Pages:
Author

Topic: Noob Q: Can bitcoin be turned into POS? - page 2. (Read 3925 times)

legendary
Activity: 1092
Merit: 1000
March 30, 2017, 04:16:49 AM
#75
You haven't looked at the link, did you.

Scanned it , you are ignoring the fact that everyone is using the computers and the software , aren't you.  Wink

You never answered my question, if I gave away a PoS coin is it Permissionless?

 Cool

FYI:
Your Guy in the link
Quote
I paid a fee of 0.0001 bitcoins, approximately 8 cents or 10% of my transaction.
He paid for permission to have his transaction entered.


FYI2:
The Definition of the Word Permissionless : Without permission.

The Definition of the Word Permission : 
1. authorization granted to do something; formal consent:
2. the act of permitting.


You guys are the ones trying to redefine a word , that already has a definition.
Sorry Webster Dictionary was here 1st.  Wink
hero member
Activity: 770
Merit: 629
March 30, 2017, 04:04:22 AM
#74
Dino , Seriously
6.  Permission from the original programmer thru the Open Source License granted so you can run the software.   Wink

A crypto currency is not software.  It is a protocol, written on paper, that anyone can implement in software.  Usually, the guy (or girl) writing the paper also puts some working software up, but that is secondary.  You don't need the software.  You only need the paper of the protocol. Then you can write your own software to use it.

Look at this guy, using bitcoin without running software from somewhere:
http://www.righto.com/2014/02/bitcoins-hard-way-using-raw-bitcoin.html

You don't need core or BU or whatever software.  You can do it the hard way, using some python scripts and a command line interface.  You only need the detailed protocol description.

The use of Pythagoras' theorem is permissionless.  Anyone can use it.  The same for an open crypto currency protocol.  It is nothing more than a more involved kind of statement.  From the moment that you can read it and understand it, you can use it.

In the end, the "permission" is in the intelligence needed to understand it and code it, but again, you are stretching the notion to make it meaningless.


LOL,
I wait for you to write up your blocks on paper, your blockspeed will be what 1 year per block.  Cheesy

Someone else wrote the original code , granting you permission to use it thru the Open Source License.
The fact is , everyone is using the software and they have received permission to do so.


You haven't looked at the link, did you.

What you are doing is a known rhetorical technique, a form of syllepsis, called the generalisation of concepts.
You are rendering a useful concept, permissionlessness of a cryptosystem, into a meaningless one by generalizing its condition so much outside of its initial meaning, that it becomes trivially a contradiction.

You could apply it to other things, like "mathematical proof".  You could state that your vision is not guaranteed, your memory is not guaranteed, and hence, when reading a mathematical proof, you can never be sure that the next line is really seen as you think you see it, that the logical deduction from former statements are maybe ill-remembered, and hence, that no written text is ever a mathematical proof, rendering all of mathematics meaningless.

Yeah.
legendary
Activity: 1092
Merit: 1000
March 30, 2017, 03:53:47 AM
#73
Dino , Seriously
6.  Permission from the original programmer thru the Open Source License granted so you can run the software.   Wink

A crypto currency is not software.  It is a protocol, written on paper, that anyone can implement in software.  Usually, the guy (or girl) writing the paper also puts some working software up, but that is secondary.  You don't need the software.  You only need the paper of the protocol. Then you can write your own software to use it.

Look at this guy, using bitcoin without running software from somewhere:
http://www.righto.com/2014/02/bitcoins-hard-way-using-raw-bitcoin.html

You don't need core or BU or whatever software.  You can do it the hard way, using some python scripts and a command line interface.  You only need the detailed protocol description.

The use of Pythagoras' theorem is permissionless.  Anyone can use it.  The same for an open crypto currency protocol.  It is nothing more than a more involved kind of statement.  From the moment that you can read it and understand it, you can use it.

In the end, the "permission" is in the intelligence needed to understand it and code it, but again, you are stretching the notion to make it meaningless.


LOL,
I wait for you to write up your blocks on paper, your blockspeed will be what 1 year per block.  Cheesy

Someone else wrote the original code , granting you permission to use it thru the Open Source License.
The fact is , everyone is using the software and they have received permission to do so.

The word permissionless implies , No permission needed , but the facts is permission was granted thru the open source license.
Your use of the word permissionless is the one with no basis in reality in which we reside.

