Topic: [HOWTO] kill any 100% PoS coins owning less than 1% of all coins. - page 3. (Read 13454 times)

No no, that's not the vulnerability. That issue got taken care off in the first release of PPC. That's why I tried to explain here --


In the illustrated attack the interest generated will be the same, but the rate of generating blocks will increase dramatically.

Someone should do this practically? It would be a huge turn off to PoS, this is pretty big and should be fixed?

From reading it, it seems similar.

Basically, when you find a block - the coins in the transaction that were used to mine the block are all reset to 0.

If there is less coins in the transaction, there are less coins reset.

However, doesn't the luck increase exponentially rather than evenly, such that a transaction with 4 coins in, is far more probable than 4 single 1 coin transactions to mint a block?

Interesting just because i know no one outside of hard core Crypto is going to understand any of that - can i just state it in plain language and you tell me if i far or close to the mark?


PoS  means Proof of ownership like owning a Bond. + interest.

When you hold units of crpyto they age like bonds and mature giving back an "interest" stake -  

DE_logics is basically saying  or theorizing that under certain conditions  if you had:


10 Bonds (ten pieces of interest bearing paper) each worth 1 unit + 1 unit of interest.

you would earn more net interest verses:

One single 10 unit Bond + its interest.

* even if the interest is meant to be equal - i.e the 10 bonds should equal the exact same net return as the single Bond because they are the same units net worth and the interest rate is "fixed" by whole the system.

and in this way, this could be a flaw in PoS  because someone could split up their bonds (something you can do with crypto)  and generate enough interest to control the whole game.



how did i do ?

if its on or close to the mark i will post it back on the other thread as it is relevant -

As far as I can see, this does not apply to Nxt, since there is no "aging" of coins after they forge a block.

Humm... I think this attack is different. The vulnerability in this thread cannot be fixed like this. The design of the coin has to be changed for it to be fixed.

The link just increases the no. of trials the wallet does to generate a valid block, were as this increases the probability of a block by splitting the stake.

Looks like this vulnerability is known since December.

Perhaps can check with Jutarul?

Ref: https://bitcointalksearch.org/topic/ppcoin-stake-burn-through-vulnerability-131901

Agreed this needs more discussion.

I don't think anyone knows how secure 100% POS is based on all the peercointalk forum posts i've read

Interesting, can others more experienced confirm? Will this also apply to hybrid PoS/PoW?

For 0.01 TX fee, the attack will be made just 1% more expensive.

So it doesn't matter.

Sorry about that, I modified the above post before you read it.

As per the calculator and the link you provided, the coin age literally mean the coins age, not no. of coins * days the coins has been held.


If you see that calculator, if you increase the no. of coins, the probability of hitting a block always increases regardless of the amount.


No, it's not assuming that. I've specified this --


Edit -- I've not considered TX fee which's something PPC specific. PPC is not 100% PoS.

I'll think about TX fee also.

From: http://www.peercoin.net/minting: "The maximum age a coin can have is 90 days, after this the coin does not age further."

In other words, you are saying the implementation is not as described?


if there is a age limit, at max age, coin-age depends on num of coin


yes, assuming no age limit, we can have 1 coin per transaction and for each coin of great age, it is possible for multiple block finding.

Yes, that's the coin age as per my understanding. But in this article, when I talk about age, I talk about the actual age -- the amount of time the wallet has held the coin.

a) If you believe this calculator, as the coin becomes older (age is not the right term here) the probability of hitting a block increases and yes there is such a limit of 90 days. Also rate of interest per year (not per block) is limited. If you've not hit a block for a long time (the coin is very old -- older than 90 days), the rewards will be higher to maintain the ROI. This factor does not have any limit of the age. But this will not limit the attack vectors in any way.

b) This question is not clear considering the above discussion.

2) Yes, absolutely. For each block mined, only 1 coin's age is consumed. We have plenty of other coins in set Y. The bigger the size of A the longer you can attack.

Curious, I have a few qns:

1) coin-age is no. of coins * number of days (age)? I am not sure how it is implemented but there are 2 points:
    a) age is limited depending on the coin's implementation
    b) max coin-age depends on the amount of coin you have at max age?

