Do you think Bitcoin should modify to POW + POS ? █████ Poll █████

[jonald_fyookball]

Regarding the stake grinding attack, suppose you must
keep coins for 1000 blocks with a security deposit in
order to mint.  You buy coins at block 1000, keep them
till block 2000, get your deposit back, and
sell them at block 2001, and then broadcast
a fake chain from block 2000.   

The protocol does not allow you to forge for 1440 blocks, from the moment when you bought your stake. (security margin)
The protocol forbids blockchain reorgs of more than 720 blocks.

Your chain would violate the protocol and not be accepted.

This is a real world example.

You could argue that a fake chain <720 would be enough to do nasty stuff (which is right).


I don't quite get the magic that happens between buying and:

broadcast a fake chain

In your example, if you bought 51% (good luck!), and waited 1440 blocks, you could not build a fake chain during that time because you're not allowed to produce any blocks... so, you have 1 blocks time to build a longer chain (and be sure to trick the algo so that you're always the one to be selected for generating the next block... again, good luck!)

tl:dr

PoS is safe.

We were talking about Vitalik's proposal; now you seem
to be referring to NXT.  Difficult to have a debate about
it if we keep switching implementations.

You do realize you do not need 51% of resources
to do a re-org, right?  It's just that at 51%, you
are guaranteed to succeed.

Also, why do you say you only have 1 block time
to build a longer chain?  You would have up
to 720 blocks to do it.  Obviously, if you're
an attacker, you would want to do it as fast
as you can to maximize your chances of success.

So you have to wait 1440 blocks;  Since NXT's
blocks are 1m, that means you can attempt
the attack once a day with the same amount
of stake.

Arguably, you could make it safer by increasing
the security margin.  However, that would basically
give more stake to fewer people, who could attack
less often but with greater chances.

[onemorebtc]

The protocol forbids blockchain reorgs of more than 720 blocks.

without knowing too much about nxt this sounds attackable.

if i can control the network access from a new node (because for him its not an reorg he just sees to chains).
pow prevents this by using work which the new user can verify.

what does pos in this case?

[achimsmile]

One undeniable bit of evidence Bitcoin has is the fact that it has been extremely secure after 6 years and a market cap of 4-10billion for over a year thus has maintained much higher level of scrutiny from both hackers and security researchers alike vs any other alt.

That's a good point, bitcoin is proven many times, over a long time.

I wonder how many years it takes until people begin to consider PoS as secure.

[onemorebtc]

One undeniable bit of evidence Bitcoin has is the fact that it has been extremely secure after 6 years and a market cap of 4-10billion for over a year thus has maintained much higher level of scrutiny from both hackers and security researchers alike vs any other alt.

That's a good point, bitcoin is proven many times, over a long time.

I wonder how many years it takes until people begin to consider PoS as secure.

i'd say its more about market cap than time...
i wouldnt trust a pos system if it ran for ten years but only deals with ten dollars max

[inBitweTrust]

One undeniable bit of evidence Bitcoin has is the fact that it has been extremely secure after 6 years and a market cap of 4-10billion for over a year thus has maintained much higher level of scrutiny from both hackers and security researchers alike vs any other alt.

That's a good point, bitcoin is proven many times, over a long time.

I wonder how many years it takes until people begin to consider PoS as secure.

We already do consider it relatively secure, many have for a while. The disagreement lies within other factors like fair distribution mechanism PoW facilitates because miners are forced to sell most of their block reward to cover costs and the degree of security which is unresolved because no one has enough data.

Despite the costs and inefficiencies Vitalik has still settled upon PoW for ethereum and he really wanted badly to use TaPoS with weak subjectivity.

[onemorebtc]

We already do consider it relatively secure

i dont
who is "we"

[inBitweTrust]

We already do consider it relatively secure

i dont
who is "we"

This topic has been discussed to death over the last 2 years. I notice at least 30% are open to PoS security model having both security benefits and weaknesses compared to PoW.

Every variation of PoS has nuances that can get very complicated when you start studying them . I good place to start if Vitalik's blog and than start reading the research papers.

[onemorebtc]

We already do consider it relatively secure

i dont
who is "we"

This topic has been discussed to death over the last 2 years. I notice at least 30% are open to PoS security model having both benefits and weaknesses compared to PoW.

i've read most of this discussions and my impressions differs.
but anyhow its an experiment. if there is a better solution to the byzantine generalis problem than bitcoin i'd welcome it.

[achimsmile]

We were talking about Vitalik's proposal; now you seem
to be referring to NXT.  Difficult to have a debate about
it if we keep switching implementations.

Nxt uses "weak subjectivity" too in the form of the "security deposit length" he talks about, so it should not be a problem.

You do realize you do not need 51% of resources
to do a re-org, right?  It's just that at 51%, you
are guaranteed to succeed.

Yes, just did it ot of convenience. Same as in PoW systems

and it depends on the length of the re-org  
The longer the reorg, the more unprobable it is to succeed with less than 51%

Also, why do you say you only have 1 block time
to build a longer chain?  You would have up
to 720 blocks to do it.  Obviously, if you're
an attacker, you would want to do it as fast
as you can to maximize your chances of success.

I was just following your example where you try to sell your stake after 1 block of being eligible to forge.
Agree with the rest, reorg is only possible up to 720 blocks.

So you have to wait 1440 blocks;  Since NXT's
blocks are 1m, that means you can attempt
the attack once a day with the same amount
of stake.

yes, attempt.

Arguably, you could make it safer by increasing
the security margin.  However, that would basically
give more stake to fewer people, who could attack
less often but with greater chances.

Don't know if it would be safer, but why would it give more stake to fewer people?

[inBitweTrust]

i've read most of this discussions and my impressions differs.
but anyhow its an experiment. if there is a better solution to the byzantine generalis problem than bitcoin i'd welcome it.

Look at the poll above which shows almost 50% of people open to a PoW + PoS Bitcoin hybrid. They are open to it because PoS has certain advantages.(I would argue disadvantages as well)

Nxt is ultimately doomed because its legacy history of a botched ICO and centralization problems which haven't gotten better.... and this is reflected in it loosing ground to Bitcoin and other currencies regardless of how bad they are doing themselves.

[Alty]

I voted yes.

A hybrid system would be great for btc and probably secure the network in a less centralized fashion as many many more nodes contributed to PoS mining.

I doubt that the bitcoin community / foundation / core devs would ever have the balls to make it happen though.

[Flashman]

I doubt that the bitcoin community / foundation / core devs would ever have the balls to make it happen though.

The proxy for balls is market cap, PoS supporters with balls will inevitably support a PoS coin that will supplant bitcoin "any day now".

[inBitweTrust]

I voted yes.

A hybrid system would be great for btc and probably secure the network in a less centralized fashion as many many more nodes contributed to PoS mining.

I doubt that the bitcoin community / foundation / core devs would ever have the balls to make it happen though.

They don't need to make anything happen. I already mentioned one example that requires no soft/hard fork at all and simply requires a wallet that many would happily adopt.

Sidechain or not. No need for burning bitcoins, as someone could simply create a TaPoS blockchain that mirrored and synced the distribution of BTC and than have a wallet acknowledge both blockchains but have the TaPoS layer hidden where only BTC is used and the TaPoS layer acts to add another form of security that could have 1-30 second confirmation times in addition to PoW 10 min confirmation times.

I.E... pay for a cup of Coffee the confirmations start rolling in this way:
TaPoS 1 second confirmation, TaPoS 3 second confirmation, TaPoS 5 second confirmation, TaPoS 10 second confirmation, TaPoS 30 second confirmation, TaPoS 1 min confirmation, TaPoS 3min confirmation, TaPoS 5 min confirmation,TaPoS 7min confirmation, PoW Bitcoin 1st confirmation ~10min, TaPoS 13min confirmation, ect...

This would allow you to have instant confirmations and better security because now you are trusting full nodes and miners and you could detect a PoW 51% attack if the TaPoS confirmations weren't confirming while the PoW confirmations were.

