Topic: The Deathblow to Proof of Stake - page 5. (Read 7929 times)
Standard Proof of stake is dead. If I owned 5% of a coin and colluded with 5 other people who also held 5% we could attack the network easily. Let alone a single exchange can stake and or kill the network with a single wallet. The vulnerabilities are too big for mainstream adoption. You can imagine if bitcoin was PoS and this happened, you would have 1 person that controls the entire network. Instant death.
Not Proof of Stake's fault you got coins with near zero incentive to stake, users who don't understand staking security, and a lack of NXT/PPC/NOVA security features (centralized or otherwise) rampant around here.
because in proof of stake coins, there is a master node responsible for checkpointing and alerts.
So centralized security for a "decentralized" network?
The contradiction in this story is:
If the thief effectively controls the network now with his stake of 30%, how would you initiate a fork?
You simply couldn't. The thief could be coming out with his own wallet, blocking out everybody else. So whats going on here?
The whole story smells.
Why there were 30% of all coins in existence in a MintPal wallet?
Was that wallet staking?
Something doesn't add up here.
If the thief effectively controls the network now with his stake of 30%, how would you initiate a fork?
You simply couldn't. The thief could be coming out with his own wallet, blocking out everybody else. So whats going on here?
The whole story smells.
Why there were 30% of all coins in existence in a MintPal wallet?
Was that wallet staking?
Something doesn't add up here.
because in proof of stake coins, there is a master node responsible for checkpointing and alerts. this client is distinguished by a pair of private keys that are written into the source code. when this client comes online it checkpoints blocks as it syncs. therefore, you can modify this client, then when it comes online it will fork the network, forcing all clients to upgrade. those who do not update will be on the on the old network, and will receive alert messages to update their client. any attempt to change this private key pair in the source code by an attacker will render the entire blockchain invalid. its like a safety valve of sorts.
I'm not going to comment for or against the PoS method, but I will add something to the discussion based on my own personal experience. A few days ago, I held roughly 0.2% of the total coin supply of one PoS-only coin, separated into 6 outputs. Having aged them for more or less a week, all outputs staked a block within the same hour, with 3 of them finding 3 out of 4 consecutive blocks. Obviously, there are other aspects to consider such as maximum coin age, minimum staking age and the maximum supply of the coin, but it does put some things in perspective. Given enough incentive, it would be easy to plan out a "51% attack" on a PoS-only coin without holding even 1% of that coin. That's not to say that PoS is good or bad, but that it is infinitely more secure to run PoW alongside it as a safeguard.
just throwing this in here: nxt multigateway
Yes, especially with recent Klee episode. Sounds like very smart for people to send bitcoins to people that never ran currency exchange.
You obviously don't get the difference between an exchange and a gateway: it is not possible to store customer funds on the gateway, it is purely a transfer/trading platform.
No funds on the gateway, no chance of a hack and loss scenario, no nasty exchange admins running away with your hard-earned BTC (or whatever)
The contradiction in this story is:
If the thief effectively controls the network now with his stake of 30%, how would you initiate a fork?
You simply couldn't. The thief could be coming out with his own wallet, blocking out everybody else. So whats going on here?
The whole story smells.
Why there were 30% of all coins in existence in a MintPal wallet?
Was that wallet staking?
Something doesn't add up here.
If the thief effectively controls the network now with his stake of 30%, how would you initiate a fork?
You simply couldn't. The thief could be coming out with his own wallet, blocking out everybody else. So whats going on here?
The whole story smells.
Why there were 30% of all coins in existence in a MintPal wallet?
Was that wallet staking?
Something doesn't add up here.
The problem with POS is during the IPOs there are insanely high amounts of coins that belong to few people, big, very big stakeholders in the POS game. You could say the same about Bitcoin and other POW but the difference is not all coins have a owner yet as they don't even exists (they are being mined).
A single point of failure
Mintpal was compromised. The attacker gained 30% of the total supply of Vericoin in the attack. Which in turn, led the Vericoin development team to do something unprecedented in cryptocurrency history. They created a mandatory rollback.
Mintpal was compromised. The attacker gained 30% of the total supply of Vericoin in the attack. Which in turn, led the Vericoin development team to do something unprecedented in cryptocurrency history. They created a mandatory rollback.
This was not unprecedented. Read your bitcointalk history threads. NXT required a rollback in Dec. 2013 after someone exploited an overflow error in the NRS client.
Quote
The necessity of the rollback
In every single instance of any exchange or service getting hacked, there has never been a rollback implementation. For Vericoin, this was actually very necessary. Vericoin creates it's new blocks by using proof of stake. When the attacker gained 30% of the coins in one go, they effectively gained 30% of the hashing power. You can see how dangerous this is. All it would take is an additional 21% to effectively completely own the network. If Vericoin used a proof of work system, the only danger would be the market price plummeting from the sell off, but the network itself would never be in danger.
In every single instance of any exchange or service getting hacked, there has never been a rollback implementation. For Vericoin, this was actually very necessary. Vericoin creates it's new blocks by using proof of stake. When the attacker gained 30% of the coins in one go, they effectively gained 30% of the hashing power. You can see how dangerous this is. All it would take is an additional 21% to effectively completely own the network. If Vericoin used a proof of work system, the only danger would be the market price plummeting from the sell off, but the network itself would never be in danger.
Who's to say an exchange would not exploit a network? Were you really any safer with MintPal controlling 30% of the coin? Doesn't it seem likely they got greedy and were staking?
Quote
The unprecedented solution
A rollback is terrible. Every single cryptocurrency relies on the public blockchain ledger. It is the holy grail of the entire currency. Once something is written to it and not orphaned, it's set in stone. When the team decided to initiate the rollback, they decided to use the nuclear option. They broke the entire foundation of crypto and set a new norm where it will be ok to undo transactions if the are large enough. Instead of the developers only being developers, they've now taken the option to also be the federal reserve and the police.
A rollback is terrible. Every single cryptocurrency relies on the public blockchain ledger. It is the holy grail of the entire currency. Once something is written to it and not orphaned, it's set in stone. When the team decided to initiate the rollback, they decided to use the nuclear option. They broke the entire foundation of crypto and set a new norm where it will be ok to undo transactions if the are large enough. Instead of the developers only being developers, they've now taken the option to also be the federal reserve and the police.
Agreed. They are making a major mistake.
Quote
Proof of Stake's flaws
Vericoin only had the nuclear option available because of proof of stake. When an attacker gains coins in a proof of stake currency, they not only gain money, they gain network control. Vericoin was between a rock and a hard place. They either let the attacker have 30% of the total staking power, or set the precedent of rolling back. The reason they took the rollback option was because they could. (for now)
Vericoin only had the nuclear option available because of proof of stake. When an attacker gains coins in a proof of stake currency, they not only gain money, they gain network control. Vericoin was between a rock and a hard place. They either let the attacker have 30% of the total staking power, or set the precedent of rolling back. The reason they took the rollback option was because they could. (for now)
All altcoins are getting desperate and are willing to do unusual things for the sake of distinguishing themselves in a sea of altcoins. They did not HAVE to do the rolback, but they are experimenting in uncharted waters for crypto. The VRC lovers are already spinning the policing of their blockchain as a positive development for cryptos. I disagree because, to be a coveted currency, it must not lose convertibility, no matter the owner, thief or otherwise.
That is worrying. The only thing I'd disagree with the OP on though is that if Vericoin had been a lot bigger it wouldn't have been a bigger problem, it wouldn't have been a problem at all because there is no way you could ever have 30% of a widely distributed coin held on a single exchange. That only happened because VRC is new, not owned by a lot of people, and not traded at a lot of different places.
I don't think its realistic to fear this happening to a large PoS coin like NXT as someone else mentioned above.
I don't think its realistic to fear this happening to a large PoS coin like NXT as someone else mentioned above.
I agree. This is a wealth distribution problem for a young coin and has little to do with PoS. Yes having an exchange with a large stake of a PoS money supply is an issue but its an issue which fades away over time as the PoS coin grows and matures. Its the opposite in case of mining pools for PoW coins. The threat of a mining pool gaining a large portion of the hashing power isn't going away. Yes there's P2P pool but miners have to run full nodes in order to use them. That's a plus for PoS coins and particularly Peercoin.
I'm onf the thinking that there was a problem that someone found and exploited it within Mintpal. That doesn't mean the whole use of PoS is flawed beyond repair by any means. Seems to me just by reading this thread it is clear that what ever happened here need to be addressed and made sure such things don't happen again. Arguing which system is better doesn't do much good at this time it only makes finding the best solutions harder.
You're missing the original point of this thread.
There fixed that for you. If we aren't taking responsibility for our coins, as this new form of money demands, we will be stuck with all of the same problems of the old way.
papersheepdog, Canada
Extreme centralization is a separate problem all together.
The worst case scenario in a PoW coin where a malicious entity has stolen a large percentage of coins, is they dump the coins at current market value and crash the price. Eventually the market should recover.
The above is true for PoS now too. Except now, the attacker also controls the network and can create a new chain in which he/she has never sold the coins on an exchange.
You can see how strong Peercoin network is:
Peercoin PoS Difficulty (please compared to a year ago): http://peerchain.net/charts.html
Peercoin Network Active Nodes (Last 24 hours): http://cryptocities.appspot.com/peercoin-1d-allnodes.html
Peercoin PoS Difficulty (please compared to a year ago): http://peerchain.net/charts.html
Peercoin Network Active Nodes (Last 24 hours): http://cryptocities.appspot.com/peercoin-1d-allnodes.html
Peercoin is not 100% PoS, it's mixed between PoW and PoS.
You can see how strong Peercoin network is:
Peercoin PoS Difficulty (please compared to a year ago): http://peerchain.net/charts.html
Peercoin Network Active Nodes (Last 24 hours): http://cryptocities.appspot.com/peercoin-1d-allnodes.html
Peercoin PoS Difficulty (please compared to a year ago): http://peerchain.net/charts.html
Peercoin Network Active Nodes (Last 24 hours): http://cryptocities.appspot.com/peercoin-1d-allnodes.html
Wow a roll back. So anyone who bought some coins now has paid cash and has no coins great work. Or someone who bought something with coins now potentially has the coins and the merch.
But as long as those who are happy to trust there money in someone else's pocket get their coins back that's OK.
Glad its all controlled by the software and not some centralised person who decides who is allowed to transfer coins and who is allowed to get coins stolen.
But as long as those who are happy to trust there money in someone else's pocket get their coins back that's OK.
Glad its all controlled by the software and not some centralised person who decides who is allowed to transfer coins and who is allowed to get coins stolen.
Most traders are paralyzed in fear that whales will dump a coin anytime they are too afraid to stake their coins thinking the time will come when the market starts tanking and they will be caught holding the bag.
And, as there are so many coins these days, you can't properly vet everything. You wouldn't want to download some wallet stealer or keylogger attached to some random coin's wallet exe. So you reason it's safer to just keep the coins on an exchange during the pump phase and never to download the wallet in the first place.
just throwing this in here: nxt multigateway
Yes, especially with recent Klee episode. Sounds like very smart for people to send bitcoins to people that never ran currency exchange.
just throwing this in here: nxt multigateway
I'm onf the thinking that there was a problem that someone found and exploited it within Mintpal. That doesn't mean the whole use of PoS is flawed beyond repair by any means. Seems to me just by reading this thread it is clear that what ever happened here need to be addressed and made sure such things don't happen again. Arguing which system is better doesn't do much good at this time it only makes finding the best solutions harder.
You're missing the original point of this thread.
There fixed that for you. If we aren't taking responsibility for our coins, as this new form of money demands, we will be stuck with all of the same problems of the old way.
papersheepdog, Canada
I'm onf the thinking that there was a problem that someone found and exploited it within Mintpal. That doesn't mean the whole use of PoS is flawed beyond repair by any means. Seems to me just by reading this thread it is clear that what ever happened here need to be addressed and made sure such things don't happen again. Arguing which system is better doesn't do much good at this time it only makes finding the best solutions harder.
You're missing the original point of this thread.
Proof of Stake is inherently flawed because in the event of a hack the attacker not only gains the coins, but he/she also gains the network.
Yes, but this is akin to blaming the bags of money, rather than the bank they were stolen from.
Yeah, and Bitcoin would obviously never, ever pull a rollback in the case of a theft, eh guys?
PoS is not the problem here, lousy security is.
PoS is not the problem here, lousy security is.
Jump to: