Pages:
Author

Topic: PoS is far inferior to PoW - why are so many people advocating switching to PoS - page 9. (Read 12861 times)

legendary
Activity: 1484
Merit: 1026
In Cryptocoins I Trust
If you reverse PoS and PoW in your post, then your post would be 100% accurate and correct Smiley
Doesn't it cost nothing to attack a PoS coin? While you must use actual resources to attempt to attack a PoW coin?

Exactly, I thought attacking PoS coin is much more cost free (next to nothing) than attacking PoW coin.

You just have to buy 51% of the currency or track down majority of stakeholders and compromise their private keys. Much cost free

lots of people seem to believe this (I think it's even mentioned in Sunny King's PPC paper), but it's not accurate: you need 51% of the actively staking coin-age. That's much, much, less than 51% of the currency.
I had some ideas to help fix this, I'm working on it.
How do you fix the past?

If someone had 51% stake share at one point, what can you do to prevent him forking the chain?
How do you fix the past?

If someone had 51% of a Proof Of Waste coin's hash power, what can you do to prevent him forking the chain?
legendary
Activity: 1442
Merit: 1005
If you reverse PoS and PoW in your post, then your post would be 100% accurate and correct Smiley
Doesn't it cost nothing to attack a PoS coin? While you must use actual resources to attempt to attack a PoW coin?

Exactly, I thought attacking PoS coin is much more cost free (next to nothing) than attacking PoW coin.

You just have to buy 51% of the currency or track down majority of stakeholders and compromise their private keys. Much cost free

lots of people seem to believe this (I think it's even mentioned in Sunny King's PPC paper), but it's not accurate: you need 51% of the actively staking coin-age. That's much, much, less than 51% of the currency.
I had some ideas to help fix this, I'm working on it.
How do you fix the past?

If someone had 51% stake share at one point, what can you do to prevent him forking the chain?
hero member
Activity: 583
Merit: 505
CTO @ Flixxo, Riecoin dev
You just have to buy 51% of the currency or track down majority of stakeholders and compromise their private keys. Much cost free

lots of people seem to believe this (I think it's even mentioned in Sunny King's PPC paper), but it's not accurate: you need 51% of the actively staking coin-age. That's much, much, less than 51% of the currency.
I had some ideas to help fix this, I'm working on it.

Peercoin PoS is not the same as NXT PoS, the latter doesn't use coin-age.

it doesn't matter, it has the same probblem, just replace "coin-age" by "coins".
form their "whitepaper" (actually a wiki):

Quote
tokens must be stationary within an account for 1,440 blocks before they can contribute to the block generation process

this means all coins that are used for transfers cannot be staken and do not count toward the total of which you need 51%
moreover, lots of holders do not stake, so it's not 51% of coins, it's 51% of coins being actively at stake

...and it get worse if you consider NXT has punishments for not staking...
hero member
Activity: 583
Merit: 505
CTO @ Flixxo, Riecoin dev
You just have to buy 51% of the currency or track down majority of stakeholders and compromise their private keys. Much cost free

lots of people seem to believe this (I think it's even mentioned in Sunny King's PPC paper), but it's not accurate: you need 51% of the actively staking coin-age. That's much, much, less than 51% of the currency.
I had some ideas to help fix this, I'm working on it.

Peercoin PoS is not the same as NXT PoS, the latter doesn't use coin-age.

it doesn't matter, it has the same probblem, just replace "coin-age" by "coins".
form their "whitepaper" (actually a wiki):

Quote
tokens must be stationary within an account for 1,440 blocks before they can contribute to the block generation process

this means all coins that are used for transfers cannot be staken and do not count toward the total of which you need 51%
moreover, lots of holders do not stake, so it's not 51% of coins, it's 51% of coins being actively at stake
sr. member
Activity: 336
Merit: 260
You just have to buy 51% of the currency or track down majority of stakeholders and compromise their private keys. Much cost free

lots of people seem to believe this (I think it's even mentioned in Sunny King's PPC paper), but it's not accurate: you need 51% of the actively staking coin-age. That's much, much, less than 51% of the currency.
I had some ideas to help fix this, I'm working on it.

