Pages:
Author

Topic: PoS is far inferior to PoW - why are so many people advocating switching to PoS - page 11. (Read 12861 times)

legendary
Activity: 1442
Merit: 1005
At no point could one of the entities take complete control over the blockchain by themselves and they had to agree to switch lanes together by majority vote.

That is quite the rose-colored view of the situation. From my remembrance, it was the one or two major pools on the "correct" chain that had to be persuaded to move to the forked chain to preserve the network unity. In doing so they were giving up all of the blocks they had mined, so this was not a no-nonsense decision. The decision was in the hands of a couple of people--that is not the bastion of decentralization that you make it out to be.
Consider the three components:

Miners - should the miners decide to stick to the incorrect chain, developers and users would still not use it and the coins would become worthless as mining does not convert bitcoins to value, it does the reverse. Miners can provide security for their majority chain, but nobody would use it. Users and developers would wait hours for a transaction on the "good" chain and would start paying for miners to come there. Nobody wins if miners do not form a consensus with users and developers.

Developer - the developers can change the protocol or chain rules as they want, but without miners adopting and enforcing the rules or users using the rules, they mean nothing. The software is open source, it has been forked over 2000 times already, developers can't go rogue on their own, there is no gain.

Users - (I mean here mostly exchanges and payment services) can only use the software the developers provide and the blockchain the miners support. They can veto any change but this causes loss of apparent value. Any competitive developer or mining pool will then be on equal value capability and allow switching.

While I agree the number of people required to keep bitcoin running in a consesus is small, none of them can go rogue for more than a few hours, the majority decides.

In PoS, it isn't the majority that decides, it's the majority stakeholder entity which once appeared can't be erased from history. Once the majority condition has been achieved ONCE, it will be available as an attack vector FOREVER. In PoW, a majority condition achieved ONCE will provide temporary reversible benefits and is very easy to spot and eliminate.

The cost to fork and keep up a hidden PoS blockchain is less than 5 USD a month for ANY coin.
The cost to fork and keep up a hidden PoW bitcoin blockchain is 30000000 USD a month.


Do you still need to compare the two?

Only lazy bums thinking they can become shitcoin millionaires have dreams of springing fortunes out of literally doing nothing all day. Do you really think someone will pay thousands of dollars for you to do effectively close to nothing useful? Wake up silly fanboys, read some simple economics...

If someone thinks about the economic cost of stakes, consider this: each and every PoS coin user can pass around the majority of coins through direct transactions, at which point they can attempt an attack. The developer can checkpoint that? Well guess what, he controls everything, it's not a consensus anymore, it's a useless governed monopoly money system.
legendary
Activity: 1092
Merit: 1010
If the block-chain can't be rolled back past 12 hours, why was it the subject of debate after the BTER Exchange compromise?
Official NXT Decision: No Blockchain Rollback
Quote from: Bas Wisselink
As you already know, our devs released an update that would adjust the blockchain in such a way that only the BTER account would be affected. As it stands, the majority of NXT forgers has opted not to support this fork. The new version has already been rescinded and the rollback will not happen.

Of course, this whole discussion strikes at the core of what a crypto platform is about. Is there a point where a blockchain can be rolled back, or not?

I understand that the Vericoin devs have decided to do this in their case, because 30% of coins were involved.

Our situation and proposed solution were very different. The main difference that I see is that our core devs have left the decision completely up to the forgers. They could have taken the decision to not even propose a fork at all, but decided to put this in the hand of where the decision power in a PoS system is: the stakeholders.

It's rather simple (I'm answering because you are quoting me here Smiley )

First: it's not 12 hours, it's 720 blocks which equated to about 12 hours.

The debate you are referencing was held withín that 720 blocks. Also, technically, within that time it's not a roll back, but a reorg of the chain. Áfter that 720 blocks, it's a rollback.

So, to have the facts straight: there was a chance for a reorg of the chain within that 720 blocks, which didn't happen, because not enough of the stakeholders supported it.
That debate is legit within the framework. This time it popped up during that theft.

