Proof-of-work is absolute truth, proof-of-stake is relative truth. Both have their role. But for the most important transactions it's better to produce more clean energy than to give up on the undeletable history that accumulated work provides.
Conversation
Replying to
I think I'm missing something here, would love some more color!
As I understand, PoW could re-write history the same as PoS if you got the right "fixed set of humans".
For PoW it's 51% of miners, for PoS it's 51% of stakers.
Maybe one is more robust than the other -- why?
3
24
I guess what I'm wondering is, are you arguing:
(a) there's something very fundamentally different about blockchain security via miners vs via stakers
(b) in practice, one is much safer (why?) than the other, although in theory they have similar strengths/weaknesses
5
1
25
I'm arguing (a).
Because mining is a computation, while staking is more like a BoD vote, even if the current set of miners collude they can't rewrite the entire chain history. That requires years of compute.
See Poelstra on "costless simulation" here.
download.wpsoftware.net/bitcoin/pos.pdf
2
7
40
Replying to
ok, that's interesting. Does this summarize it?
in PoS:
a) it's easy to create fake blocks
b) this won't help attack network by default, people ignore them
c) *but* it's easy enough you can cheaply create a super-long valid-but-false history, so "longest chain" doesn't work
2
1
13
I.e. with PoW, given just the starting conditions of the network (the rules of propogation) and a set of proposed histories, you can tell which is "real": it's the longest valid history.
but with PoS you can't; the longest valid one might be made up and not historically correct
1
13
Yeah. You need some kind of trusted signal to tell you which is the "real" proof-of-stake chain if there are N contenders. It could just be a tweet, for example. Often that's not a big ask.
But the Bitcoin chain can be validated even in the noisiest of information environments.
2
14
Replying to
yup, and the reason you can't do it "purely" with PoS is that it instead reduces to "you can do a plausible history attack if you *ever* had 50% network control"; it doesn't require you to still have it
I think we haven't yet seen blockchains in wartime, when the fate of nations depends on how much BTC they have.
We don't know if the current mining approach will work then (vs, say, ProgPOW) but it is more robust to *some* attacks than PoS (& vice versa).
Quote Tweet
To argue the other side of it, proof-of-stake does have the advantage of being N globally distributed, possibly pseudonymous individuals rather than M geographically fixed mining farms.
This kind of thing has always been the concern with proof-of-work:
twitter.com/bigmagicdao/st
Show this thread
1
21
Show replies
It is evident, that anything that gives access to Autonomous Control over a system will be exercised at a certain point in time.