Peercoin PoS is not the same as NXT PoS, the latter doesn't use coin-age.
hero member
Activity: 583
Merit: 505
CTO @ Flixxo, Riecoin dev
If you reverse PoS and PoW in your post, then your post would be 100% accurate and correct Smiley
Doesn't it cost nothing to attack a PoS coin? While you must use actual resources to attempt to attack a PoW coin?

Exactly, I thought attacking PoS coin is much more cost free (next to nothing) than attacking PoW coin.

You just have to buy 51% of the currency or track down majority of stakeholders and compromise their private keys. Much cost free

lots of people seem to believe this (I think it's even mentioned in Sunny King's PPC paper), but it's not accurate: you need 51% of the actively staking coin-age. That's much, much, less than 51% of the currency.
I had some ideas to help fix this, I'm working on it.
sr. member
Activity: 433
Merit: 267
I wonder why noone mentions the 2 huge flaws the paper has:

1. It throws all PoS implementations in one pot, while there are huge differences between them.(centralized checkpoints vs. decentralized ones, unlimited reorg vs. 720 block reorg limit etc. etc.)
Any checkpoints that are designed to avoid a fork are by their nature a driver of centralization because it compromises long term independent validation in favor of short term "guarantees" that depend on a smaller subset of honest nodes, which in turn opens up the potential for Sybil attacks.
The whole thing is extremely messy and at the end of the day boils down to; The differences don't actually solve the problem of decentralized consensus so there's no reason to put them into different pots.

2. It does not bother to mention how many calculations are needed to secretly build a valid longer chain with a small stake in a specific PoS system. This is like saying sha512 algo can be cracked, without calculating how many tries one needs to crack it...

I'm eagerly awaiting a revised version that calculates needed computing power to n@s-attack, let's say current version of Nxt.
The tedious details that would go into trying to figure out precisely how NxT would be attacked don't resolve the problem that the paper is talking about, and more importantly, it's not the responsibility of us to put forward the security model.

It's worth noting that by writing a well-defined security model and working toward it, it is possible to create a "working" PoS which is only broken when the assumptions of the security model are violated. If one were to do this, it would then be easy to point out how the security model is not applicable to the real world. But Vitalik's posts --- and no PoS writeups that I'm aware of --- actually do this.


The way I see it is the difference between PoS and PoW is the difference between a geocentric and a heliocentric model of the solar system. In the geocentric model (ptolemaic system) you have to keep adding all sorts of convoluted rules and behaviors to get it to spit back a result that you're looking for, whereas with the heliocentric model, it's comparatively easy to map and model the appropriate behavior of the bodies in the solar system. Similarly, PoW is very simple, and it does it's job very well. However, the ptolemaic system actually worked, whereas it's not clear that PoS can actually work in the sense of allowing decentralized consensus.

Why bother with a cryptocurrency if it doesn't accomplish decentralized consensus? I could run a program on my computer that could easily run tens of thousands of transactions per second (If I had the bandwidth), it would only cost maybe a few cents per transaction, confirm in seconds, you could access it from anywhere in the world, I could return stolen funds, roll it back when it inevitably messed up, and no one else could see your transactions (Until the government asked for them.), but who wants to trust some bonehead to always do the right thing? PoS throws the baby out with the bathwater. By trying to avoid the "waste" of PoW it also vaporizes decentralized consensus, which is arguably a defining feature of a real cryptocurrency.
hero member
Activity: 798
Merit: 1000
‘Try to be nice’
A PoW+ index will in future be the only index people follow -

http://www.coinspeaker.com/2014/11/06/cryptocurrency-fraud-part-1-identifying-ways-in-which-fraudsters-operate/


unfortunate Bitcoin would need a hard fork.

and PoS hybrids are not discriminated against.


two rules:

1. Does it use PoW to facilitate trans issue the Token  ?

2. does that PoW continue i.e it is not Hard capped.