2) 51% attack assumes you can carry it out continuously? that is, more > 1 confirmations?

Since I'm not a developer nor a hacker I cant modify wallets to do such an attack, but here's the concept, which may not be right, but crackers may try.


We're going to exploit low PoS difficulty and prominently it's low for even 100% PoS coins. Like for mintcoin it's 0.243, even for popular and old coins like PPC, the difficulty is 10.

First let me explain the significance of difficult in PoS which's very much similar to difficulty in PoW. But don't assume low PoS difficulty means higher rate of returns. Each block gives the miner variable rewards depending on the current difficulty which predicts the probability of the coins to mint a PoS block. A low difficulty means the coins will easily be able to mint PoS blocks, since the number of PoS blocks generated by coins are frequent, the block reward will drop cause the interest rate is capped. In other words, when difficulty is low, the coins will have to wait less to generate a block reward, i.e. the coin will have less age so the block reward will be low. Similarly if the difficulty is high the block reward will increase cause the probability of the coins to make a PoS block will be less, so PoS blocks generated by the coins will be less but the interest rate has to be maintained at 20%; so to compensate for the lower block rate, the block reward will increase.

In PoS, when a node receives a number of coins all in 1 transaction (call this transaction X and the no. of coins in the transaction as A), all of these coins will be used to mine a block. The more the no. of coins in X, the higher the chance of hitting a block. The older transaction X goes the higher the chance of hitting a block. For coins which were received in another transaction (apart from X, call this transaction Z) but to the same address will try to mine a block separately from Z; the wallet will use Y along with X independently to mine blocks.

Suppose the probably of mining a block for X is within x days, after mining, the coin age renews to 0, making it ineligible to mine a block till it's old enough to mine blocks again.

We're going to compare the set of coins X which were received with in a single transaction to a no. of transactions the size of each being 1 coin, but the no. of transactions is such that it results in A no. of coins (i.e. A no. of transactions). This mean for each of these coins, the wallet will try to generate a block using them separately. Let's call this set of coins Y.

The probability of one coin to generate a block is x/A (since X has A no. of coins); for all of  A no. of coins used together, the probability to generate a block is (x/A)*A = x. So Y has the same probability to generate a block as compared to X. Once a block has been mined, the age of the single coin used to mine a block becomes 0 and it comes ineligible for mining, but all other coins are still eligible for mining. Now the probability of Y to generate another block is (x/A)*(A-1) which is almost x (call this changing value y, i.e. y is the current mining power of Y after a no. of coins's age has been reduce to 0). Depending on the size of A, the this value of y will almost be the same as x for (x/A)*(A-1), (x/A)*(A-2), (x/A)*(A-3)... (x/A)*(A-100). The larger the value of A, the closer is the mining power to x as a single coin will be less significant for a large value of A.

So Y has lot more power to generate blocks as compared to X with the same no. of coins. The attacker with possession of Y can wait for an attack till the coins become older which yields better probability of blocks. (update) In fact, the probability of generating a single block by splitting stakes (Y) is more effective than the regular X method. The reason being, as the no. of coins increases, the probability of hitting a block does not increase linearly (see this); it's increment rate decreases. So the network difficulty is lower. But if you've split your stake (as with Y), the probability of staking a block will increase linearly, cause each coin has it's own staking instance. It's stake is calculated separately.

In a 51% attack block mining power is exactly what you need. You try to fork the block chain and try to make the forked chain longer than the main chain and once that happens all valid transactions in those chains will be lost (double spending). So when it comes to hashing power, PoS is more vulnerable to PoW.

It's a fallacy that you need most of the coins in a PoS coin to attack it; it all depends on the difficulty. You can do an attack even if you have less than 1% of the coins. It's all on the difficulty.

If you do a mindless criticism (criticizing me without any reason or calling the whole text gibberish without stating a reason), realize that it's clear that you own a huge stake in a 100% PoS crypto and are planning to dump it at a pump which this article may reduce the probability of (if it is true).

If you don't believe me, very well. I got no issues, but I'm always open for constructive discussion. As of attackers, they may try this and succeed while you believe this's a lie.