We also have to seperate two kinds of debate: there was a debate on a forum, which is done verbally. On the other hand there is the "debate" done technically by the stakeholders by forging.
We should not confuse the two as they are not the same, nor are the same actors involved.

The forum debate has no bearing at all on the actual "debate" that affects the blockchain. News sources have a tendency to disregard this difference because it's so much easier to concentrate narratively on the forum debate Cheesy
legendary
Activity: 817
Merit: 1000
Centralized exchanged managing a high amount of stake will soon be a thing of the past with SuperNet and its trustless decentralized coin 2 coin coin 2 asset exchanges.
sr. member
Activity: 364
Merit: 250
☕ NXT-4BTE-8Y4K-CDS2-6TB82
This is not possible with bitcoin. Last year there was a hard fork caused by different bitcoin-core versions.

The developers and mining pools as well as the users (exchanges and payment providers) were working together to allow a hard fork against the orphaned chain.

At no point could one of the entities take complete control over the blockchain by themselves and they had to agree to switch lanes together by majority vote.

Are we talking about Bitcoin of PoW here? I thought this thread was about the latter.
sr. member
Activity: 364
Merit: 250
☕ NXT-4BTE-8Y4K-CDS2-6TB82
With  PoS coin, on the other hand you can potentially sell your "investment" in the coin prior to your attack being discovered by the rest of the network, which would result in you having a zero net cost to an attacker

Who told you that non-sense?
legendary
Activity: 1568
Merit: 1002
Why should I buy PoS coin when I can mine them cheaply? Everyone will just mine PoS coin while no one will buy them, the price will be as low as PoS stake holder can hold on an exchange  Cheesy

you dont seem to understand the first thing about pos?

legendary member they said... knows his stuff they said... Roll Eyes
legendary
Activity: 1988
Merit: 1012
Beyond Imagination
Why should I buy PoS coin when I can mine them cheaply? Everyone will just mine PoS coin while no one will buy them, the price will be as low as PoS stake holder can hold on an exchange  Cheesy
legendary
Activity: 1008
Merit: 1000
In a PoS system, acquiring enough stake to attack will cost you astronomical amount of money
Well it didn't cost the government an astronomical amount to obtain those massive amount of bitcoins from the silk road bust.
Lucky bitcoin isn't POS or it'll be screwed.

the amount they acquired wasnt even more then 1-2%? you would minimum 51% of coins to attack the network..
What I was pointing out is that doesn't always take an astronomical amount of money to acquire a large amount of coins. It's just a long running myth.

I'm not anti-pos by the way.


Part of the argument is that acquiring 51% coins means buying and pushing up the prices so that the current holders get compensated. Besides, its stupidity to buy up 51% and then destroy it.
full member
Activity: 173
Merit: 100
At no point could one of the entities take complete control over the blockchain by themselves and they had to agree to switch lanes together by majority vote.

That is quite the rose-colored view of the situation. From my remembrance, it was the one or two major pools on the "correct" chain that had to be persuaded to move to the forked chain to preserve the network unity. In doing so they were giving up all of the blocks they had mined, so this was not a no-nonsense decision. The decision was in the hands of a couple of people--that is not the bastion of decentralization that you make it out to be.
The power of the few to make these kinds of decisions is only temporary. Like bitcoin, pooled mining is fungible so it is very easy to switch to a different pool if the operator is making decisions that the miners do not agree with
Ix
full member
Activity: 218
Merit: 128
At no point could one of the entities take complete control over the blockchain by themselves and they had to agree to switch lanes together by majority vote.

That is quite the rose-colored view of the situation. From my remembrance, it was the one or two major pools on the "correct" chain that had to be persuaded to move to the forked chain to preserve the network unity. In doing so they were giving up all of the blocks they had mined, so this was not a no-nonsense decision. The decision was in the hands of a couple of people--that is not the bastion of decentralization that you make it out to be.



As far as POS weaknesses go, I have recently posted a proposal (see sig) that I believe eliminates any of the remaining problems with POS. Stakes are actively managed - money that is staked cannot be used for any other purpose and is locked for a period of at least 1 year. This makes it much more difficult for exchanges and banks to stake. It also allows for easy penalization - create two blocks for the same time frame, your stake is destroyed.

The 1 year period is also in place to make it compact to implement a historic ledger that keeps track of the stakers all-time and can easily prevent the rewriting of history. Stakers must "sign out" of their stakes with a recent hash of network data to receive their stake back - this cannot possibly be duplicated in a rewritten history because the hashes will be incorrect. It then becomes obvious even to a new node following from the genesis block that only one network can be correct.

It's worth taking a look, if I may say so myself.
legendary
Activity: 1442
Merit: 1005
This is not possible with bitcoin. Last year there was a hard fork caused by different bitcoin-core versions.

The developers and mining pools as well as the users (exchanges and payment providers) were working together to allow a hard fork against the orphaned chain.

At no point could one of the entities take complete control over the blockchain by themselves and they had to agree to switch lanes together by majority vote.
legendary
Activity: 1442
Merit: 1005
This is a clear example of PoS security:

Quote
The breach resulted in the loss of roughly 8 million vericoins (VRC), or about 30% of the total coins in existence

An exchange had 30% of total coins. You can be pretty sure they were the majority stake owners. If they did not, then another exchange had majority stake. Exchanges have lots of coins.

A single neutral entity was able to control the whole blockchain at their whims.

However they were hacked, those 30% of the coins were in a hacker's wallet.

A single adversarial entity was able to control the whole blockchain at their whims.

But then the developer decided to hardcode the non-theft blockchain into the client software so the actual blockchain the hacker was on would be orphaned.

A single friendly entity was able to control the whole blockchain at their whims.

Notice a pattern?
legendary
Activity: 1442
Merit: 1005
can you show me the math to prove this? or give a technical explanation of exactly how you would do this.. so far no one has been able to do this.
http://www.coindesk.com/bter-nxt-bitcoin-exchange-hack/ (rollback fork averted)
http://www.coindesk.com/bitcoin-protected-vericoin-stolen-mintpal-wallet-breach/ (rollback fork allowed)
sr. member
Activity: 336
Merit: 260
If the block-chain can't be rolled back past 12 hours, why was it the subject of debate after the BTER Exchange compromise?

The subject of debate was whether to rollback the last 720 blocks or not. Everything older than 720 blocks in NXT is not reversible, can't be overwritten and is set in stone (rolling automatic checkpoints). But the forum speakers are not necessarily stakers (or forgers in NXT terminology). Forgers process transactions, not forum speakers. Even if some people debated there should be a rollback, majority of forgers didn't support this with their actions.
legendary
Activity: 1008
Merit: 1001
Let the chips fall where they may.
If the block-chain can't be rolled back past 12 hours, why was it the subject of debate after the BTER Exchange compromise?
Official NXT Decision: No Blockchain Rollback
Quote from: Bas Wisselink
As you already know, our devs released an update that would adjust the blockchain in such a way that only the BTER account would be affected. As it stands, the majority of NXT forgers has opted not to support this fork. The new version has already been rescinded and the rollback will not happen.

Of course, this whole discussion strikes at the core of what a crypto platform is about. Is there a point where a blockchain can be rolled back, or not?

I understand that the Vericoin devs have decided to do this in their case, because 30% of coins were involved.

Our situation and proposed solution were very different. The main difference that I see is that our core devs have left the decision completely up to the forgers. They could have taken the decision to not even propose a fork at all, but decided to put this in the hand of where the decision power in a PoS system is: the stakeholders.