Peer makes it as do other hybrids.

Bitcoin Litcoin no soup as they are hard capped basically in the most simplistic economic terms a  "long con"

see if i'm not right.

every other prediction relies on these two vectors:

1. Ignorance.
2. assumption of ignorance in monopoly.

you kids might make some quick money but that's about it.
hero member
Activity: 574
Merit: 500
2. It does not bother to mention how many calculations are needed to secretly build a valid longer chain with a small stake in a specific PoS system. This is like saying sha512 algo can be cracked, without calculating how many tries one needs to crack it...


I am also looking forward to this in Nxt. But we won't see it. I have seen no one even attempt to do the calcs as I think those *capable* of doing the calcs already know what the answer will be... and the status quo around the N@S 'problem' suits their agenda.
hero member
Activity: 574
Merit: 500
*snipped*

In PoS, it isn't the majority that decides, it's the majority stakeholder entity which once appeared can't be erased from history. Once the majority condition has been achieved ONCE, it will be available as an attack vector FOREVER. In PoW, a majority condition achieved ONCE will provide temporary reversible benefits and is very easy to spot and eliminate.

The cost to fork and keep up a hidden PoS blockchain is less than 5 USD a month for ANY coin.
The cost to fork and keep up a hidden PoW bitcoin blockchain is 30000000 USD a month.

Do you still need to compare the two?

*blahblah snipped*






Guys, could we focus on pure math instead of personal opinions?
legendary
Activity: 1225
Merit: 1000
https://download.wpsoftware.net/bitcoin/pos.pdf

That paper explains why Distributed Consensus from Proof of Stake is Impossible

This paper gets cited more than the bible around here Cheesy

Is it so credible because its a pdf?

I wonder why noone mentions the 2 huge flaws the paper has:

1. It throws all PoS implementations in one pot, while there are huge differences between them.(centralized checkpoints vs. decentralized ones, unlimited reorg vs. 720 block reorg limit etc. etc.)

2. It does not bother to mention how many calculations are needed to secretly build a valid longer chain with a small stake in a specific PoS system. This is like saying sha512 algo can be cracked, without calculating how many tries one needs to crack it...

I'm eagerly awaiting a revised version that calculates needed computing power to n@s-attack, let's say current version of Nxt.
legendary
Activity: 1246
Merit: 1000
Mining was never fair.  Today after 5 years of learning resources and how-to-guides many people still can't figure it out.  I'm sure someone here will come at me with an ad hominem ("lol ur stewpid") but it doesn't change the fact that PoW is indeed this complicated thing which most users and upcoming users will never understand.



Maybe your laptop or a dusty Windows 95 could had mined Bitcoin in 2009 but doesn't do any good if the user in control of the hardware did not know where to begin and back then there was virtually no learning resources to consult.   There was a reason why millions of the first Bitcoins were mined by a very small exclusive group of people with backgrounds in computer science and this scarcity was why they were able to manipulate the price and make it valuable enough to had been appropriated as a payment method on websites like the Silkroad.





I've been in crypto a year now and even still mining talk is all gabbedly gook to me. Granted I own a laptop and have had no reason to mine with my hardware which prohibits me from bothering to go learn how to go about it, but the point stands that if it looks like a foreign language to me, imagine what it looks like to ma and pa.

This is why mining should have always been a one-click affair and you're done. Why should anyone have to compile a wallet or mess around in notepad, finding pools or running command-line  debug windows just to create crypto currency? It is not very democratic to begin with if only technocrats can do it.
legendary
Activity: 1181
Merit: 1002
https://download.wpsoftware.net/bitcoin/pos.pdf

That paper explains why Distributed Consensus from Proof of Stake is Impossible

This paper is a lot of text that concludes that N@S attack is a "big problem".

Let's wait for such an attack to be successful (bring down NXT) before we conclude that PoS is impossible.

In the mean time let's simply assume that PoS is possible and saves a substantial amount of resources  Wink
hero member
Activity: 835
Merit: 1000
There is NO Freedom without Privacy
https://download.wpsoftware.net/bitcoin/pos.pdf

That paper explains why Distributed Consensus from Proof of Stake is Impossible
hero member
Activity: 756
Merit: 506
Mining was never fair.  Today after 5 years of learning resources and how-to-guides many people still can't figure it out.  I'm sure someone here will come at me with an ad hominem ("lol ur stewpid") but it doesn't change the fact that PoW is indeed this complicated thing which most users and upcoming users will never understand.



Maybe your laptop or a dusty Windows 95 could had mined Bitcoin in 2009 but doesn't do any good if the user in control of the hardware did not know where to begin and back then there was virtually no learning resources to consult.   There was a reason why millions of the first Bitcoins were mined by a very small exclusive group of people with backgrounds in computer science and this scarcity was why they were able to manipulate the price and make it valuable enough to had been appropriated as a payment method on websites like the Silkroad.



legendary
Activity: 1442
Merit: 1005
Either way PoW/PoS doesn't really differ much
They are also both solved by consensus between developers issuing a patch and major users agreeing to collaborate. So no difference basically.

So why are so many people advocating switching to PoS, besides "lol lol do nothing get free coins"?
member
Activity: 114
Merit: 12
stuff

The scenario is a network split. Consensus will be broken when users re-connect.

Either way PoW/PoS doesn't really differ much in the sense you could run a full node in a different place, mine in the segmented place, and send the block across using VPN/whatever.
sr. member
Activity: 336
Merit: 260
What would happen in Bitcoin in the same situation when you have Chinese miners cut off from the rest of the world and mining their own fork with their PH/s for 3 days?

Since the Chinese miners would still have less hashing power than the rest of the world, their chain will get "orphaned". When their nodes rejoin the network, they should automatically choose the fork with more "work" in it. Many transactions would have to be rebroadcast, and such nodes will likely enter "safe mode" if that happened.

Edit: Somewhat relevant

Alright, a stake in NXT is virtual hashing power, which can be quickly packed up and moved to a host outside of the scope of the great firewall, should such a force majeure event manifest itself. Think of it as a physical server vs. cloud machine which can be migrated in a matter of minutes. If that were to ever happen, it would be longer than 3 days because it would mean some powerful entity is really pissed off, the chinese Bitcoin miners would risk to never be able to connect to the rest of the world in that case, while chinese NXT forgers would shrug it off as a mere inconvenience.
legendary
Activity: 1008
Merit: 1001
Let the chips fall where they may.
What would happen in Bitcoin in the same situation when you have Chinese miners cut off from the rest of the world and mining their own fork with their PH/s for 3 days?

Since the Chinese miners would still have less hashing power than the rest of the world, their chain will get "orphaned". When their nodes rejoin the network, they should automatically choose the fork with more "work" in it. Many transactions would have to be rebroadcast, and such nodes will likely enter "safe mode" if that happened.

Edit: Somewhat relevant
sr. member
Activity: 336
Merit: 260

The chinese nodes would be on a permanent fork. Each node owner could still delete his copy of the blockchain individually and the node would eventually download the "right" chain. There is not a single "somebody" that triggers the re-org though.

Pretty sure that's the definition of consensus failure. I guess they think this is ok, and people will naturally(somehow?) decide which fork is "right".

OTOH I call that "broken".

What would happen in Bitcoin in the same situation when you have Chinese miners cut off from the rest of the world and mining their own fork with their PH/s for 3 days?

I guess the difference here is not in Bitcoin's favor. If Bitcoin miners are cut off for 3 days, they can't magically transfer their hardware to some other country and keep on mining there. While in NXT they can rent a VPS for $5/month in some other country (provided it's not a full cutoff of internet access which would be a major disruption of all economic activity) and keep on forging with the rest of the world on that VPS, as well as use it to send transactions. Bitcoin miners would be at a loss in that case. That makes PoS superior as it doesn't have a physical location limitation.
Pages:
Jump to: