Return-Path: Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 7A027C000E for ; Thu, 24 Jun 2021 21:51:07 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 57D0283BDB for ; Thu, 24 Jun 2021 21:51:07 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -1.399 X-Spam-Level: X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: smtp1.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=q32-com.20150623.gappssmtp.com Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WdZyo2nPKQL6 for ; Thu, 24 Jun 2021 21:51:04 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-pg1-x535.google.com (mail-pg1-x535.google.com [IPv6:2607:f8b0:4864:20::535]) by smtp1.osuosl.org (Postfix) with ESMTPS id 98355838ED for ; Thu, 24 Jun 2021 21:51:04 +0000 (UTC) Received: by mail-pg1-x535.google.com with SMTP id u190so5856442pgd.8 for ; Thu, 24 Jun 2021 14:51:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=q32-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=sW8ooaV+hDo85YuYRyByzs4uBFxdXs8jm/QXWTrOXII=; b=CmH0KMmH8gBXuE70mxDuia29VF9/ML+wTtbdRiRnZ3pSDVpcDoGcs17UpavWbyTRql knuR6oMcRGG3Y4Q3mQqzmf5vMU9z2xTUBhU0Jp5mAHUQlDTqUJixGEwNUmQwvV5lZ9Db uckod6u0WhGdf6ushfEW2inwlovWo2XT+MhrTgxyUPkspBk2WZqhlOu56CRM0yeUyiSs LJKahcXaZXOUphfLfSOGwlcyPCZL35T3nD5PlWhrdW+nRn1rzEDL6O/501gFVJefUiU9 eS9Ei4wmbYV2+DUnsQzOaomInOyiG7kbCoA6oIyend+gWEVGpIICSkRUcAisswTiTeC5 NMOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=sW8ooaV+hDo85YuYRyByzs4uBFxdXs8jm/QXWTrOXII=; b=JdC+VDXUKnu1ZXUkMUJz6zcQ4u3P+ADCCOICJQhS3iAkYIsQ5ajNbQxSw7SXT1jCLm G3lkL8ZXcdib7xp69GZHx908/+Dqs6NzE4pxQwaSovHFMawy7XAxcaiF1At95dZ7jmDu Hhe3z5b0G5mhRdqHY5OMqptAhagvKNZj2cxuFXLo4MXF91q09plT02KThuoErOsWxaO5 olzzsJ3hnF5ycy06pny8tzSsTHn3tR53x3luskn6MmbeDxmvCrq1AUgr4//5TQ6+4DOg +TTYXn1kSkolACqzJE+M6FxI4y3xA34zikKjJwtTfegao/2JyYfykJIOT87D/70xTKVn Yg5w== X-Gm-Message-State: AOAM532m3bKTgZSoVkNWI3L5K8410ZQStXWKHi9WUt+0NxIYStcRS4ZI wgnURftuOEb8AVnU2jBJZwG3KGCfptkJxn1F6vWVg/8= X-Google-Smtp-Source: ABdhPJzs3cfNXTJ02vs7S3dxUM/3stqww4FcSWEX9zITz9jYRPeF5YeRnFkHezWpfsL9K+e/B15sCiEelilDZAWYwUU= X-Received: by 2002:a62:d108:0:b029:304:33e5:4dde with SMTP id z8-20020a62d1080000b029030433e54ddemr7001020pfg.74.1624571463921; Thu, 24 Jun 2021 14:51:03 -0700 (PDT) MIME-Version: 1.0 References: <6do5xN2g5LPnFeM55iJ-4C4MyXOu_KeXxy68Xt4dJQMhi3LJ8ZrLICmEUlh8JGfDmsDG12m1JDAh0e0huwK_MlyKpdfn22ru3zsm7lYLfBo=@protonmail.com> <30li5MRxkBhzLxLmzRnHkCdn8n3Feqegi-FLZ5VDyIX2uRJfq4kVtrsLxw6dUtsM1atYV25IfIfDaQp4s2Dn2vc8LvYkhbAsn0v_Fwjerpw=@protonmail.com> In-Reply-To: From: Erik Aronesty Date: Thu, 24 Jun 2021 17:50:51 -0400 Message-ID: To: yanmaani@cock.li, Bitcoin Protocol Discussion Content-Type: text/plain; charset="UTF-8" X-Mailman-Approved-At: Thu, 24 Jun 2021 22:16:21 +0000 Cc: Billy Tetrud Subject: Re: [bitcoin-dev] Opinion on proof of stake in future X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jun 2021 21:51:07 -0000 > PoS is not suitable for use as a consensus system, because it is constitutionally incapable of producing a consensus. true - but only for a system that is starting from nothing. since bitcoin already exists, and we have a consensus, you can use bitcoin's existing consensus to maintain that consensus using references to prior state. and yes, you simply have to limit reorgs to not go back before PoW was abandoned in favor of PoS/PoB (assuming all incentive problems are solved). ie: once you have uses PoW to bootstrap the system, you can "recycle" that work. On Thu, Jun 24, 2021 at 4:41 PM yanmaani--- via bitcoin-dev wrote: > > No, 51% of the *coin holders* can't do diddly squat. 51% of miners can, > but in PoW, that's a different set to the coin holders. > > The basic problem with PoS, anyway, is that it's not actually a > consensus system ("weak subjectivity"). Either you allow long reorgs, > and then you open the door to long-range attacks, or you don't, and then > you're not guaranteed that all nodes agree on the state of the chain, > which was the purpose of the system to begin with. > > To put it more plainly: for PoS to work, you need a consensus on which > block was seen first. But if you had that, you could presumably apply > that method to determine which *transaction* was seen first, in which > case you could do away with the blockchain entirely. (Real-world > implementations of PoS, such that they are, do away with this > requirement, scrapping the global consensus on ordering in favor of > having each node decide for itself which block came first.) > > In other words, even if you solved all the incentive problems, the fact > remains that PoS is not suitable for use as a consensus system, because > it is constitutionally incapable of producing a consensus. > > On 2021-06-24 00:14, Billy Tetrud via bitcoin-dev wrote: > >> This is not true in a Proof of Work system and this difference > > absolutely should not be trivialized. > > > > That is in fact true of Proof of Work as well. If a colluding > > coalition of miners with more than 50% of the hashrate want to censor > > transactions, they absolutely can do that by orphaning blocks that > > contain transactions they want to censor. This is not different in > > proof of stake. > > > > On Wed, Jun 23, 2021 at 11:14 AM Keagan McClelland > > wrote: > > > >>> Premise: There is a healthy exchange market for PoS Coin X with > >> tens of thousands of participants bidding to buy and sell the coin > >> for other currencies on the market. > >> > >> The difference here though is that Proof of Stake allows the quorum > >> of coin holders to block the exchange of said coins if they are > >> going to a particular destination. Nothing requires these staking > >> nodes to include particular transactions into a block. With that in > >> mind, it isn't just that you require the permission of the person > >> who sold you the coins, which I can agree is a less dangerous form > >> of permission, but you must also require the permission of at least > >> 51% of the coin holders to even receive those coins in the first > >> place. This is not true in a Proof of Work system and this > >> difference absolutely should not be trivialized. > >> > >> Keagan > >> > >> On Wed, Jun 23, 2021 at 2:30 AM Billy Tetrud via bitcoin-dev > >> wrote: > >> > >>> Barrier to entry in PoS is being given permission by the previous > >> owner of a token > >> > >> The idea that proof of stake is not permissionless is completely > >> invalid. It pains me to see such an argument here. Perhaps we can > >> come to an agreement by being more specific. I'd like to propose the > >> following: > >> > >> Premise: There is a healthy exchange market for PoS Coin X with tens > >> of thousands of participants bidding to buy and sell the coin for > >> other currencies on the market. > >> > >> If the premise above is true, then there is no significant > >> permission needed to enter the market for minting blocks for PoS > >> Coin X. If you make a bid on someone's coins and they don't like you > >> and refuse, you can move on to any one of the other tens of > >> thousands of people in that marketplace. Would you agree, Cloud > >> Strife, that this situation couldn't be considered "permissioned"? > >> > >> If not, consider that participation in *any* decentralized system > >> requires the permission of at least one user in that system. If > >> there are thousands of bitcoin public nodes, you require the > >> permission of at least one of them to participate in bitcoin. No one > >> considers bitcoin "permissioned" because of this. Do you agree? > >> > >> On Thu, Jun 17, 2021 at 1:15 PM Cloud Strife via bitcoin-dev > >> wrote: > >> > >> Barrier to entry in PoW is matter for hardware and energy is > >> permissionless and exist all over the universe, permissionless cost > >> which exists for everyone no matter who because it's unforgeable. > >> > >> Barrier to entry in PoS is being given permission by the previous > >> owner of a token for you to have it via transfer or sale, both > >> choices they never have to make since there are no continuous costs > >> with producing blocks forcing it. A permission is an infinitely high > >> barrier to entry if the previous owner, like the premining party, > >> refuses to give up the token they control. > >> > >> You're skipping the part where you depend on a permission of a > >> central party in control of the authority token before you can > >> produce blocks on your rasberry Pi. > >> > >> Proof of stake is not in any possible way relevant to permissionless > >> protocols, and thus not possibly relevant to decentralized protocols > >> where control must be distributed to independent (i.e. > >> permissionless) parties. > >> > >> There's nothing of relevance to discuss and this has been figured > >> out long long ago. > >> > >> > > https://github.com/libbitcoin/libbitcoin-system/wiki/Proof-of-Stake-Fallacy > >> > >> > > https://medium.com/@factchecker9000/nothing-is-worse-than-proof-of-stake-e70b12b988ca > >> > >> On Tue, Jun 15, 2021 at 7:13 AM James MacWhyte via bitcoin-dev > >> wrote: > >> > >> @Lloyd wrote: > >> > >> Of course in reality no one wants to keep their coin holding keys > >> online so in Alogorand you can authorize a set of "participation > >> keys"[1] that will be used to create blocks on your coin holding > >> key's behalf. > >> Hopefully you've spotted the problem. > >> You can send your participation keys to any malicious party with a > >> nice website (see random example [2]) offering you a good return. > >> Damn it's still Proof-of-SquareSpace! > >> > >> I believe we are talking about a comparison to PoW, correct? If you > >> want to mine PoW, you need to buy expensive hardware and configure > >> it to work, and wait a long time to get any return by solo mining. > >> Or you can join a mining pool, which might use your hashing power > >> for nefarious purposes. Or you might skip the hardware all together > >> and fall for some "cloud mining" scheme with a pretty website and a > >> high rate of advertised return. So as you can see, > >> Proof-of-SquareSpace exists in PoW as well! > >> > >> The PoS equivalent of buying mining hardware is setting up your own > >> validator and not outsourcing that to anyone else. So both PoW and > >> PoS have the professional/expert way of participating, and the > >> fraud-prone, amateur way of participating. The only difference is, > >> with PoS the professional/expert way is accessible to anyone with a > >> raspberry Pi and a web connection, which is a much lower barrier to > >> entry than PoW. _______________________________________________ > >> bitcoin-dev mailing list > >> bitcoin-dev@lists.linuxfoundation.org > >> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > > _______________________________________________ > > bitcoin-dev mailing list > > bitcoin-dev@lists.linuxfoundation.org > > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > > _______________________________________________ > > bitcoin-dev mailing list > > bitcoin-dev@lists.linuxfoundation.org > > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > > _______________________________________________ > > bitcoin-dev mailing list > > bitcoin-dev@lists.linuxfoundation.org > > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev