really help because one
can still fake the deposit and/or extend block history. It also opens another attack vector where
stake holders can start to block security deposits from others and monopolize
the network.
Please note I'm not saying "because Vitalik said so"...You can understand
the logic for yourself with regards to how conensus and blockchains
work. (If you don't , just ask and I will explain).
I do take all this with a grain of salt because in practice
PoS systems appear to be doing fine such as NXT, however
that doesn't necessarily mean they are secure or wouldn't be attacked if
the incentive was greater.
January 06, 2015, 12:27:38 PM
They won't because either they want others to do the heavy lifting for them or they aren't really interested in bitcoin anyways and this is just an indirect way to plug their project..
FYI... both NXT and Bitshares are losing ground to bitcoin and weakening during the last 6 months so they are getting more desperate.
you are right... markets collapsing and sorting out black sheeps
afterwards we can do businness again
January 06, 2015, 12:26:47 PM
Vitalik has discussed Nxt's POS algo with the devs on nxtforum.org and was satisfied that it was adequate. He thought he could improve it but he would wouldn't he..
Vitalik still went with PoW despite the wastefulness and all the research into TaPoS and weak subjectivity. Why is that ?
You need to understand that I have a nuanced position and think there are both strengths and weaknesses on both sides.
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
January 06, 2015, 12:26:40 PM
PoW mining was useful for a time
Why are you against mining and Pow anyway?
January 06, 2015, 12:24:53 PM
(I will check in again later)
January 06, 2015, 12:23:45 PM
btw: please just do it!
just fork bitcoin add pos to it and initialize it with current balances. you have the opportunity to even reduce blockchain size.
this doesnt change the fact that i'd sell my posbtc. but why not just do it and let the hole btc community vote what they want to use?
whatever and whoever will make this change: the effect will be the same.
btw or just use clam. they did this....
just fork bitcoin add pos to it and initialize it with current balances. you have the opportunity to even reduce blockchain size.
this doesnt change the fact that i'd sell my posbtc. but why not just do it and let the hole btc community vote what they want to use?
whatever and whoever will make this change: the effect will be the same.
btw or just use clam. they did this....
They won't because either they want others to do the heavy lifting for them or they aren't really interested in bitcoin anyways and this is just an indirect way to plug their project..
FYI... both NXT and Bitshares are losing ground to bitcoin and weakening during the last 6 months so they are getting more desperate.
January 06, 2015, 12:22:12 PM
These are opinion. Don't forget: https://download.wpsoftware.net/bitcoin/pos.pdf
Jonald and another said/think POS isn't secure. I have made no comment on POW. Where is the proof POS is insecure that isn't argument from authority or strong belief?
Yes, opinions from security analysis and experts which is based upon reason , logic and evidence. These experts create models and run mathematical simulations to test their hypothesis.. but i guess to you one opinion is as good as anothers.
Where are the models?
I posted the POS models that back those papers above. You can repeat and verify the results, if you were so inclined.
I gave you the links with both references and direct research if you were so inclined to read it.
https://blog.ethereum.org/
or some research papers like:
https://tel.archives-ouvertes.fr/halshs-00945053/document
https://download.wpsoftware.net/bitcoin/pos.pdf
Where are the models? Or is it just their opinion?
[Bitcoin Wiki, 2014] Bitcoin Wiki "Proof of Stake" page.
https://en.bitcoin.it/wiki/Proof of Stake. Retrieved on 02/05/2014.
[Eyal and Sirer, 2013] Eyal I. and Sirer E.G. (2013) "Majority is not enough: Bitcoin mining
is vulnerable", arXiv: 1311.0243.
[Kroll et al., 2013] Kroll J.A., Davey I.C. and Felten E.W. (2013) "The economics of Bitcoin
mining, or Bitcoin in the presence of adversaries", Mimeo.
[Krugman, 2013] Krugman P. (2013) "Adam Smith hates Bitcoin". NYTimes blog.
http://krugman.blogs.nytimes.com/2013/04/12/adam-smith-hates-bitcoin/
[Nakamoto, 2008] Nakamoto S. (2009) "Bitcoin: A peer-to-peer electronic cash system".
Quote
For the sake of simplicity and with a slight lack of rigor...
Quote
With a simple (one could say simplistic) model...
The idea is to bluff to scare people into selling for nothing... there is a reason this paper didn't gain any traction.
Geoff's pos.pdf paper even admits that there is no rigour in his claim.
Quote
Is it possible to obtain a distributed consensus without provably consuming some resource
outside of the system?
Intuitively, the answer is no, but there is no rigorous argument for this claim.
outside of the system?
Intuitively, the answer is no, but there is no rigorous argument for this claim.
Intuitively, the sun goes around the earth. You can even watch it happening..
Vitalik has discussed Nxt's POS algo with the devs on nxtforum.org and was satisfied that it was adequate. He thought he could improve it but he would wouldn't he..
January 06, 2015, 12:17:45 PM
btw: please just do it!
just fork bitcoin add pos to it and initialize it with current balances. you have the opportunity to even reduce blockchain size.
this doesnt change the fact that i'd sell my posbtc. but why not just do it and let the hole btc community vote what they want to use?
whatever and whoever will make this change: the effect will be the same.
btw or just use clam. they did this....
just fork bitcoin add pos to it and initialize it with current balances. you have the opportunity to even reduce blockchain size.
this doesnt change the fact that i'd sell my posbtc. but why not just do it and let the hole btc community vote what they want to use?
whatever and whoever will make this change: the effect will be the same.
btw or just use clam. they did this....
January 06, 2015, 12:14:26 PM
These are opinion. Don't forget: https://download.wpsoftware.net/bitcoin/pos.pdf
Jonald and another said/think POS isn't secure. I have made no comment on POW. Where is the proof POS is insecure that isn't argument from authority or strong belief?
Yes, opinions from security analysis and experts which is based upon reason , logic and evidence. These experts create models and run mathematical simulations to test their hypothesis.. but i guess to you one opinion is as good as anothers.
Where are the models?
I posted the POS models that back those papers above. You can repeat and verify the results, if you were so inclined.
I gave you the links with both references and direct research if you were so inclined to read it.
https://blog.ethereum.org/
or some research papers like:
https://tel.archives-ouvertes.fr/halshs-00945053/document
https://download.wpsoftware.net/bitcoin/pos.pdf
Jump to: