Return-Path: Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 7BE7AC000E for ; Thu, 24 Jun 2021 17:45:10 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 5DC0B404D2 for ; Thu, 24 Jun 2021 17:45:10 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: 1.233 X-Spam-Level: * X-Spam-Status: No, score=1.233 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_PBL=3.335, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: smtp2.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=cock.li Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KbAaIavdwM-l for ; Thu, 24 Jun 2021 17:45:07 +0000 (UTC) X-Greylist: delayed 00:10:04 by SQLgrey-1.8.0 Received: from mail.cock.li (mail.cock.li [37.120.193.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id BC1A5404CD for ; Thu, 24 Jun 2021 17:45:06 +0000 (UTC) MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cock.li; s=mail; t=1624556094; bh=EFr0QRkbk8F/Eu/x/B/y+MqDzi1Jrf/8thJsYIPX89I=; h=Date:From:To:Subject:In-Reply-To:References:From; b=hBPZBJUQCZv9wqCSmPgC6lugJRBeGS6h7DhQEd1rhVlZeThmxOhNpiqL5bhe69uXP Rq2lFuKuUpSlr52+hkhNJZw8iKUdRJxzp+UwBTo8jfNGtkFW0Ffeq+OVRGbbosxcs2 xvhXiJJRS+r9rUwO4IIXwewLj9IIYmULMlT0GUZ3GK/G4vbSVZHpWlJT68+rvMLTkY VICyPVXBXpDQ8yV1hIQPX75PO278eNU/WkDStvIk7OcCdsK9CWoZPxMbysbONo480z AhQy/NQ852Wo0HSN/9cafMsRuu9x2uNAxN7APb718h/IrVuzbJQ3u3CJ3afL/baGxL 8d+KtRrnryYsw== Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Thu, 24 Jun 2021 17:34:54 +0000 From: yanmaani@cock.li To: Billy Tetrud , Bitcoin Protocol Discussion In-Reply-To: References: <6do5xN2g5LPnFeM55iJ-4C4MyXOu_KeXxy68Xt4dJQMhi3LJ8ZrLICmEUlh8JGfDmsDG12m1JDAh0e0huwK_MlyKpdfn22ru3zsm7lYLfBo=@protonmail.com> <30li5MRxkBhzLxLmzRnHkCdn8n3Feqegi-FLZ5VDyIX2uRJfq4kVtrsLxw6dUtsM1atYV25IfIfDaQp4s2Dn2vc8LvYkhbAsn0v_Fwjerpw=@protonmail.com> Message-ID: X-Sender: yanmaani@cock.li User-Agent: Roundcube Webmail/1.3.15 X-Mailman-Approved-At: Thu, 24 Jun 2021 20:41:03 +0000 Subject: Re: [bitcoin-dev] Opinion on proof of stake in future X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jun 2021 17:45:10 -0000 No, 51% of the *coin holders* can't do diddly squat. 51% of miners can, but in PoW, that's a different set to the coin holders. The basic problem with PoS, anyway, is that it's not actually a consensus system ("weak subjectivity"). Either you allow long reorgs, and then you open the door to long-range attacks, or you don't, and then you're not guaranteed that all nodes agree on the state of the chain, which was the purpose of the system to begin with. To put it more plainly: for PoS to work, you need a consensus on which block was seen first. But if you had that, you could presumably apply that method to determine which *transaction* was seen first, in which case you could do away with the blockchain entirely. (Real-world implementations of PoS, such that they are, do away with this requirement, scrapping the global consensus on ordering in favor of having each node decide for itself which block came first.) In other words, even if you solved all the incentive problems, the fact remains that PoS is not suitable for use as a consensus system, because it is constitutionally incapable of producing a consensus. On 2021-06-24 00:14, Billy Tetrud via bitcoin-dev wrote: >> This is not true in a Proof of Work system and this difference > absolutely should not be trivialized. > > That is in fact true of Proof of Work as well. If a colluding > coalition of miners with more than 50% of the hashrate want to censor > transactions, they absolutely can do that by orphaning blocks that > contain transactions they want to censor. This is not different in > proof of stake. > > On Wed, Jun 23, 2021 at 11:14 AM Keagan McClelland > wrote: > >>> Premise: There is a healthy exchange market for PoS Coin X with >> tens of thousands of participants bidding to buy and sell the coin >> for other currencies on the market. >> >> The difference here though is that Proof of Stake allows the quorum >> of coin holders to block the exchange of said coins if they are >> going to a particular destination. Nothing requires these staking >> nodes to include particular transactions into a block. With that in >> mind, it isn't just that you require the permission of the person >> who sold you the coins, which I can agree is a less dangerous form >> of permission, but you must also require the permission of at least >> 51% of the coin holders to even receive those coins in the first >> place. This is not true in a Proof of Work system and this >> difference absolutely should not be trivialized. >> >> Keagan >> >> On Wed, Jun 23, 2021 at 2:30 AM Billy Tetrud via bitcoin-dev >> wrote: >> >>> Barrier to entry in PoS is being given permission by the previous >> owner of a token >> >> The idea that proof of stake is not permissionless is completely >> invalid. It pains me to see such an argument here. Perhaps we can >> come to an agreement by being more specific. I'd like to propose the >> following: >> >> Premise: There is a healthy exchange market for PoS Coin X with tens >> of thousands of participants bidding to buy and sell the coin for >> other currencies on the market. >> >> If the premise above is true, then there is no significant >> permission needed to enter the market for minting blocks for PoS >> Coin X. If you make a bid on someone's coins and they don't like you >> and refuse, you can move on to any one of the other tens of >> thousands of people in that marketplace. Would you agree, Cloud >> Strife, that this situation couldn't be considered "permissioned"? >> >> If not, consider that participation in *any* decentralized system >> requires the permission of at least one user in that system. If >> there are thousands of bitcoin public nodes, you require the >> permission of at least one of them to participate in bitcoin. No one >> considers bitcoin "permissioned" because of this. Do you agree? >> >> On Thu, Jun 17, 2021 at 1:15 PM Cloud Strife via bitcoin-dev >> wrote: >> >> Barrier to entry in PoW is matter for hardware and energy is >> permissionless and exist all over the universe, permissionless cost >> which exists for everyone no matter who because it's unforgeable. >> >> Barrier to entry in PoS is being given permission by the previous >> owner of a token for you to have it via transfer or sale, both >> choices they never have to make since there are no continuous costs >> with producing blocks forcing it. A permission is an infinitely high >> barrier to entry if the previous owner, like the premining party, >> refuses to give up the token they control. >> >> You're skipping the part where you depend on a permission of a >> central party in control of the authority token before you can >> produce blocks on your rasberry Pi. >> >> Proof of stake is not in any possible way relevant to permissionless >> protocols, and thus not possibly relevant to decentralized protocols >> where control must be distributed to independent (i.e. >> permissionless) parties. >> >> There's nothing of relevance to discuss and this has been figured >> out long long ago. >> >> > https://github.com/libbitcoin/libbitcoin-system/wiki/Proof-of-Stake-Fallacy >> >> > https://medium.com/@factchecker9000/nothing-is-worse-than-proof-of-stake-e70b12b988ca >> >> On Tue, Jun 15, 2021 at 7:13 AM James MacWhyte via bitcoin-dev >> wrote: >> >> @Lloyd wrote: >> >> Of course in reality no one wants to keep their coin holding keys >> online so in Alogorand you can authorize a set of "participation >> keys"[1] that will be used to create blocks on your coin holding >> key's behalf. >> Hopefully you've spotted the problem. >> You can send your participation keys to any malicious party with a >> nice website (see random example [2]) offering you a good return. >> Damn it's still Proof-of-SquareSpace! >> >> I believe we are talking about a comparison to PoW, correct? If you >> want to mine PoW, you need to buy expensive hardware and configure >> it to work, and wait a long time to get any return by solo mining. >> Or you can join a mining pool, which might use your hashing power >> for nefarious purposes. Or you might skip the hardware all together >> and fall for some "cloud mining" scheme with a pretty website and a >> high rate of advertised return. So as you can see, >> Proof-of-SquareSpace exists in PoW as well! >> >> The PoS equivalent of buying mining hardware is setting up your own >> validator and not outsourcing that to anyone else. So both PoW and >> PoS have the professional/expert way of participating, and the >> fraud-prone, amateur way of participating. The only difference is, >> with PoS the professional/expert way is accessible to anyone with a >> raspberry Pi and a web connection, which is a much lower barrier to >> entry than PoW. _______________________________________________ >> bitcoin-dev mailing list >> bitcoin-dev@lists.linuxfoundation.org >> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev