Topic: Noob Q: Can bitcoin be turned into POS? - page 2. (Read 3925 times)

Scanned it , you are ignoring the fact that everyone is using the computers and the software , aren't you.  

You never answered my question, if I gave away a PoS coin is it Permissionless?

 

FYI:
Your Guy in the link
He paid for permission to have his transaction entered.


FYI2:
The Definition of the Word Permissionless : Without permission.

The Definition of the Word Permission : 
1. authorization granted to do something; formal consent:
2. the act of permitting.

You guys are the ones trying to redefine a word , that already has a definition.
Sorry Webster Dictionary was here 1st. 

You haven't looked at the link, did you.

What you are doing is a known rhetorical technique, a form of syllepsis, called the generalisation of concepts.
You are rendering a useful concept, permissionlessness of a cryptosystem, into a meaningless one by generalizing its condition so much outside of its initial meaning, that it becomes trivially a contradiction.

You could apply it to other things, like "mathematical proof".  You could state that your vision is not guaranteed, your memory is not guaranteed, and hence, when reading a mathematical proof, you can never be sure that the next line is really seen as you think you see it, that the logical deduction from former statements are maybe ill-remembered, and hence, that no written text is ever a mathematical proof, rendering all of mathematics meaningless.

Yeah.

LOL,
I wait for you to write up your blocks on paper, your blockspeed will be what 1 year per block.  

Someone else wrote the original code , granting you permission to use it thru the Open Source License.
The fact is , everyone is using the software and they have received permission to do so.

The word permissionless implies , No permission needed , but the facts is permission was granted thru the open source license.
Your use of the word permissionless is the one with no basis in reality in which we reside.

By your statement , if I give away a PoS coin for free, it is also permissionless.
Or is that Contradiction in your thought process too much to bear.  

 

FYI:
As far as this Reality goes , all crypto is permissioned.

A crypto currency is not software.  It is a protocol, written on paper, that anyone can implement in software.  Usually, the guy (or girl) writing the paper also puts some working software up, but that is secondary.  You don't need the software.  You only need the paper of the protocol. Then you can write your own software to use it.

Look at this guy, using bitcoin without running software from somewhere:
http://www.righto.com/2014/02/bitcoins-hard-way-using-raw-bitcoin.html

You don't need core or BU or whatever software.  You can do it the hard way, using some python scripts and a command line interface.  You only need the detailed protocol description.

The use of Pythagoras' theorem is permissionless.  Anyone can use it.  The same for an open crypto currency protocol.  It is nothing more than a more involved kind of statement.  From the moment that you can read it and understand it, you can use it.

In the end, the "permission" is in the intelligence needed to understand it and code it, but again, you are stretching the notion to make it meaningless.

You are Correct the % is the Same, however you are not factoring in the Price per coin as a deterrent.
hashProofOfStake <= [Coin-age] x [Difficulty]
[Coin-age] = [amount of coins] x [days in stake]

Example
Amount of coins in a staked block = 10000
Difficulty =2
Days in Stake = 5
[Coin-age] = [amount of coins] x [days in stake]
50000 = 10000 x 5

hashProofOfStake <= [Coin-age] x [Difficulty]
100000 = 50000 x 2

If we decrease by 100 to 1 then the Amount of coins in a staked block = 100

[Coin-age] = [amount of coins] x [days in stake]
500 = 100 x 5
hashProofOfStake <= [Coin-age] x [Difficulty]
1000 = 500 x 2

Instead of a hashProofOfStake of 100000 protecting the block, then our security will be only 1000 protecting the block.

If the coins were $1 each.
It would require $100,001 to beat the Hash Proof of stake for that block of 100000 .
( , is used as a thousands indicator US style.)

Where only $1001 dollars is required to beat the security of the 1000 hashProofOfStake block.

$100,001 verses $1001 , can you guess which is more secure?



None of these so called Genius came to any conclusion on N@S,
G.Maxwell made the shit up as a propaganda tool against Proof of Stake, (because surprise he makes his money from PoW companies.)
And these so called Genius are so stupid , they can't see G.Maxwell Lied.
They all figure ,
Ok G.Maxwell is a smart guy, so there must be something to it.
What he is , is a straight up Liar , and the majority of people don't have the IQ to see thru his lies.

There is No reward for Multistaking, there is No extra Control of the Transactions system,
the Lie has been out for a few years now, and there are NO Multistaking Wallets.
Multistaking on a PoS coin is a waste of time.

The only thing the N@S Lie does is give PoW Supporters a way to scare Newbies away from PoS.
N@S is the Ultimate FUD, because there has never been ACTUAL PROOF it could cause any problems, except from the lies of G.Maxwell.

If you bother to follow the details of the N@S Fud, like I did, you can see it is Bullshit and will not hurt a PoS Chain Whatsoever.

 

FYI:
I read your link, and did you read the 2nd link in it.
https://www.reddit.com/r/NXT/comments/2sewhu/nothing_at_stake_attack_researched_and_deemed_not/

They missed the fact , their is no increased reward for mutistaking , but they were smart enough to see it's IMPORTANCE is OVERBLOWN!
One of the Biggest Lies about Multistaking is it will Increase Profits, the fact is it will not increase Profits at all.
If your Block was strong enough to stake on 2 forks, it would have staked on 1 fork, but you only get 1 Reward No Matter how many forks , you are staking on.  
It was overblown because a Liar named G.Maxwell made it UP!

Dino , Seriously
6.  Permission from the original programmer thru the Open Source License granted so you can run the software.  

There are No Permissionless systems in crypto.

 

Amen.  PoS security is a matter of signatory stake over total potential stake.  


To me, the N@S problem can be formulated as follows:

"there are an unlimited amount of different, correct block chains under a PoS rule that can fork off from a given common point using a relatively small amount of stake, and given a finite set of transactions signed by the other stake holders"

The trick is to define an ordering over that amount of block chains such that the chain including most transactions of the other stake holders wins with high probability unless the amount of stake that has to collude becomes significant (at which point, the coin is essentially in the hands of a colluding set of cheaters, at which point, it doesn't matter any more that it fails technically, because it failed already economically).

I think that *practically speaking* N@S is only a problem if there are staking rewards (fees, coinbase).  

As to "check points", I think they defeat the purpose, as they are also a consensus mechanism.  However, there's something much simpler concerning the equivalent of check points: every staker is *supposed* not to stake on a chain that is in contradiction with his OLD BLOCKS he KNOWS ABOUT.  In practice, that would be true: if you have a node running that has been following the block chain since about a year, and suddenly, your peer nodes tell you to orphan half a year of block and to stake on top of the new chain, you should bluntly refuse to stake.   Every node is having his own check points, depending on his own presence on the network.  New nodes cannot know ; but old nodes can refuse to stake on a historically re-written chain.

When there are no rewards, you are not incentivized to "stake nevertheless, to get the reward if that chain wins".  Your only goal is to help the system run correctly, because that protects the stake you hold in it.  If you don't hold any stake, you don't care.   The more stake you hold, the more you (should) care.  If you hold majority stake, you don't care any more either, because you are just playing with yourself.  "bribing into false staking" is essentially impossible because the stakers are random and even anonymous, and each time you change a iota to the history, those random stakers change radically.  In other words, you'd need to bribe essentially a large part of potential stake holders, in such a way that you "buy their stake" for more than their stake is worth ; but you could then just as well buy that stake on the market.  At which point, we're back to "you're playing with yourself".

The nice security feature of PoS over PoW is this:

without any stake, the probability to make a modified chain that will be cryptographically be considered correct is essentially ZERO.  The only way to do so, is to crack the digital signature cryptography used.

The probability of being able to make a false chain rises with the amount of stake that is trying to do so and should be kept insignificant until this stake  becomes so important that the cheating staker is going to shoot himself in the foot by killing the whole system.

With PoW on the other hand, the probability to make  a modified chain that will be cryptographically considered correct is simply depending on how much electricity you can waste versus how much electricity the honest stake holders in the system are wasting.

Yes, but that doesn't make them more secure. It's completely irrelevant if you stake 10 coins of a cryptocurrency with a supply of 1000 units or 10000 coins in a cryptocurrency with a supply of 1000000 units. You have 1% in both cases. Coin age doesn't change anything there - you must calculate the "total possible coin age" and then your percentage of it, then you can determine your probability to get a PoS block.

A "coin" (e.g. 1 BTC) is an arbitrary division of the total supply. The "satoshi" is already a better measure because it's indivisible (at least on-chain), but the quantity of satoshis is not relevant for PoS either.



He's not the only person coming to the conclusion that N@S is a problem to deal with, and I'm not talking only about Bitcoin Maximalists like Andrew Poelstra. Forum user @kushti has done a lot of research about it, see here. He is a NXTer, so he is pro-PoS.

Edit: F**k, got the numbers wrong

What you fail to recognize is that PoW is a BAD protection.  You need to spend a lot of electricity because its ONLY protection is the amount of electricity spent, and the idea that "bad guys" are less capable than "good guys" to waste electricity.

Usually, cryptography is smarter than that.  Digital signatures cost a very small amount of effort by "the good guys" and an impossibly large amount of work by the "bad guys".  PoS is based upon that idea: that the "good guys" (that is to say, cryptographically randomly picked owners of coins in the system) SIGN blocks as being good blocks instead of proving that they wasted more electricity than others.  Normally, if *several randomly picked coin owners* sign a block, and not another one, there's no reason to assume they do this with a bad intention (they mostly have nothing to do with the transactions in that particular block).  The only thing they could do, if they all colluded which is hard to do with randomly selected signers, is harm the system in which they possess coins - why would they ?

And you don't need to waste electricity, and it is MUCH HARDER for an outsider to fake a block chain, than one that has as ONLY security a proof of an amount of wasted electricity.

For instance, the first 2 years of the bitcoin block chain could be entirely done over with modern hash means in a matter of half a day or so.  The amount of PoW in the first two years of bitcoin block chain is ridiculous as compared to what is now done as PoW.

If it had been PoS, then only the entire set of stake holders including Satoshi himself (mainly !) could provide another PoS chain for that period, because only they have ALL the secret keys corresponding to the signatures to make new signatures on the altered chain.

The first 2 years of bitcoin's block chain are hence totally insecure from a PoW point of view, but would remain perfectly cryptographically protected as long as the entire set of stake holders of that time didn't collude or gave out their secret keys.

I believe the main problem PoS is trying to solve is the "waste" of electricity.   

Mining PoW is using a lot of resources (by design) and PoS advocates see this as a waste.   

What they fail to realize is that this 'waste' is protecting the network from attacks, and traditional finance also uses a lot of electricity anyway. 

I don't think PoW is flawed, although a PoW+PoS hybrid might be a good option to solve some problems (such as nodes not getting rewarded).         

I think you are stretching the notion of "permissionless" so much that you are of course coming to a contradiction.  Permissionless only pertains to participating in all the SYSTEM functions, not in what you can do with it *in relationship with others*.  The fact that nobody wants to sell me a gun against bitcoin (nor against cash), doesn't make bitcoin lacking permissionless.  I can still use the bitcoin system to send coins to any address, and I can receive bitcoin from any user *that wants to*. 
As to mining, nothing stops me from building my own ASIC factory and participating.  The fact that *existing* asic vendors don't want to sell me some of their production is not "bitcoin's" problem.  It would be, if these ASICS needed a certificate from Satoshi in order to function.  Then inherently, bitcoin mining wouldn't be permissionless.  But that's not the case.

You can also claim that prisoners are not permissioned to use bitcoin, so bitcoin is not permissionless.  But that has nothing to do with bitcoin, but with society as a whole, who isn't persmissionless.  In other words, you're building a straw man.  If you continue your logic, crypto is a useless affair, because in the end, the government and their judges decide on everything.

In my opinion, that is what will happen, not because it "should" but because of immutability.

Uh, I didn't.  I agreed with you that there is no EXTRA reward for multistaking ; however, by not multistaking, you can LOSE your reward if you have only been staking on the wrong chain !  THIS is the N@S problem: that rewarded staking *invites you* to stake on all chains where you can, because you simply don't know when the issue will be resolved, and on what branch the preference will fall when it is resolved.  If you staked on the wrong chain, you have lost your reward.  If you stake on both (if you can), then you'll obtain your reward, no matter what final choice is made.

In reality, if there is a more sophisticated stake function that picks in a deterministic random way the staker depending on its content, you will not be ABLE to stake on both chains, because only one will prefer you as a staker.  However, the N@S problem involves you generating a lot of alternative past chains (including and excluding transactions) until you can stake on one or several of them.  That, however, starts to look like a PoW: finding past chains that allow you to stake.

You could try all different combinations of included and excluded past transactions so that "by coincidence" *you* can stake each time.   That's a lot of computing ; but much less so than mindless PoW.

I personally think Bitcoin should be left as it is. There are a plethora of POS coins to choose from anyway but Bitcoin should be left in it's original evolutionary state. Even if they messed around with the code and it could be changed, I thin the majority of people would agree with me that Bitcoin should remain in tact.

Ok, but what is the difference then with a central bank and its board of governors ?


I agree, outsourcing the consensus to some industrials is a strange idea for a system that wants to be autonomous.


Indeed, the more stake you have, the more you are keen on keeping up the reputation of the system ; and anyways, in the market you have already the power.   That said, any system in which a single entity possesses, say, 50% of the assets is to be avoided in any case.


Point is, you cannot find out whether nodes are Sybil nodes or not.  Unless you give up other desired properties. 

Pet Peeve of mine, that word permissionless is untrue.
All coins are Permissioned.


 

Regarding permissionless network. Delegated currencies, like DPoS steemit or DPoW bitcoin, has a potential problem with possible transaction moderation. Pools or witnesses can censor transactions from known annoying persons, and people can vote for these pools or witnesses with their stake or hashrate to exclude annoying person from the network, put assets on hold or even rewrite transactions like it was with ETH. I think good enough solution we can come with is delegated block signing by master nodes and voting for trusted block signers run by an algorithm. Master nodes can form consensus to exclude slow and messy peers from signing, master nodes don't need any approval from stakeholders, with big enough deposit required for master node setup there will be no room for Sybil attack. Optionally, there can be even some penalty to deposit for unhonest signers. It's still delegated PoS without randomness and network reorganisations, so block time can be very short and block size can be huge. Block chain can have 200tb of data and run fine since master nodes rewarded for their service and can afford high speed connection and huge storage. Instead of spending millions to securing network with hashrate there can be an incentive to build decentralized infrastructure for block chain storage, so it can be a network of millions of master nodes with current price people pay to miners.
Since too moral or annoyed master nodes get kicked out by an algorithm for messing with transactions network become provable permissionless. Or network can just kick out voted witnesses until reelection like it's already done in DPoS for network delay, but for transactions delay too.

OK, lets clarify ,
The Overall Percentage of Staking Coins determines the Security ,  (Which we should be able to agree on.)  
However Coins with Larger Numbers , will usually have more coins per block, and therefore have a higher coin-age # .

No Argument , about peercoin inventing the age limitation 1st, and I never claimed ZEIT invented it, so not sure where that is coming from.

No offense to the Guy , but he is trying to solve N@S, when N@S is nothing but a falsehood, that shows him and Vitalik have really not bothered to think it through,
if they had, they would have come to the same conclusions I have. N@S is a Lie , and nothing to be concerned with at all.
If you read my detailed posts and it is still unclear, even after Dino agreed with me their is no reward structure for a multistaker and therefore no real point to N@S.  
Well You will just have to code a Multistaker for a PoS coin and try and prove me Wrong. 

 

He cannot change transactions of other accounts, only double spend and censor transactions. So if in a PoW coin the miners manage to regain control of 51%, then the coin could continue to live - above all, if it's widely used and has reputation. A "shitcoin" obviously would die instantly (like the many ones that already died ). In a PoS coin you must additionally do the hardfork. But ok, we're talking about details, I agree that a 51% event is catastrophic in all coin systems.


No, no and no! That's simply false. Do the math again please. The absolute number of coins is not relevant, it's the proportion of the total coin supply a staker has.

And no, your coin has not invented the "coin age limitation". Peercoin did it, in 2012.

I recommend you and all those interested in Proof of Stake to read the blog posts of the "The history of Casper" (Chapter 1 is here) series by the Ethereum developer Vlad Zamfir. I don't know if I come to the same conclusions like him (I think he's overly pessimistic about non-Byzantine PoS algorithms), but it's an interesting read about different PoS systems and the attacks that a well thought-out system should be able to avoid.

Side Note on the Apex,

cynicSOB pulled off a Short Range history attack ~30 blocks, not a long range.

Apex was vulnerable for the following reasons, they only had 5 Stakers with a small # of coins protecting the network,
and they had UNLIMITED Weight from Unlimited Coin Age.

cynicSOB just waited til his coin blocks Weight/Age was higher than the other 5 stakers combined, and overwrote the chain.
(Took him over 20 days before he had enough weight.)

Unlimited Weight/Age is a security issue, and ZEIT handled it by capping the Max Weight/Age at 20 days.
(This security measure was in effect before the Apex attack)  
Meaning even if you kept coins for 100 years, their max weight/age would be no more than 20 days.
So your short range history attack would fail.  

It all breaks down to this
hashProofOfStake <= [Coin-age] x [Target]      
[Coin-age] = [amount of coins] x [days in stake]      

That is why a PoS coin with a billion coins will be safer than a PoS coin with only a few million.
And you could make the argument that is why BTC should never become PoS without using rolling checkpoints or a checkpoint server,
as BTC does not have enough coins to secure the chain properly.