The Vericoin roll-back happened because the developers were concerned about a Potential 51% attack.
8 Million Vericoin Hack Prompts Hard Fork to Recover Funds
Quote from: Stan Higgins | Published on July 14, 2014 at 23:11 GMT
Given the extent of the damage, the vericoin development team opted to hard fork the coin’s block chain in order to reverse the theft transaction. This was performed, they said, in order to both prevent the loss of roughly $2m in investor funds and stop a fraudulent actor from holding 30% of the coin’s proof-of-stake network capacity.

The fork is now complete, with new wallets now available for download, the vericoin development team told CoinDesk.

Any PoS coin relying on even wealth distribution is going to be in trouble
sr. member
Activity: 433
Merit: 267
You can't mathematically prove it, because the other stake-holders can roll back to any point of time of their choosing.

In other words, PoS does not actually form a consensus.

that does not mathematical proof is impossible. also the nxt blockchain cannot be rolled back past 12 hours. for any reason. so instantly you have proven you do not understand the tech and that you do not know how PoS actually works. the white paper and the "math of nxt forging paper" prove that what you are saying is not true..

what you say could be true for other variants of PoS but it does not have a leg to stand on when discussing nxt.

Quote
andytoshi, what do you think about saving PoS by bouncing checkpoints/blockhashes off reality?

Then you are introducing trust assumptions and new attack vectors. There are no universally trusted parties to provide checkpoints.

It's worth noting that by writing a well-defined security model and working toward it, it is possible to create a "working" PoS which is only broken when the assumptions of the security model are violated. If one were to do this, it would then be easy to point out how the security model is not applicable to the real world. But Vitalik's posts --- and no PoS writeups that I'm aware of --- actually do this.

http://en.wikipedia.org/wiki/Security_through_obscurity
https://download.wpsoftware.net/bitcoin/pos.pdf
sr. member
Activity: 336
Merit: 260
You can't mathematically prove it, because the other stake-holders can roll back to any point of time of their choosing.

That's why I said that PoS 1 != PoS 2 != PoS 3. There is at least one PoS implementation where what you just said is not possible.
sr. member
Activity: 336
Merit: 260
Once you control 50%+1 of the votes, you vote for forks that give you equal or more voting power.

Except nobody has done this yet. Other than that, you're mostly right Cheesy In theory you can do a lot of things.
Do you think this frivolous answer addresses the fundamental problem? This is why people find PoS supporters so tiresome.

Do you think billion dollar companies are going to put their weight behind "nobody has done this yet"?

Maybe if you said, "We're a centralized cryptocurrency run by technocratic overlords, if our currency does something wrong, we'll unilaterally modify it. If you don't like it, you can suck our balls." we would be less critical of you.

I wouldn't touch a centralized crypto currency with a ten foot pole, I have fiat after all for all my centralized needs.
legendary
Activity: 1568
Merit: 1002
You can't mathematically prove it, because the other stake-holders can roll back to any point of time of their choosing.

In other words, PoS does not actually form a consensus.

that does not mathematical proof is impossible. also the nxt blockchain cannot be rolled back past 12 hours. for any reason. so instantly you have proven you do not understand the tech and that you do not know how PoS actually works. the white paper and the "math of nxt forging paper" prove that what you are saying is not true..

what you say could be true for other variants of PoS but it does not have a leg to stand on when discussing nxt.
legendary
Activity: 1008
Merit: 1001
Let the chips fall where they may.
Once you control 50%+1 of the votes, you vote for forks that give you equal or more voting power.

Check-points can help guard against this, but can be a central point of failure if not carefully implemented (possibly leveraging the Bitcoin PoW blockchain).

what you are explaining is a 51% attack not a "history attack" which is what BombaUcigasa was trying(and failing) to explain and what you have just said does not answer the question i asked.

see this is what im talking about.. no one can provide the math to prove this? or give a technical explanation of exactly how you would do this

show the math and the technical explanation or its pure tripe.

You can't mathematically prove it, because the other stake-holders can roll back to any point of time of their choosing.

In other words, PoS does not actually form a consensus.

Edit: I am not sure I understand the distinction between a 51% and "history" attack. The point of the block-chain is to document and order transactions.
Pages:
Jump to: