Author: Erik Aronesty 2021-05-26 22:07:02
Published on: 2021-05-26T22:07:02+00:00
The context revolves around the discussion surrounding the security of proof-of-stake (PoS) and proof-of-burn (PoB) systems. One major criticism of PoS is the "nothing at stake" problem, where miners have an incentive to mine all chains in case of a fork, leading to instability and centralization. While quorum-based PoS systems have punishments as part of the protocol to solve this problem, they introduce complexity and may not achieve optimal conditions where all coins are always part of the stake, making them critically insecure. On the other hand, PoB solves the "nothing at stake" problem by tying burns precisely to block-heights, and miners have a long-term investment in the stability of the chain. However, the coins to be burned need to be online when they're burned, and the burning process needs to be time-locked to prevent rollbacks and instability.The author argues that PoS is not suitable for a Bitcoin-like system because it gives responsibilities to coin holders that they cannot handle, unlike in Bitcoin, where large unsophisticated coin holders can put their coins in cold storage without affecting the underlying consensus. The author examines leading PoS protocols such as Cardano and Algorand and highlights their shortcomings. In Cardano, coin holders who do not want to run their node delegate it to a "Stake Pool," resulting in a clean separation of responsibilities. However, this creates a new social attack surface that degenerates into Proof-of-SquareSpace. In Algorand, only online stake can participate in the protocol, but participation keys can be sent to any malicious party with a nice website offering a good return, making it another form of Proof-of-SquareSpace. The author concludes that there is no way to get around the conflicting requirement that the keys for large amounts of coins should be kept offline, which makes the scheme secure. The context also discusses the potential use of Verifiable Delay Functions (VDFs) for more constant block times. One idea suggested using a two-step PoW where a VDF is used first that takes longer to resolve, and then the current PoW mechanism with lower difficulty is used to reduce variation in block times. However, ZmnSCPxj points out that VDFs are not inherently progress-free, and a miner focusing on improving energy consumption could potentially get into a winner-takes-all situation, leading to even more energy consumption. Finally, Michael Dubrovsky suggests keeping the discussion to PoW, oPoW, and the BIP itself instead of PoS, VDFs, and other alternatives to Hashcash. He distinguishes oPoW as a true PoW that doesn't alter the core game theory or security assumptions of Hashcash and contains SHA.
Updated on: 2023-06-14T21:02:58.559188+00:00