By your statement , if I give away a PoS coin for free, it is also permissionless.
Or is that Contradiction in your thought process too much to bear.  Wink

 Cool

FYI:
As far as this Reality goes , all crypto is permissioned.
hero member
Activity: 770
Merit: 629
March 30, 2017, 02:40:38 AM
#72
Dino , Seriously
6.  Permission from the original programmer thru the Open Source License granted so you can run the software.   Wink

A crypto currency is not software.  It is a protocol, written on paper, that anyone can implement in software.  Usually, the guy (or girl) writing the paper also puts some working software up, but that is secondary.  You don't need the software.  You only need the paper of the protocol. Then you can write your own software to use it.

Look at this guy, using bitcoin without running software from somewhere:
http://www.righto.com/2014/02/bitcoins-hard-way-using-raw-bitcoin.html

You don't need core or BU or whatever software.  You can do it the hard way, using some python scripts and a command line interface.  You only need the detailed protocol description.

The use of Pythagoras' theorem is permissionless.  Anyone can use it.  The same for an open crypto currency protocol.  It is nothing more than a more involved kind of statement.  From the moment that you can read it and understand it, you can use it.

In the end, the "permission" is in the intelligence needed to understand it and code it, but again, you are stretching the notion to make it meaningless.
legendary
Activity: 1092
Merit: 1000
March 29, 2017, 11:35:22 PM
#71

OK, lets clarify ,
The Overall Percentage of Staking Coins determines the Security ,  (Which we should be able to agree on.)  Smiley
However Coins with Larger Numbers , will usually have more coins per block, and therefore have a higher coin-age # .

Yes, but that doesn't make them more secure. It's completely irrelevant if you stake 10 coins of a cryptocurrency with a supply of 1000 units or 10000 coins in a cryptocurrency with a supply of 100000 units. You have 1% in both cases. Coin age doesn't change anything there - you must calculate the "total possible coin age" and then your percentage of it, then you can determine your probability to get a PoS block.

A "coin" (e.g. 1 BTC) is an arbitrary division of the total supply. The "satoshi" is already a better measure because it's indivisible (at least on-chain), but the quantity of satoshis is not relevant for PoS either.

You are Correct the % is the Same, however you are not factoring in the Price per coin as a deterrent.
hashProofOfStake <= [Coin-age] x [Difficulty]
[Coin-age] = [amount of coins] x [days in stake]

Example
Amount of coins in a staked block = 10000
Difficulty =2
Days in Stake = 5
[Coin-age] = [amount of coins] x [days in stake]
50000 = 10000 x 5

hashProofOfStake <= [Coin-age] x [Difficulty]
100000 = 50000 x 2

If we decrease by 100 to 1 then the Amount of coins in a staked block = 100

[Coin-age] = [amount of coins] x [days in stake]
500 = 100 x 5
hashProofOfStake <= [Coin-age] x [Difficulty]
1000 = 500 x 2

Instead of a hashProofOfStake of 100000 protecting the block, then our security will be only 1000 protecting the block.

If the coins were $1 each.
It would require $100,001 to beat the Hash Proof of stake for that block of 100000 .
( , is used as a thousands indicator US style.)

Where only $1001 dollars is required to beat the security of the 1000 hashProofOfStake block.

$100,001 verses $1001 , can you guess which is more secure? Wink


He's not the only person coming to the conclusion that N@S is a problem to deal with, and I'm not talking only about Bitcoin Maximalists like Andrew Poelstra. Forum user @kushti has done a lot of research about it, see here. He is a NXTer, so he is pro-PoS.

None of these so called Genius came to any conclusion on N@S,
G.Maxwell made the shit up as a propaganda tool against Proof of Stake, (because surprise he makes his money from PoW companies.)
And these so called Genius are so stupid , they can't see G.Maxwell Lied.
They all figure ,
Ok G.Maxwell is a smart guy, so there must be something to it.
What he is , is a straight up Liar , and the majority of people don't have the IQ to see thru his lies.

There is No reward for Multistaking, there is No extra Control of the Transactions system,
the Lie has been out for a few years now, and there are NO Multistaking Wallets.
Multistaking on a PoS coin is a waste of time.

The only thing the N@S Lie does is give PoW Supporters a way to scare Newbies away from PoS.
N@S is the Ultimate FUD, because there has never been ACTUAL PROOF it could cause any problems, except from the lies of G.Maxwell.

If you bother to follow the details of the N@S Fud, like I did, you can see it is Bullshit and will not hurt a PoS Chain Whatsoever.

