@Traxo:
The leadership election process for PoS is ambiguous. Even if the potential stakers are ranked such that the one with the highest ranking forges the next block, and forgers are penalized for forging on more than one chain, this is a security hole because the highest ranked staker can pretend to be offline and so the next ranked must forge the next block. Then after honest stakers have done so, the higher ranked staker forges a block orphaning those, which creates an ambiguity over who is cheating.
Okay, this attack is one I was unaware of. But this kind of attack should only be a problem if the participants are "slashed" for voting on the
wrong chain (e.g. "Slasher 2.0" as presented by Buterin), but not if they are slashed when voting on
more than one chain (like in the first Slasher version and also in Poelstra's example). In the latter, the attacker cannot create a history where another participant is double-voting and so is punished, so in this sense there is no ambiguity. The nodes should simply follow the attacker's chain because it should have more "chain trust" (or similar "score"), but in that situation he is the "legit" validator so I don't see the problem.
I have to analyze this attack further, however. This is only a first thought on it. It may be wrong.
You guys may think I'm a stubborn PoS (e.g. NXT) shill. But I may even reconsider my position on PoS - in fact, after I read Vlad's blog posts about the Casper history about one year ago, I already got pretty skeptic on it, or at least I thought it would lead to over-complicated (and thus more exploitable) algorithms. The reason I got more optimistic on it were several forum discussions where it seemed that all really dangerous attacks on PoS would depend on very unlikely assumptions (e.g. stakeholders accepting cheap bribes) because of "altruism-prime" being stronger than initially thought.
The Ouroboros† “provably secure” PoS alternative may solve this coordination issue by creating objective entropy via secure multiparty computation presuming a majority of the stake is honest, but requires a majority of the stake to remain online and the network to remain bounded synchronous for said majority.
Will read about that.
And delegated PoS is all about delegating from smaller stakes to coordinated delegates. Whales dictate the elected delegates due to the power-law distribution. Whales can disagree such that they each control a delegate yet still they must coordinate, because DPoS has 1/3 liveness and 2/3 double-spend fault of Byzantine agreement.
Here I fully agree.
As @Spoetnik alluded to, Litecoin innovated Scrypt for the proof-of-work algorithm [...]
As far as I remember, that was Tenebrix. It was however pre-mined and thus "lost" the race to the "fairer" Litecoin.