Bitcoin Forum
August 15, 2018, 05:26:33 PM *
News: Latest stable version of Bitcoin Core: 0.16.2  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: Proof of stake instead of proof of work  (Read 31718 times)
QuantumMechanic
Member
**
Offline Offline

Activity: 110
Merit: 14


View Profile
July 12, 2011, 04:21:10 AM
 #21

By the way, if you're interested in delegated voting, I wrote a paper on using it in a democracy some time ago:

  https://docs.google.com/document/pub?id=1jidmNJHWAtsPLCUD7EPPm8jOEV93kSXbZOMycqCWOyA

I think delegating voting is a great idea. I'm less convinced that it would work for replacing hashing in the block chain, but it might.

Some more problems for you to consider:

  • If I control a key with 10 delegators, then I spend that key to 10 new keys, what happens to the delegations? Does it make sense for a key to have fan-out (ie 1 key to delegate to 10 other keys)? Do you split the value evenly or not?
  • How do you efficiently detect and resolve delegation loops? ie, key A delegates to B, B delegates to C and C then delegates to A? You have to do this efficiently because otherwise setting up new delegations is a way to DoS the system. Note that detecting cycles in a large graph is slow, Tarjans algorithm is O(number of edges). If each key in the system takes part then every new address in the system potentially makes setting up new delegations harder. As the number of keys in the system grows without bound over time, that could be an issue
  • Keys are owned by end users who may or may not know/care about the inner workings of their currency. How do you get new users to delegate appropriately?

It should be possible to run a parallel block chain based on proof-by-stake, but using the same transactions. It could be done with an adapted Bitcoin software. Once such a chain was up and running you could compare the results vs the existing chain.

I don't have the time/energy to do this myself.
Thanks for the link!

Please forgive all the parentheses in the following...

The first two problems you listed I think can be avoided by treating votes just like bitcoins, but having "election cycles" to compensate for their irretractablility.  For every election cycle (measured by some fixed number of blocks that is limited by the cost and time of running an election), every bitcoin address (or a uniquely determined address, so that bitcoin-containing private keys don't have to be network facing) is issued an equal number of "votecoins".  (Can actual blockchain-recorded transactions be avoided for this issuance?  Can it be done by an understanding that spends from the determined votecoin address up to the amount contained in the determining bitcoin address at the start of the election cycle are allowed during the the election cycle?)  During the rest of the election period, the network will accept votecoin transactions only for those issued during the current election cycle, until the end when some fixed number of addresses containing the most votecoins are elected to be the "representatives" during the next election cycle.

I'm not sure how resource intensive this search for the top votecoin containing addresses would be.

Perhaps voter participation could be incentivized using some portion of the transaction fees and newly issued bitcoins.  I'm reluctant to propose schemes to do this, though, since all the ones that I can think of don't really produce the right incentives, and also create perverse ones.  The larger bitcoin holders obviously have an interest in delegating their votes, but hopefully a really simple UX (vote delegation needs to be automated every election cycle according to user inputted delegates and weightings) and some peer pressure/annoying requests from the client/P. Diddy would be enough to motivate the rest.  Then again, maybe it won't matter if a bunch of the bitcoin-poor don't care enough to vote.

Notice that the public nature of the votecoin transaction history would help keep the delegates honest/effective.

Also note that storage requirements shouldn't be an issue since votecoin transactions from old election cycles don't need to be held on to.

Miners still seem to be necessary to keep time and bundle transactions, but the hashing power/reward they require could possibly be minimized the elected representatives' ability to regulate/make recommendations in the block selection process.

And if all the representatives are really doing is making recommendations to miners, then wouldn't only the miners have to be checking their signatures, usually?  This could allow for a much greater diversity of representatives, since the miners are already geared to accommodate higher overhead than clients.  I figure the only time the clients would need to check the signatures of the representatives is if the miners wanted to ignore the representatives en masse, creating a longer fork, and the clients wanted to ignore this longer fork.  But this might become too likely an attack vector if a significant amount of the overall hashing power of the miners is made obsolete by this system.

And if it's just recommendations, then would any of this require a separate blockchain/breaking change to the protocol?  Can the votecoin rules (their periodic creation and finite trading period) be accommodated somehow into the existing protocol?

Edit: From Mike, "There is a method of batch verifying ECDSA  signatures that's much faster than normal. It might change the economics of what you want to do: http://www.springerlink.com/content/h758580006764h26/ "
1534353993
Hero Member
*
Offline Offline

Posts: 1534353993

View Profile Personal Message (Offline)

Ignore
1534353993
Reply with quote  #2

1534353993
Report to moderator
BOUNTY PORTALS
BLOG
WHERE BOUNTY MANAGEMENT
MEETS AUTOMATION
SIGNATURE CAMPAIGNS
TWITTER
FACEBOOK
MEDIA CAMPAIGNS
AND MORE!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1534353993
Hero Member
*
Offline Offline

Posts: 1534353993

View Profile Personal Message (Offline)

Ignore
1534353993
Reply with quote  #2

1534353993
Report to moderator
QuantumMechanic
Member
**
Offline Offline

Activity: 110
Merit: 14


View Profile
July 13, 2011, 11:08:16 PM
 #22

Edit: I think my questions were answered in this post http://forum.bitcoin.org/index.php?topic=28565.msg363945#msg363945

My curiosity won't stop nagging, so here's some bounties
cunicula
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1003


Stack-overflow Guru


View Profile
July 19, 2011, 12:57:34 PM
 #23

I would propose a hybrid sytem which uses proof of work and proof of stake. Transactions would still be verified using mining but people would have to pay for mining rights.

Suppose that a 100 btc security deposit had to be placed for each bitcoin mined per year. Miners could send 100 btc to a time-locked escrow transaction. The escrowed coins could be sent to other addresses as escrowed coins. Anyone holding the private key to this time-locked transaction could mine up to one bitcoin per year. The mined BTC can be spent immediately. Miners could request a withdrawal of the escrowed btc, but the request would be subject to a 6 month time lag. During the 6 month lag, no minng would be allowed and the escrowed coins could not be sent.

Initial distro could be handled by grandfathering in all existing btc accounts in a new blockchain. Users would have say 6 months to download a new client. The new client would begin enforcing the escrow rule at the end of the 6 months. Accordingly it would refuse to validate new coins except for the coins that had been grandfathered in.

Are there technical obstacles to this system?

Note: i know that this could not accommodate the current btc generation schedule since the system would place an upper bound on money supply growth of 1% per year. Just ignore this issue for now.

▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁
        Quickseller is a scammer and sockpuppet of OGdynasty        [/glow][/size]
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
digitalindustry
Hero Member
*****
Offline Offline

Activity: 798
Merit: 1000


wubba lubba dub dub


View Profile WWW
April 15, 2013, 11:49:49 AM
 #24

I've got an idea, and I'm wondering if it's been discussed/ripped apart here yet:



Hi QuantumMechanic - I'm digitalindustry I have a lot of respect you and this idea of yours and was wondering where i could discuss further aspects with regard to sociology and psychology around the design and market place penetration of "Novacoin"  - my interest is primarily in economics and sociology policy and humans generally.

if any nice person could give me a direction , i'd like to perhaps contribute .

Thank you.   

tiny rick !
- https://voat.co/v/Contact/
- Twitter @Kolin_Quark
usefree
Sr. Member
****
Offline Offline

Activity: 392
Merit: 251

Mamihlapinatapai


View Profile
June 12, 2018, 09:39:19 AM
 #25

With this comment i want just mark this piece of crypto-history for myself.
lichuan
Jr. Member
*
Offline Offline

Activity: 31
Merit: 0


View Profile
June 13, 2018, 11:35:54 AM
 #26

I think the only consensus algorithm suitable for public chain is POW, take the dpos (used in EOS) algorithm for example, DPOS has many drawbacks, for example, if a witness node was controlled by a attacker, then the attacker can broadcast many conflicting block with the same block height, in such condition, the whole witness network would be split to many sub-network which are not compatible with each other, at that moment,
if the confirmations of these conflicting blocks is less than 2 / 3 of total num of witness, then the whole network would be suspended. you might say that if can not reach 2 / 3, the system has a timeout mechanism, but wait, if system allow one witness produce two height within a small interval, in some network edge conditions, the different witness would generate different LIB (last irreversible block), in a distributed network environment, There is no uniform time and confirmation number.
2342q6tegw
Jr. Member
*
Offline Offline

Activity: 165
Merit: 5


View Profile
June 23, 2018, 07:32:15 AM
 #27

I think that it is much more likely that a proof of stake coin will displace Bitcoin than Bitcoin will transition to proof of stake. A lot of people are in Bitcoin for speculation not because of the protocol, if we.start seeing mass adoption of an alt they will flee out in to that lowering the price , but difficulty will stay the same.
Snakerist
Member
**
Offline Offline

Activity: 308
Merit: 15


View Profile
June 24, 2018, 02:02:36 PM
 #28

Of course, Proof-of-stake algoritm is much better than POW in efficiency, but it's the question whether we can implement it in Bitcoin network or not.

TALENTSNAP
⇐ ● Proof Artificial Intelligence Technology on the Blockchain to Automate Hiring ● ⇒
○ ○ ○ ➀ WEBSITEWHITEPAPERTELEGRAMTWITTERFACEBOOK  ○ ○ ○
aliashraf
Sr. Member
****
Offline Offline

Activity: 532
Merit: 292


View Profile
June 25, 2018, 08:38:39 AM
 #29

I think, this historical topic is a good evidence that PoS is not a new idea just a matter of common sense in the most naive way ever: let's instead of consuming energy and spending costs secure the network with our reputation/deposit whatever, easy peasy  Grin

This idea, PoS is trending now not because of its brilliance but because of PoW crisis, imo. Pools, ASICs, ... have ruined PoW and are getting more aggressive on a daily basis and governance is an unsolved problem and we can't improve, we can't evolve. Bitcoin is experiencing an ice age and it is so natural that naive ideas like PoS are becoming more popular.

I don't think PoS is a better idea so, it has been around for a long time, before bitcoin and PoW.

It can't do anything about inflation it shouldn't, it is just ridiculous to let coins to reproduce.

As of what op has suggested 7 years ago, PoS being adequate for transaction processing, I doubt it too ...

PoS has a centralization gradient, like what many claim about PoW (because of pools and ASICs) but for PoW there is cure  while PoS has no cure, it is of best interest of stake holders to form banks and cartels and let them decide about what or whose transactions to confirm or reject. Pos is nothing more than a cartoon of traditional banks, imo.

neocryptrix
Jr. Member
*
Offline Offline

Activity: 52
Merit: 4


View Profile
June 27, 2018, 07:24:38 PM
 #30

It's so fascinating that my keyword search of "Proof of Stake," a very common part of the modern crypto lexicon, may have been born out of this thread started 7 years ago. It's a true testament to the open source nature of blockchain technology. I hope to see the continued success of crypto and look forward to being in the world that functions as a part of this technology.

★ PRiVCY ➢ Own Your Privacy! ➢ Best privacy crypto-market! ★
✈✈✈[PoW/PoS]✅[Tor]✅[Airdrop]✈✈✈ (https://privcy.io/)
Traxo
Full Member
***
Offline Offline

Activity: 305
Merit: 122



View Profile
July 13, 2018, 02:59:09 PM
 #31

Every post from @anunymint apparently was deleted.

Some of this thread was archived here and here.
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!