Are PoS coins secure and reliable?

[darkota]

....
A Nothing at Stake attack was done twice on Navajo, which is a PoS coin. That attacker, since he owned 50% of all navajocoins, can now doublespend, anytime he wants at any time in the future, just because he owned 50% of all coins temporarily....PoS=Piece of Shit.

ONCE AGAIN.
Cheap coins who are in 90% kept on bittrex to sell on pump are valuable because none protect network!

attacker can have 2% of all coins and make 51% attack... when coin don't use solution from POS2.0 is even more valuable to such attacks.

In POS2.0 you cannot generate "more mining power being offline" only online coins can get coin age.
so problem with "owning 50% of all coins temporarily" is minimal and much harder to exploit...
Navajo is not protected because of no one is staking...
Not using POS2.0 make it even more valuable to attack.


Now look at similar POW coins  if you rent mining ring 100Mhs you can attack 18coins with 51%...
http://www.coinwarz.com/cryptocurrency?sort=hashrate&dir=asc

Same situation like with POS shitcoins who no one protect...

Sir, you obviously don't get the point.

The point is, with PoS, if you acquire 50% of all coins, you will ALWAYS be able to do a doublespend attack, whether you still have the 50% of coins or not.

With PoW, you can only doublespend for the amount of time you are above 50% hashrate.

Again, PoS=Piece of Shit.

[XbladeX]

My logic was mathematically fundamental. The input entropy set is quite deterministic and well known and thus can be preimaged. For example, accumulating a lot of coin-days-destroyed and then targeting them in clever ways to subvert the security.
...

In POS2.0 you can not accumulating a lot of coin-days being offline.
Only online coins can accumulate.

[Este Nuno]

There are different implementations of PoS, some are vulnerable, some are more secure than PoW.

Yeah.

Just because some coins have flaws that have been exploited does not mean that PoS as a whole can be dismissed.

People should be working together to push PoS technology forward as it's clearly superior to PoW. I find it hard to believe that someone could justify the excess of PoW if and when a PoS alternative exists. Other than making an argument for PoW purely out of self interest of course.

Right now PoW is dominant. And there are some PoS currencies like NXT that are progressing well and appear to have a good chance of solidifying their place as the first secure decentralised PoS currency. Time will tell how it plays out, but it's looking good for PoS thus far I think.

It's possible that PoS isn't feasible but so far even for 'Nothing at Stake' attacks, V. Buterin and Come-From-Beyond seemed to agree that there was a theoretical solution. And that seems to be the main issue right now against PoS.

A Nothing at Stake attack was done twice on Navajo, which is a PoS coin. That attacker, since he owned 50% of all navajocoins, can now doublespend, anytime he wants at any time in the future, just because he owned 50% of all coins temporarily....PoS=Piece of Shit.

That's like saying Bitcoin and all other PoW coins are a piece of shit because lukejr 50% attacked coiledcoin a while back.

[darkota]

There are different implementations of PoS, some are vulnerable, some are more secure than PoW.

Yeah.

Just because some coins have flaws that have been exploited does not mean that PoS as a whole can be dismissed.

People should be working together to push PoS technology forward as it's clearly superior to PoW. I find it hard to believe that someone could justify the excess of PoW if and when a PoS alternative exists. Other than making an argument for PoW purely out of self interest of course.

Right now PoW is dominant. And there are some PoS currencies like NXT that are progressing well and appear to have a good chance of solidifying their place as the first secure decentralised PoS currency. Time will tell how it plays out, but it's looking good for PoS thus far I think.

It's possible that PoS isn't feasible but so far even for 'Nothing at Stake' attacks, V. Buterin and Come-From-Beyond seemed to agree that there was a theoretical solution. And that seems to be the main issue right now against PoS.

A Nothing at Stake attack was done twice on Navajo, which is a PoS coin. That attacker, since he owned 50% of all navajocoins, can now doublespend, anytime he wants at any time in the future, just because he owned 50% of all coins temporarily....PoS=Piece of Shit.

That's like saying Bitcoin and all other PoW coins are a piece of shit because lukejr 50% attacked coiledcoin a while back.

In a way, but the difference is you can only doublespend on Bitcoin if you have 50% or above hashrate(even then its not 100% that youll succeed), with PoS, you can doublespend when you have 50% coins, and even when you dont have 50% of the coins anymore. So once you get 50%, you will always be able to doublespend, at any point in the future..

[XbladeX]

....
In a way, but the difference is you can only doublespend on Bitcoin if you have 50% or above hashrate(even then its not 100% that youll succeed), with PoS, you can doublespend when you have 50% coins, and even when you dont have 50% of the coins anymore. So once you get 50%, you will always be able to doublespend, at any point in the future..

no man.... this not goes that way....
i was talking to POS dev if you have 2 addresses A = 50% B =50%
they have equal chance to stake... who will win is random.

dont forget coin age parameter...
A adress have 50% of all coins... ( 50% mine block chance )
B adress have 25% of all coins... ( 25% staking chance )

day 1.
A adress have 50% of all coins... ( 50% mine block chance ) adress A mine blok
B adress have 25% of all coins... ( 25% staking chance ) + 1 coin age

day 2.
A adress have 50% of all coins... ( 50% mine block chance ) adress A mine blok  + 1 coin age
B adress have 25% of all coins... ( 50% staking chance coinage parameter kicks in and reset)...
....

that staking chance is weight in POS this is not so simple if that would be like you are saying - none will ever stake with low amount of coins...
I have one BC address with 100BC and it can stake once per week...

[Octavius]

More staking nodes you have then better for POS security.

I see a big security issue here.

- 1000 wallets holds a few coins and are installed on multiples computers or virtual machines and the biggest wallets are and will be not always online.

That means these 1000 wallets will be able to validate/reject transactions as they want.

In a POW coin like bitcoin, it is not the number that is important but the power of the computers.

[Este Nuno]

There are different implementations of PoS, some are vulnerable, some are more secure than PoW.

Yeah.

Just because some coins have flaws that have been exploited does not mean that PoS as a whole can be dismissed.

People should be working together to push PoS technology forward as it's clearly superior to PoW. I find it hard to believe that someone could justify the excess of PoW if and when a PoS alternative exists. Other than making an argument for PoW purely out of self interest of course.

Right now PoW is dominant. And there are some PoS currencies like NXT that are progressing well and appear to have a good chance of solidifying their place as the first secure decentralised PoS currency. Time will tell how it plays out, but it's looking good for PoS thus far I think.

It's possible that PoS isn't feasible but so far even for 'Nothing at Stake' attacks, V. Buterin and Come-From-Beyond seemed to agree that there was a theoretical solution. And that seems to be the main issue right now against PoS.

A Nothing at Stake attack was done twice on Navajo, which is a PoS coin. That attacker, since he owned 50% of all navajocoins, can now doublespend, anytime he wants at any time in the future, just because he owned 50% of all coins temporarily....PoS=Piece of Shit.

That's like saying Bitcoin and all other PoW coins are a piece of shit because lukejr 50% attacked coiledcoin a while back.

In a way, but the difference is you can only doublespend on Bitcoin if you have 50% or above hashrate(even then its not 100% that youll succeed), with PoS, you can doublespend when you have 50% coins, and even when you dont have 50% of the coins anymore. So once you get 50%, you will always be able to doublespend, at any point in the future..

That's not accurate with regards to PoW. PoW is far, far less secure than you seem to think it is. See:

http://hackingdistributed.com/2014/06/16/how-a-mining-monopoly-can-attack-bitcoin/

Specifically:

33-50%
Selfish mining will yield profits above fair share even if Bitcoin is patched. Selfish miner need not be well-connected to the network to win; it can unilaterally earn more Bitcoins with selfish mining. No fix possible, ever.

Double-spends against 6-confirmed transactions are feasible but not guaranteed to succeed. N-confirmations for large N will mitigate merchants' risk.

>=50%
Loss of decentralized trust narrative, inability to differentiate Bitcoin from competing technologies.

Double-spends against 6-confirmed transactions are certain to succeed.

Selected miner targeting: Pool can reject any selected block found by any competing miner.

Selected transaction targeting: Pool can reject any selected transaction and keep it out of the blockchain.

Selected address blocking: Pool can block Bitcoin flows in or out of selected addresses.

Transaction Differentiation: Pool can deprioritize certain transactions and rely on other miners to mine them unless a (hefty) fee is attached.

Fee Extortion: Pool can deny transactions from a particular address unless a (hefty) fee is attached to those transactions.

Complete denial of service: Pool can ignore and orphan every single block found by competitors, thus stop all Bitcoin transactions.

____


So starting at 33% a miner can have a reasonable chance to double spend. And 50% is not just a chance at double spending. It's full blown control of the network on many levels as listed there.

[XbladeX]

More staking nodes you have then better for POS security.

I see a big security issue here.

- 1000 wallets holds a few coins and are installed on multiples computers or virtual machines and the biggest wallets are and will be not always online.

That means these 1000 wallets will be able to validate/reject transactions as they want.

In a POW coin like bitcoin, it is not the number that is important but the power of the computers.

I wasn't to precise i am sorry.

Minig power ( POW ) = Weight in POS ( weight = number of staking coins * coin age )  
// coin age is number of days you wait till stake you get more days over time (in POS 2.0 coin age you get only being online offline coin age = 1 in POS1.0 you can get it offline and accumulate it)

More staking nodes you have then better for POS security.
Now more coins in different wallets better for network no mining concentration   same like inPOW 100 small miners is better than 3 big miners. ( i was not to precesie in that before )

In POS big holders have to secure network elsewhere they will make insecure network - you hurt themself.

[sgi02]

In POS2.0 you can not accumulating a lot of coin-days being offline.
Only online coins can accumulate.

At least with BC; I found it interesting that they were moving to SHA256 for POS 2.0 vs Scrypt. Not sure what the technical reasoning was behind this, but interesting none the less.

[XbladeX]

In POS2.0 you can not accumulating a lot of coin-days being offline.
Only online coins can accumulate.

At least with BC; I found it interesting that they were moving to SHA256 for POS 2.0 vs Scrypt. Not sure what the technical reasoning was behind this, but interesting none the less.

http://www.blackcoin.co/blackcoin-pos-protocol-v2-whitepaper.pdf

D. Hash Function
The original NovaCoin protocol called for the use of
”Scrypt” [5] as its Proof-Of-Work; also being used as the
block hash. However there are some issues with that previous
implementation. Using Scrypt offers no real advantage to
Proof-Of-Stake; and is far slower than some alternatives. Since
BlackCoin is no longer in PoW phase, the only major change
would have to occur in the algorithm for determining the block
hash. Therefore the block hash has been changed back to
SHA256d. To reflect this the block version has been increased
to version 7.

PS: From my experience Blackhalo is using SHA256d so i speculate that scrypt have some limitations
to use multi sing technology. ( 2 factor authentication in clients - in Halo addresses have 2 dimensions )
or is just slower.

[AliceWonder]

People should be working together to push PoS technology forward as it's clearly superior to PoW.

Clearly? Seems it serves the interests of the wealthy over the poor (as to some PoW systems) but to state it is clearly superior, I assume you have some kind of mathematical proof?

There were people who said the European brain was clearly superior to the African brain. When properly invested with science, that was clearly debunked.

Statements like clearly need proof.

I find it hard to believe that someone could justify the excess of PoW if and when a PoS alternative exists. Other than making an argument for PoW purely out of self interest of course.

I think you want to reduce excess, there are bigger sources of excess to worry about that most of you probably justify to yourselves.

Right now PoW is dominant. And there are some PoS currencies like NXT that are progressing well and appear to have a good chance of solidifying their place as the first secure decentralised PoS currency. Time will tell how it plays out, but it's looking good for PoS thus far I think.

Yes, PoW is dominant yet there are several examples where PoS has resulted in serious issues.
That's not a good argument to continue the PoS experiment.

It's possible that PoS isn't feasible but so far even for 'Nothing at Stake' attacks, V. Buterin and Come-From-Beyond seemed to agree that there was a theoretical solution. And that seems to be the main issue right now against PoS.

I think PoS is a buzz word, like cloud and many others. Buzz words are good for marketing, for the pump before the dump.

[devphp]

Yes, PoW is dominant yet there are several examples where PoS has resulted in serious issues.
That's not a good argument to continue the PoS experiment.

PoW coins have had a lot of serious issues too, but that doesn't stop people to continue the PoW experiments, so why stop with the PoS experiments, your statement sounds illogical

Neither Bitcoin nor other PoW nor any PoS coins have entered mainstream yet, and if/when they do, people won't care what crypto to use as long as it's convenient (they won't be able to mine (in the case of PoW) any of it, buying already is/will be the only option for 99.9% of them), secure, has a lot of services on top.

[Kellyjazz]

It is true that it's easier to attack PoS coin, but it's sorta impossible for new coin to use PoW,otherwise, those with ASIC miner will dominate the coin.

[devphp]

It is true that it's easier to attack PoS coin, but it's sorta impossible for new coin to use PoW,otherwise, those with ASIC miner will dominate the coin.

There are different implementations of PoS, some are vulnerable, some are more secure than PoW.

It's not impossible for new coins to use PoW, especially if they run on an algo that ASICs haven't been invented for yet, or something like Myriadcoin with 5 independant algos. Myriadcoin is not susceptible to 51% attack, but you never hear much about it. Why? Because most posts here are from miners, who don't give a flying fuck about the future of a coin, all they care about is profits from mining. They can't fairly and accurately assess fundamentals and advantages of a coin and don't even try to. They cry scam to everything that doesn't let them mine and dump for a profit. And naturally PoS coins don't let them mine and dump, hence they cry foul as soon as they see the word 'PoS' in a sentence.

[sillybear]

It is true that it's easier to attack PoS coin, but it's sorta impossible for new coin to use PoW,otherwise, those with ASIC miner will dominate the coin.

There are different implementations of PoS, some are vulnerable, some are more secure than PoW.

It's not impossible for new coins to use PoW, especially if they run on an algo that ASICs haven't been invented for yet, or something like Myriadcoin with 5 independant algos. Myriadcoin is not susceptible to 51% attack, but you never hear much about it. Why? Because most posts here are from miners, who don't give a flying fuck about the future of a coin, all they care about is profits from mining. They can't fairly and accurately assess fundamentals and advantages of a coin and don't even try to. They cry scam to everything that doesn't let them mine and dump for a profit. And naturally PoS coins don't let them mine and dump, hence they cry foul as soon as they see the word 'PoS' in a sentence.

If the Algo is support by ASIC, the coin will be dominated by ASIC.
If it is supported by GPU, it would be dominated by big GPU farm
If it is a CPU coin, you are invite botnets.
If it is PoS, miners don't like it and big holder has advantage

Yes, PoW is dominant yet there are several examples where PoS has resulted in serious issues.
That's not a good argument to continue the PoS experiment.

PoW has its vulnerabilities too. And cryptocurrency as a whole has lots of serious problems too (eg inputs.io, mtgox). Are you going to say since there are so much issues in crypto currency, we should stop "experiment" or using cryptocurrencies all together?

[devphp]

If the Algo is support by ASIC, the coin will be dominated by ASIC.
If it is supported by GPU, it would be dominated by big GPU farm
If it is a CPU coin, you are invite botnets.
If it is PoS, miners don't like it and big holder has advantage

Yes, so basically you'll have to try very hard to invent a new coin to see a happy miner, looks like they don't like anything these days, haha

Fortunately, the purpose of a coin is not to make miners happy. If someone invents a coin with the purpose to make miners happy, the coin will eventually be a failure.

[Amph]

you can rely on hash limit, to take out big gpu farm and asic, new generation of coins should do hash limit, as a mandatory feature

[XbladeX]

you can rely on hash limit, to take out big gpu farm and asic, new generation of coins should do hash limit, as a mandatory feature

All feature can be abused unfortunately...

VPNs, Proxiex, VirtualMashines... there won't be a perfect world in crypto.

... They cry scam to everything that doesn't let them mine and dump for a profit.
And naturally PoS coins don't let them mine and dump, hence they cry foul as soon as they see the word 'PoS' in a sentence.

+1

[Amph]

you can rely on hash limit, to take out big gpu farm and asic, new generation of coins should do hash limit, as a mandatory feature

All feature can be abused unfortunately...

VPNs, Proxiex, VirtualMashines... there won't be a perfect world in crypto.

... They cry scam to everything that doesn't let them mine and dump for a profit.
And naturally PoS coins don't let them mine and dump, hence they cry foul as soon as they see the word 'PoS' in a sentence.

+1

you can ban suspicious account

[Este Nuno]

People should be working together to push PoS technology forward as it's clearly superior to PoW.

Clearly? Seems it serves the interests of the wealthy over the poor (as to some PoW systems) but to state it is clearly superior, I assume you have some kind of mathematical proof?

There were people who said the European brain was clearly superior to the African brain. When properly invested with science, that was clearly debunked.

Statements like clearly need proof.

I find it hard to believe that someone could justify the excess of PoW if and when a PoS alternative exists. Other than making an argument for PoW purely out of self interest of course.

I think you want to reduce excess, there are bigger sources of excess to worry about that most of you probably justify to yourselves.

Right now PoW is dominant. And there are some PoS currencies like NXT that are progressing well and appear to have a good chance of solidifying their place as the first secure decentralised PoS currency. Time will tell how it plays out, but it's looking good for PoS thus far I think.

Yes, PoW is dominant yet there are several examples where PoS has resulted in serious issues.
That's not a good argument to continue the PoS experiment.

It's possible that PoS isn't feasible but so far even for 'Nothing at Stake' attacks, V. Buterin and Come-From-Beyond seemed to agree that there was a theoretical solution. And that seems to be the main issue right now against PoS.

I think PoS is a buzz word, like cloud and many others. Buzz words are good for marketing, for the pump before the dump.

I think it's self evident that all else being equal a PoS system that uses a fraction of the energy that a PoW system does is superior. Is all else equal yet? No it's not, which is why we should be progressing towards a state where PoS is tested and demonstrably secure.

If it's not possible then that will be shown over time. At this point it's looking very good for PoS. If some of the best minds in the cryptocurrency arena are debating the issue and coming up with issues that seem to have apparent solutions then it appears that progress is being made.

If someone told you ten years ago that they were working on a trustless decentralised digital currency you might have thought it was too good to be true or just buzz words as you say.