Topic: Proof that Proof of Stake is either extremely vulnerable or totally centralised - page 5. (Read 11768 times)

@anonymint says that your conclusion is not quite right or let's say it's incomplete.
After sufficient time the TaPoS combined with burning has inertia because users don't want to have the tokens reverted by a fork.
So essentially it's a more decentralized variant of checkpointing.
Will not help objectify consensus in the short-range case though.

I had relayed what @anonymint wrote about proof-of-stake:
https://gist.github.com/shelby3/e0c36e24344efba2d1f0d650cd94f1c7#oligarchy-if-pos-is-functioning

2. He uses these historical keys to generate a new chain of history starting just before the keys were emptied and which is longer in cumulative difficulty than the canonical chain. He can do this first time with 100% probability since he has a majority of historical stake

Read about finality in proof of stake. a once written and accepted block cannot be exchanged or rewritten. only with a big financial loss of 2/3rds of all validators.

"
The intention is to make 51% attacks extremely expensive, so that even a majority of validators working together cannot roll back finalized blocks without undertaking an extremely large economic loss — a loss so large that a successful attack would likely on net increase the price of the underlying cryptocurrency as the market would more strongly react to the reduction in total coin supply than it would to the need for an emergency hard fork to correct the attack
"

vitalik continued with an example of the loss:
"
A fully "finalized" block is one where > 2/3 of Casper validators will lose their entire deposits if the block ends up being not in the main chain (estimate this at being ~2-20 million ETH depending on how many people stake).
"

...

Perhaps coins can be burned on a POW sidechain, e.g. Litecoin.
I guess in this scenario Proof-of-Sacrifice would work.

Would change anything if two miners were picked by proof of stake or proof of hold (lowest amount of coin wallet had at some point of time at the last X days is the stake), and then select the real miner between those 2 miners by using proof of work?

I have 3 q. How many possible staking inputs do these addresses have?
What is the min/max staking age of this coin?
How long a chain will they need to create to be longer?

I've found a solution in an other post for this problem that might help.
https://bitcointalksearch.org/topic/m.36995026

Doesn't work because to burn stake you must send a transaction, and you cannot come to a consensus on the current set of valid transactions by sending more transactions, it's a chicken and egg problem.

I did some analysis on it a while back, and long story short, it degenerates into PoS.

Instead of Proof of Stake, I would like to vote for Proof of Work. It is not only for creating blocks, but also for making consensus, which is a great advantage.

All depends of consensus.
So, records in various registries are not costs anything, but trusting them is result of consensus.
Question is cost of possibitily to change it in hindsight.

Blockchain is immutable by cryptographics only within consensus agreement borders.
I can build alternate branch of bitcoin in my kitchen, but it will be only satisfied to my kitchen consensus, no one of widespreaded nodes approve my branch. It means, that main chain is shielded by computer work in single consensus concept of bitcoin network.

POS consensus is so less harmful, but vulnerable for a number of attacks, which can be simplified in majority to absence independent trusted authority inside network, as i can see. If we can verify some checkpoint independently, we can prevent, in particular, subj historical attack.

One question is how to find and automate this authority, and it was  proposition to bind POS blockchain to other blockchains, that I wish to discuss

Everything about PoS is creepy though. Where in the Universe is creating Value without Energy possible?
Well, I don't know much about the technical side of PoS but I have a feeling it'll be massively Centralized by government and the elites. Won't be surprised if this is the original goal.



Wonder if there are maths that support the PoS concept? Is stuff like that even possible in real World without burning massive amount of Energy.

Sorry for necroposting, but my considerations was moderated to AltCoins board and drown.
So, the problem simplifies to needing trusted third-party for checkpointing POS network and it is preferable to be independent from developer (because in this scenario most presumable evil is near coin developer).
Please follow https://bitcointalksearch.org/topic/is-it-way-to-workaround-historic-attack-to-pos-valutes-2895120 - is this conception implementable?

The only point of disagreement in general has been centered on the difficulty of acquiring a majority of recent private keys. That is sadly unprovable.

What you have provided is not a proof at all. We can go into meaningless and long discussions, and that crap is not what you can get by providing a (formal) proof. So please provide a real (i.e. formal) proof.

What don't you understand?

Because it is in the OP, so it has to be true

Well then the burden is to prove A. Why is it assumed "self evident"?

@kushti i think the logic used in this thread is that given that we assume A inevitably leads to B, since A is self-evident, then B is too.

It is hard to argue with that sort of logic as it allows to prove conclusively that B is true, it doesnt matter what B is, just as long as A is self-evident.

Like this:

We will assume that above absolute zero temperatures it is inevitable that the moon is made of cheese.

Since we are not all frozen at absolute zero, it is clear that the moon is made of cheese.

I think formally it would be: Assume A -> B and A is true, therefore B is true

James

Ok, now please provide a formal proof for minority of readers who can't understand an informal one (e.g. me).

Absolutely there is doubt.  There are what 15 million bitcoins worth of doubt.  Most of the value of PoS coins also is also based on that doubt as well, as PoW is the underlying creation of the tokens which are then staked.  I see no signs of unhealthy centralization as of yet, though this doesn't mean we shouldn't be concerned it could happen in the future and consider how to avoid / be ready. 


What are these attacks on PoW coins which you refer?  Curious. 


Show me some tracking tools that could figure out that one person had control of any amount of hashpower or stakepower.  If they don't choose to reveal anything about the keys they control, we know nothing. 


lol!  well certainly this is true if the coin has a max_depth_reorg parameter. 

pow isn't bad in general but a monetary based incentive model doesn't work. it may on the paper, in theory
but you have to deal with humans here and they have totally different demands (mostly accumulation driven).
i mean, is there really any doubt that this model already lead into a very unhealthy centralization?

perhaps for those denying reality, granted, but assuming this centralization is the case you have to accept
that pow is much, much more vulnerable by bad actors than other models. i am talking not about the weird
double spending scenarious contructed here, which are nonsense simple due to a horrible risk/reward ratio.
i you just think a minute about the details necessary to initiate an attack (real world) it comes clear nobody
would do this just for some doublespends but they would, if the goal is to create controlled mayhem.

taking this into account you can ask yourself now what gives you more confidence for a multi-billion
ecosystem. pos, where an attacker has to reveal his intention by positioning building* to get the majority
thru a very expensive asymptotically nearing or a handfull powerlines driven by an even smaller number
of miners?

well, for me this is a no-brainer. sad how things are evolved but i would bet the probability an attacker
could get the control on pos by buying old gen keys is magnitude smaller than satoshi is heavily pissed off
how things are going and therefore switching his 1mio btc stash into ethereum.

*silent positioning building is pretty hard, even in traditional markets, where most parts of the books
are closed but in crypto this much harder since most data is visible and many tracking tools already
looking exactly for those kind of pattern.