 Cool

FYI:
I read your link, and did you read the 2nd link in it.
https://www.reddit.com/r/NXT/comments/2sewhu/nothing_at_stake_attack_researched_and_deemed_not/
Quote
Nothing-at-stake attack - not possible at the moment! Will be possible when a lot of forgers will use multiple-branch forging to increase profits. Then attacker can contribute to all the chains(some of them e.g. containing a transaction) then start to contribute to one chain only behind the best(containing no transaction) making it winner. Previous statements on N@S attack
made with assumption it costs nothing to contribute to an each fork possible and that makes N@S attack a disaster.
In fact, it's not possible at all to contribute to each fork possible, as number of forks growing exponentially with time.
So the only strategy for a multibranch forger is to contribute to N best forks. In such scenario attack is possible only within short-range e.g. with 25 confirmations needed 10% attacker can't make an attack. And attack is pretty random in nature, it's impossible to predict whether 2 forks will be within N best forks(from exponentially growing set) for k confirmations.
So from our point of view the importance of the attack is pretty overblown.

They missed the fact , their is no increased reward for mutistaking , but they were smart enough to see it's IMPORTANCE is OVERBLOWN!
One of the Biggest Lies about Multistaking is it will Increase Profits, the fact is it will not increase Profits at all.
If your Block was strong enough to stake on 2 forks, it would have staked on 1 fork, but you only get 1 Reward No Matter how many forks , you are staking on.  Tongue
It was overblown because a Liar named G.Maxwell made it UP!
legendary
Activity: 1092
Merit: 1000
March 29, 2017, 11:04:17 PM
#70
Regarding permissionless network. Delegated currencies, like DPoS steemit or DPoW bitcoin, has a potential problem with possible transaction moderation. Pools or witnesses can censor transactions from known annoying persons, and people can vote for these pools or witnesses with their stake or hashrate to exclude annoying person from the network, put assets on hold or even rewrite transactions like it was with ETH. I think good enough solution we can come with is delegated block signing by master nodes and voting for trusted block signers run by an algorithm. Master nodes can form consensus to exclude slow and messy peers from signing, master nodes don't need any approval from stakeholders, with big enough deposit required for master node setup there will be no room for Sybil attack. Optionally, there can be even some penalty to deposit for unhonest signers. It's still delegated PoS without randomness and network reorganisations, so block time can be very short and block size can be huge. Block chain can have 200tb of data and run fine since master nodes rewarded for their service and can afford high speed connection and huge storage. Instead of spending millions to securing network with hashrate there can be an incentive to build decentralized infrastructure for block chain storage, so it can be network of millions of master nodes with current price people pay to miners.
Since too moral or annoyed master nodes get kicked out by an algorithm for messing with transactions network become provable permissionless.

Pet Peeve of mine, that word permissionless is untrue.
All coins are Permissioned.

Here is why PoW is Permissioned, ( mined on a CPU or ASIC)
Facts
Permissions Required to generate a PoW Block if you Mine it
1.  Permission from the ASICS seller , to buy their ASIC.
2.  Permission from your local Govenment to allow the ASIC to be shipped to you.
3   Permission from the Electric Company to power your ASIC.
4.  Permission from the Mining pool you have to join because group mining is your only shot
5.  Permission from your ISP , so you have internet access to attempt to mine it.
6.  Permission from the original programmer thru the Open Source License granted so you can run the software.
If you pay someone else to mine it , You need their permission and acceptance of your currency.

Permissions Required if you just buy it. (Same for PoW & PoS)
1.  Permission from the Exchange
2.  Permission from the Seller

Free Faucet  (Same for PoW & PoS)
1.  Permission from the one running the faucet

Hopefully we can put that falsehood permissioned verses permissionless to rest , because nothing peeves me more that hearing the same lie more than once.
There are No Permissionless systems in crypto.

 Cool

I think you are stretching the notion of "permissionless" so much that you are of course coming to a contradiction.  Permissionless only pertains to participating in all the SYSTEM functions, not in what you can do with it *in relationship with others*.  The fact that nobody wants to sell me a gun against bitcoin (nor against cash), doesn't make bitcoin lacking permissionless.  I can still use the bitcoin system to send coins to any address, and I can receive bitcoin from any user *that wants to*.  
As to mining, nothing stops me from building my own ASIC factory and participating.  The fact that *existing* asic vendors don't want to sell me some of their production is not "bitcoin's" problem.  It would be, if these ASICS needed a certificate from Satoshi in order to function.  Then inherently, bitcoin mining wouldn't be permissionless.  But that's not the case.

You can also claim that prisoners are not permissioned to use bitcoin, so bitcoin is not permissionless.  But that has nothing to do with bitcoin, but with society as a whole, who isn't persmissionless.  In other words, you're building a straw man.  If you continue your logic, crypto is a useless affair, because in the end, the government and their judges decide on everything.



Dino , Seriously
6.  Permission from the original programmer thru the Open Source License granted so you can run the software.   Wink

There are No Permissionless systems in crypto.

 Cool
hero member
Activity: 770
Merit: 629
March 29, 2017, 10:45:24 PM
#69

OK, lets clarify ,
The Overall Percentage of Staking Coins determines the Security ,  (Which we should be able to agree on.)  Smiley
However Coins with Larger Numbers , will usually have more coins per block, and therefore have a higher coin-age # .
Yes, but that doesn't make them more secure. It's completely irrelevant if you stake 10 coins of a cryptocurrency with a supply of 1000 units or 10000 coins in a cryptocurrency with a supply of 100000 units. You have 1% in both cases. Coin age doesn't change anything there - you must calculate the "total possible coin age" and then your percentage of it, then you can determine your probability to get a PoS block.

A "coin" (e.g. 1 BTC) is an arbitrary division of the total supply. The "satoshi" is already a better measure because it's indivisible (at least on-chain), but the quantity of satoshis is not relevant for PoS either.

Amen.  PoS security is a matter of signatory stake over total potential stake.  

Quote
He's not the only person coming to the conclusion that N@S is a problem to deal with, and I'm not talking only about Bitcoin Maximalists like Andrew Poelstra. Forum user @kushti has done a lot of research about it, see here. He is a NXTer, so he is pro-PoS.

To me, the N@S problem can be formulated as follows:

"there are an unlimited amount of different, correct block chains under a PoS rule that can fork off from a given common point using a relatively small amount of stake, and given a finite set of transactions signed by the other stake holders"

The trick is to define an ordering over that amount of block chains such that the chain including most transactions of the other stake holders wins with high probability unless the amount of stake that has to collude becomes significant (at which point, the coin is essentially in the hands of a colluding set of cheaters, at which point, it doesn't matter any more that it fails technically, because it failed already economically).

I think that *practically speaking* N@S is only a problem if there are staking rewards (fees, coinbase).  

As to "check points", I think they defeat the purpose, as they are also a consensus mechanism.  However, there's something much simpler concerning the equivalent of check points: every staker is *supposed* not to stake on a chain that is in contradiction with his OLD BLOCKS he KNOWS ABOUT.  In practice, that would be true: if you have a node running that has been following the block chain since about a year, and suddenly, your peer nodes tell you to orphan half a year of block and to stake on top of the new chain, you should bluntly refuse to stake.   Every node is having his own check points, depending on his own presence on the network.  New nodes cannot know ; but old nodes can refuse to stake on a historically re-written chain.

When there are no rewards, you are not incentivized to "stake nevertheless, to get the reward if that chain wins".  Your only goal is to help the system run correctly, because that protects the stake you hold in it.  If you don't hold any stake, you don't care.   The more stake you hold, the more you (should) care.  If you hold majority stake, you don't care any more either, because you are just playing with yourself.  "bribing into false staking" is essentially impossible because the stakers are random and even anonymous, and each time you change a iota to the history, those random stakers change radically.  In other words, you'd need to bribe essentially a large part of potential stake holders, in such a way that you "buy their stake" for more than their stake is worth ; but you could then just as well buy that stake on the market.  At which point, we're back to "you're playing with yourself".

The nice security feature of PoS over PoW is this:

without any stake, the probability to make a modified chain that will be cryptographically be considered correct is essentially ZERO.  The only way to do so, is to crack the digital signature cryptography used.

The probability of being able to make a false chain rises with the amount of stake that is trying to do so and should be kept insignificant until this stake  becomes so important that the cheating staker is going to shoot himself in the foot by killing the whole system.

With PoW on the other hand, the probability to make  a modified chain that will be cryptographically considered correct is simply depending on how much electricity you can waste versus how much electricity the honest stake holders in the system are wasting.

legendary
Activity: 3906
Merit: 6249
Decentralization Maximalist
March 29, 2017, 04:22:21 PM
#68

OK, lets clarify ,
The Overall Percentage of Staking Coins determines the Security ,  (Which we should be able to agree on.)  Smiley
However Coins with Larger Numbers , will usually have more coins per block, and therefore have a higher coin-age # .
Yes, but that doesn't make them more secure. It's completely irrelevant if you stake 10 coins of a cryptocurrency with a supply of 1000 units or 10000 coins in a cryptocurrency with a supply of 1000000 units. You have 1% in both cases. Coin age doesn't change anything there - you must calculate the "total possible coin age" and then your percentage of it, then you can determine your probability to get a PoS block.

A "coin" (e.g. 1 BTC) is an arbitrary division of the total supply. The "satoshi" is already a better measure because it's indivisible (at least on-chain), but the quantity of satoshis is not relevant for PoS either.


Quote
No offense to the Guy , but he is trying to solve N@S, when N@S is nothing but a falsehood, that shows him and Vitalik have really not bothered to think it through,

He's not the only person coming to the conclusion that N@S is a problem to deal with, and I'm not talking only about Bitcoin Maximalists like Andrew Poelstra. Forum user @kushti has done a lot of research about it, see here. He is a NXTer, so he is pro-PoS.

Edit: F**k, got the numbers wrong Wink
hero member
Activity: 770
Merit: 629
March 29, 2017, 09:38:16 AM
#67
With all its problems, PoW seems to be the best we have. As far as I can remember, PoS never solved the "nothing at stake" problem.

With PoW you have miners vs whales.

With PoS... you have whales.

I believe the main problem PoS is trying to solve is the "waste" of electricity.  

Mining PoW is using a lot of resources (by design) and PoS advocates see this as a waste.  

What they fail to realize is that this 'waste' is protecting the network from attacks, and traditional finance also uses a lot of electricity anyway.  

What you fail to recognize is that PoW is a BAD protection.  You need to spend a lot of electricity because its ONLY protection is the amount of electricity spent, and the idea that "bad guys" are less capable than "good guys" to waste electricity.

Usually, cryptography is smarter than that.  Digital signatures cost a very small amount of effort by "the good guys" and an impossibly large amount of work by the "bad guys".  PoS is based upon that idea: that the "good guys" (that is to say, cryptographically randomly picked owners of coins in the system) SIGN blocks as being good blocks instead of proving that they wasted more electricity than others.  Normally, if *several randomly picked coin owners* sign a block, and not another one, there's no reason to assume they do this with a bad intention (they mostly have nothing to do with the transactions in that particular block).  The only thing they could do, if they all colluded which is hard to do with randomly selected signers, is harm the system in which they possess coins - why would they ?

And you don't need to waste electricity, and it is MUCH HARDER for an outsider to fake a block chain, than one that has as ONLY security a proof of an amount of wasted electricity.

For instance, the first 2 years of the bitcoin block chain could be entirely done over with modern hash means in a matter of half a day or so.  The amount of PoW in the first two years of bitcoin block chain is ridiculous as compared to what is now done as PoW.

If it had been PoS, then only the entire set of stake holders including Satoshi himself (mainly !) could provide another PoS chain for that period, because only they have ALL the secret keys corresponding to the signatures to make new signatures on the altered chain.

The first 2 years of bitcoin's block chain are hence totally insecure from a PoW point of view, but would remain perfectly cryptographically protected as long as the entire set of stake holders of that time didn't collude or gave out their secret keys.

legendary
Activity: 1106
Merit: 1005
March 29, 2017, 09:26:17 AM
#66
With all its problems, PoW seems to be the best we have. As far as I can remember, PoS never solved the "nothing at stake" problem.

With PoW you have miners vs whales.

With PoS... you have whales.

I believe the main problem PoS is trying to solve is the "waste" of electricity.   

Mining PoW is using a lot of resources (by design) and PoS advocates see this as a waste.   

What they fail to realize is that this 'waste' is protecting the network from attacks, and traditional finance also uses a lot of electricity anyway. 

I don't think PoW is flawed, although a PoW+PoS hybrid might be a good option to solve some problems (such as nodes not getting rewarded).         

hero member
Activity: 770
Merit: 629
March 29, 2017, 06:26:14 AM
#65
Regarding permissionless network. Delegated currencies, like DPoS steemit or DPoW bitcoin, has a potential problem with possible transaction moderation. Pools or witnesses can censor transactions from known annoying persons, and people can vote for these pools or witnesses with their stake or hashrate to exclude annoying person from the network, put assets on hold or even rewrite transactions like it was with ETH. I think good enough solution we can come with is delegated block signing by master nodes and voting for trusted block signers run by an algorithm. Master nodes can form consensus to exclude slow and messy peers from signing, master nodes don't need any approval from stakeholders, with big enough deposit required for master node setup there will be no room for Sybil attack. Optionally, there can be even some penalty to deposit for unhonest signers. It's still delegated PoS without randomness and network reorganisations, so block time can be very short and block size can be huge. Block chain can have 200tb of data and run fine since master nodes rewarded for their service and can afford high speed connection and huge storage. Instead of spending millions to securing network with hashrate there can be an incentive to build decentralized infrastructure for block chain storage, so it can be network of millions of master nodes with current price people pay to miners.
Since too moral or annoyed master nodes get kicked out by an algorithm for messing with transactions network become provable permissionless.

Pet Peeve of mine, that word permissionless is untrue.
All coins are Permissioned.

Here is why PoW is Permissioned, ( mined on a CPU or ASIC)
Facts
Permissions Required to generate a PoW Block if you Mine it
1.  Permission from the ASICS seller , to buy their ASIC.
2.  Permission from your local Govenment to allow the ASIC to be shipped to you.
3   Permission from the Electric Company to power your ASIC.
4.  Permission from the Mining pool you have to join because group mining is your only shot
5.  Permission from your ISP , so you have internet access to attempt to mine it.
6.  Permission from the original programmer thru the Open Source License granted so you can run the software.
If you pay someone else to mine it , You need their permission and acceptance of your currency.

Permissions Required if you just buy it. (Same for PoW & PoS)
1.  Permission from the Exchange
2.  Permission from the Seller

Free Faucet  (Same for PoW & PoS)
1.  Permission from the one running the faucet

Hopefully we can put that falsehood permissioned verses permissionless to rest , because nothing peeves me more that hearing the same lie more than once.
There are No Permissionless systems in crypto.

 Cool

I think you are stretching the notion of "permissionless" so much that you are of course coming to a contradiction.  Permissionless only pertains to participating in all the SYSTEM functions, not in what you can do with it *in relationship with others*.  The fact that nobody wants to sell me a gun against bitcoin (nor against cash), doesn't make bitcoin lacking permissionless.  I can still use the bitcoin system to send coins to any address, and I can receive bitcoin from any user *that wants to*. 
As to mining, nothing stops me from building my own ASIC factory and participating.  The fact that *existing* asic vendors don't want to sell me some of their production is not "bitcoin's" problem.  It would be, if these ASICS needed a certificate from Satoshi in order to function.  Then inherently, bitcoin mining wouldn't be permissionless.  But that's not the case.

You can also claim that prisoners are not permissioned to use bitcoin, so bitcoin is not permissionless.  But that has nothing to do with bitcoin, but with society as a whole, who isn't persmissionless.  In other words, you're building a straw man.  If you continue your logic, crypto is a useless affair, because in the end, the government and their judges decide on everything.
hero member
Activity: 770
Merit: 629
March 29, 2017, 06:19:34 AM
#64
I personally think Bitcoin should be left as it is. There are a plethora of POS coins to choose from anyway but Bitcoin should be left in it's original evolutionary state. Even if they messed around with the code and it could be changed, I thin the majority of people would agree with me that Bitcoin should remain in tact.

In my opinion, that is what will happen, not because it "should" but because of immutability.
hero member
Activity: 770
Merit: 629
March 29, 2017, 06:18:54 AM
#63
If you read my detailed posts and it is still unclear, even after Dino agreed with me their is no reward structure for a multistaker and therefore no real point to N@S.  Tongue

Uh, I didn't.  I agreed with you that there is no EXTRA reward for multistaking ; however, by not multistaking, you can LOSE your reward if you have only been staking on the wrong chain !  THIS is the N@S problem: that rewarded staking *invites you* to stake on all chains where you can, because you simply don't know when the issue will be resolved, and on what branch the preference will fall when it is resolved.  If you staked on the wrong chain, you have lost your reward.  If you stake on both (if you can), then you'll obtain your reward, no matter what final choice is made.

In reality, if there is a more sophisticated stake function that picks in a deterministic random way the staker depending on its content, you will not be ABLE to stake on both chains, because only one will prefer you as a staker.  However, the N@S problem involves you generating a lot of alternative past chains (including and excluding transactions) until you can stake on one or several of them.  That, however, starts to look like a PoW: finding past chains that allow you to stake.

You could try all different combinations of included and excluded past transactions so that "by coincidence" *you* can stake each time.   That's a lot of computing ; but much less so than mindless PoW.


legendary
Activity: 2114
Merit: 1023
Oikos.cash | Decentralized Finance on Tron
March 29, 2017, 06:16:27 AM
#62
I personally think Bitcoin should be left as it is. There are a plethora of POS coins to choose from anyway but Bitcoin should be left in it's original evolutionary state. Even if they messed around with the code and it could be changed, I thin the majority of people would agree with me that Bitcoin should remain in tact.
hero member
Activity: 770
Merit: 629
March 29, 2017, 06:07:00 AM
#61
why then not replace this with these 20 guys signing digitally each block and promising not to sign more than a block per 10 minutes in a round-robin way ?  That's just as secure, isn't it ?
Yes, I think it's absolutely the same as stamping with gpu a paper contract between "20 elders of the internet" and "we, the people" for "block chain special service".

Ok, but what is the difference then with a central bank and its board of governors ?

Quote
Moreover,  mining hardware is a potential point of failure and power vacuum, since monopoly on network belong to few tech-savvy entrepreneurs.

I agree, outsourcing the consensus to some industrials is a strange idea for a system that wants to be autonomous.

Quote
In POS system money decide how money evolves, it's fair enough, and I'm actually okay with whales. Coins as shares in distributed payment system has more logic than gpu power as voting method.

Indeed, the more stake you have, the more you are keen on keeping up the reputation of the system ; and anyways, in the market you have already the power.   That said, any system in which a single entity possesses, say, 50% of the assets is to be avoided in any case.

Quote
1000 dedicated people can ruin any corporation, 10000 well armed organized men can overthrown any government, so why we should have more  than 10000 non Sybil signing nodes to run a network?

Point is, you cannot find out whether nodes are Sybil nodes or not.  Unless you give up other desired properties. 
legendary
Activity: 1092
Merit: 1000
March 29, 2017, 05:34:17 AM
#60
Regarding permissionless network. Delegated currencies, like DPoS steemit or DPoW bitcoin, has a potential problem with possible transaction moderation. Pools or witnesses can censor transactions from known annoying persons, and people can vote for these pools or witnesses with their stake or hashrate to exclude annoying person from the network, put assets on hold or even rewrite transactions like it was with ETH. I think good enough solution we can come with is delegated block signing by master nodes and voting for trusted block signers run by an algorithm. Master nodes can form consensus to exclude slow and messy peers from signing, master nodes don't need any approval from stakeholders, with big enough deposit required for master node setup there will be no room for Sybil attack. Optionally, there can be even some penalty to deposit for unhonest signers. It's still delegated PoS without randomness and network reorganisations, so block time can be very short and block size can be huge. Block chain can have 200tb of data and run fine since master nodes rewarded for their service and can afford high speed connection and huge storage. Instead of spending millions to securing network with hashrate there can be an incentive to build decentralized infrastructure for block chain storage, so it can be network of millions of master nodes with current price people pay to miners.
Since too moral or annoyed master nodes get kicked out by an algorithm for messing with transactions network become provable permissionless.

Pet Peeve of mine, that word permissionless is untrue.
All coins are Permissioned.

Here is why PoW is Permissioned, ( mined on a CPU or ASIC)
Facts
Permissions Required to generate a PoW Block if you Mine it
1.  Permission from the ASICS seller , to buy their ASIC.
2.  Permission from your local Govenment to allow the ASIC to be shipped to you.
3   Permission from the Electric Company to power your ASIC.
4.  Permission from the Mining pool you have to join because group mining is your only shot
5.  Permission from your ISP , so you have internet access to attempt to mine it.
6.  Permission from the original programmer thru the Open Source License granted so you can run the software.
If you pay someone else to mine it , You need their permission and acceptance of your currency.

Permissions Required if you just buy it. (Same for PoW & PoS)
1.  Permission from the Exchange
2.  Permission from the Seller

Free Faucet  (Same for PoW & PoS)
1.  Permission from the one running the faucet

Hopefully we can put that falsehood permissioned verses permissionless to rest , because nothing peeves me more that hearing the same lie more than once.
There are No Permissionless systems in crypto.

 Cool
full member
Activity: 126
Merit: 100
March 29, 2017, 05:00:11 AM
#59
Regarding permissionless network. Delegated currencies, like DPoS steemit or DPoW bitcoin, has a potential problem with possible transaction moderation. Pools or witnesses can censor transactions from known annoying persons, and people can vote for these pools or witnesses with their stake or hashrate to exclude annoying person from the network, put assets on hold or even rewrite transactions like it was with ETH. I think good enough solution we can come with is delegated block signing by master nodes and voting for trusted block signers run by an algorithm. Master nodes can form consensus to exclude slow and messy peers from signing, master nodes don't need any approval from stakeholders, with big enough deposit required for master node setup there will be no room for Sybil attack. Optionally, there can be even some penalty to deposit for unhonest signers. It's still delegated PoS without randomness and network reorganisations, so block time can be very short and block size can be huge. Block chain can have 200tb of data and run fine since master nodes rewarded for their service and can afford high speed connection and huge storage. Instead of spending millions to securing network with hashrate there can be an incentive to build decentralized infrastructure for block chain storage, so it can be a network of millions of master nodes with current price people pay to miners.
Since too moral or annoyed master nodes get kicked out by an algorithm for messing with transactions network become provable permissionless. Or network can just kick out voted witnesses until reelection like it's already done in DPoS for network delay, but for transactions delay too.
legendary
Activity: 1092
Merit: 1000
March 28, 2017, 10:27:44 PM
#58

It all breaks down to this
hashProofOfStake <= [Coin-age] x [Target]      
[Coin-age] = [amount of coins] x [days in stake]      

That is why a PoS coin with a billion coins will be safer than a PoS coin with only a few million.

No, no and no! That's simply false. Do the math again please. The absolute number of coins is not relevant, it's the proportion of the total coin supply a staker has.

And no, your coin has not invented the "coin age limitation". Peercoin did it, in 2012.

I recommend you and all those interested in Proof of Stake to read the blog posts of the "The history of Casper" (Chapter 1 is here) series by the Ethereum developer Vlad Zamfir. I don't know if I come to the same conclusions like him (I think he's overly pessimistic about non-Byzantine PoS algorithms), but it's an interesting read about different PoS systems and the attacks that a well thought-out system should be able to avoid.

OK, lets clarify ,
The Overall Percentage of Staking Coins determines the Security ,  (Which we should be able to agree on.)  Smiley
However Coins with Larger Numbers , will usually have more coins per block, and therefore have a higher coin-age # .

No Argument , about peercoin inventing the age limitation 1st, and I never claimed ZEIT invented it, so not sure where that is coming from.

No offense to the Guy , but he is trying to solve N@S, when N@S is nothing but a falsehood, that shows him and Vitalik have really not bothered to think it through,
if they had, they would have come to the same conclusions I have. N@S is a Lie , and nothing to be concerned with at all.
If you read my detailed posts and it is still unclear, even after Dino agreed with me their is no reward structure for a multistaker and therefore no real point to N@S.  Tongue
Well You will just have to code a Multistaker for a PoS coin and try and prove me Wrong.  Wink

 Cool
legendary
Activity: 3906
Merit: 6249
Decentralization Maximalist
March 28, 2017, 09:51:31 PM
#57
First of all, a coin that is for 50% or more in possession of any entity, is economically dead.   That whale can do anything with it on the market.

He cannot change transactions of other accounts, only double spend and censor transactions. So if in a PoW coin the miners manage to regain control of 51%, then the coin could continue to live - above all, if it's widely used and has reputation. A "shitcoin" obviously would die instantly (like the many ones that already died Wink ). In a PoS coin you must additionally do the hardfork. But ok, we're talking about details, I agree that a 51% event is catastrophic in all coin systems.

It all breaks down to this
hashProofOfStake <= [Coin-age] x [Target]      
[Coin-age] = [amount of coins] x [days in stake]      

That is why a PoS coin with a billion coins will be safer than a PoS coin with only a few million.

No, no and no! That's simply false. Do the math again please. The absolute number of coins is not relevant, it's the proportion of the total coin supply a staker has.

And no, your coin has not invented the "coin age limitation". Peercoin did it, in 2012.

I recommend you and all those interested in Proof of Stake to read the blog posts of the "The history of Casper" (Chapter 1 is here) series by the Ethereum developer Vlad Zamfir. I don't know if I come to the same conclusions like him (I think he's overly pessimistic about non-Byzantine PoS algorithms), but it's an interesting read about different PoS systems and the attacks that a well thought-out system should be able to avoid.
legendary
Activity: 1092
Merit: 1000
March 28, 2017, 04:50:43 PM
#56
But this reward is in place to incentive "staking", because "stakers" at least have some minimal electricity/bandwidth costs. If less accounts are staking, attackers have an easier game with "standard 51% PoS attacks", they could attack the currency even with only 1% of the supply (see cynicSOB's successful APEXcoin attack I mentioned in the answer to kiklo, it was performed with less than 0,1% of the stake). So "stakers" should be at least minimally rewarded (e.g. with Peercoin's 1%/year reward or NXT's transaction fees).  


Side Note on the Apex,

cynicSOB pulled off a Short Range history attack ~30 blocks, not a long range.

Apex was vulnerable for the following reasons, they only had 5 Stakers with a small # of coins protecting the network,
and they had UNLIMITED Weight from Unlimited Coin Age.

cynicSOB just waited til his coin blocks Weight/Age was higher than the other 5 stakers combined, and overwrote the chain.
(Took him over 20 days before he had enough weight.)

Unlimited Weight/Age is a security issue, and ZEIT handled it by capping the Max Weight/Age at 20 days.
(This security measure was in effect before the Apex attack)   Wink
Meaning even if you kept coins for 100 years, their max weight/age would be no more than 20 days.
So your short range history attack would fail.  Wink

It all breaks down to this
hashProofOfStake <= [Coin-age] x [Target]      
[Coin-age] = [amount of coins] x [days in stake]      

That is why a PoS coin with a billion coins will be safer than a PoS coin with only a few million.
And you could make the argument that is why BTC should never become PoS without using rolling checkpoints or a checkpoint server,
as BTC does not have enough coins to secure the chain properly.

 Cool
Pages:
Jump to: