I'm going a bit off-topic, but as long as we're here... Can you briefly describe where in this taxonomy fall
proof of stake ideas of myself et al (eg
this comment)? The general idea is to make sure that those with the ability to game the system are those with the least incentive to do so. The motivation is to enable high transaction security for those willing to wait long enough, with only a small amount of wasteful proof-of-work.
Well your "proof-of-stake" doesn't have anything to do with issuance. You are assuming coins have already been issued, and then just suggesting using digital signatures by current holders as a way of maintaining the transaction ledger.
Indeed that's reasonable, and also pretty straightforward. I didn't read your thread carefully but there is more to it than just using signatures; you need to
atomically commit transactions to ensure all honest participants agree on the current ledger state. The basic primitives in distributed systems to do that is a distributed consensus procedure (aka "Byzantine agreement") and state machine replication.
Szabo wrote up a sketch of such a system long ago; it explains the correct way to do what you want.
http://szabo.best.vwh.net/securetitle.htmlThe problems I was referring to don't come up in maintaining the ledger for transfers, but rather in the mechanism for issuance of new coins/property. Once you already have a notion of a "participant", "voter", or "owner", maintaining the ledger is just a straightforward application of distributed consensus. The problems arise when you want to add new participants/voters/owners.
But I bet you already understand this. In fact, I'd guess you came up with proof-of-stake and then realized "hey wait, proof-of-stake makes transfers much simpler". Equivalently, what you actually realized is "hey wait, that means issuance is a much, much harder problem than transfers".