You wouldn't even need a softfork or hardfork to accomplish this, just a TapoS blockchain and a wallet that acknowledged it.

[jonald_fyookball]

So you have to wait 1440 blocks;  Since NXT's
blocks are 1m, that means you can attempt
the attack once a day with the same amount
of stake.

yes, attempt.

yes, and with little to no cost.

Arguably, you could make it safer by increasing
the security margin.  However, that would basically
give more stake to fewer people, who could attack
less often but with greater chances.

Don't know if it would be safer, but why would it give more stake to fewer people?

Because everyone who is transacting, moving coins,
or just got them won't be able to forge.  So those
people's stake won't be part of the proof of stake
consensus.

[VectorChief]

In short the differences are as follows:
PoS - tends towards privatization of the whole system as rich get richer and at the same time automatically acquire more control.
PoW - forces rich to compete for control on a common ground judged by a neutral algorithm thus automatically taxing them.

I disagree

Please tell me where Nxt tends towards privatization,
and tell me if big mining companies are private companies.

Privatization in a sense that if I want to have more say in what gets into blockchain and what doesn't (censorship, accounts freezing) I need to ask major stakeholders' permission to sell me their stake. If they refuse I am out of luck.

If less than 51% of PoS stake is floating on the exchanges for free trade, then the system remains semi-private. In PoW even if no one wants to sell me ASICs I still have an option to fund my own development team and create my own equipment, thus avoiding political censorship, sanctions and so on. PoW allows you to disagree.

That's the gist of it.

[Flashman]

Also, you do get a little autonomy with PoW ASIC mining, you can switch to other SHA256 coins or rig rental if you "disagree" with bitcoin for some reason, and get instantly compensated. You don't have to take a "hit" in that your coins are not mature, moving between PoS coins, and waiting it out every time you think one has a better deal than another.

In that sense there is a bit of a "lock in" problem with a PoS coin, like a cellphone contract, theoretically you can dump it, but it costs you. This in turn will build external distrust of particular coins, "Is it really popular, or are people just scared to move out of it?"

[QuestionAuthority]

This thread is funny to watch. You're all talking about the issue as if you have the ability to change Bitcoin. Those people exist on GitHub and the TBF forum. They communicate about the issues over there. Those people have stated, in no uncertain terms, that Bitcoin will not move away from the current PoW system. Unless you're all talking about a new coin that you're going to call Bitcoin then I'm confused about what's happening here.

[inBitweTrust]

This thread is funny to watch. You're all talking about the issue as if you have the ability to change Bitcoin. Those people exist on GitHub and the TBF forum. They communicate about the issues over there. Those people have stated, in no uncertain terms, that Bitcoin will not move away from the current PoW system. Unless you're all talking about a new coin that you're going to call Bitcoin then I'm confused about what's happening here.

Technically all it takes is one dev (that can come out of nowhere) and a majority of users to switch. The chances of this happening are infinitesimally small though and for good reason.

[QuestionAuthority]

This thread is funny to watch. You're all talking about the issue as if you have the ability to change Bitcoin. Those people exist on GitHub and the TBF forum. They communicate about the issues over there. Those people have stated, in no uncertain terms, that Bitcoin will not move away from the current PoW system. Unless you're all talking about a new coin that you're going to call Bitcoin then I'm confused about what's happening here.

Technically all it takes is one dev (that can come out of nowhere) and a majority of users to switch. The chances of this happening are infinitesimally small though and for good reason.

Yeah, I guess so. It's still funny to watch the debates from the users. Trust me, when the debates are between the power players I watch them with quiet intent.

[jonald_fyookball]

This thread is funny to watch. You're all talking about the issue as if you have the ability to change Bitcoin. Those people exist on GitHub and the TBF forum. They communicate about the issues over there. Those people have stated, in no uncertain terms, that Bitcoin will not move away from the current PoW system. Unless you're all talking about a new coin that you're going to call Bitcoin then I'm confused about what's happening here.

Yes of course, we are all armchair pundits here but trying to make points why (or why not)
changing the protocol would be a good idea.