Re: Proof-of-stake is more decentralized, efficient and secure than PoW- white paper
I am interested in particular in how you are avoiding checkpointing.
In terms of the 51% attack, obviously we don't buy asics we go directly to hash rental markets. I just want to reverse a TX a few blocks in, not own the whole network. Similarly with PoS. I put $25B worth of BTC in a smart escrow, so that I only get it back after I return the requisite numbero of PoS coins to the lenders, with interest / fee / whatever. Then I reverse the transactions on the PoS network I need to reverse, and get you your coin back. There is no reason why a few nice doublespends will crash the price to zero, and anyway the lenders have agreed to accept the units back at contractual terms independnet of price vs. any other asset. If those numbers seem too large, you can replace them with the actual market cap of your coin for a more realistic scenario.
Yes I can see how the security against reversing transactions is proportional to market cap, because you are paying 6% of market cap per year (in your example) to those who secure the network. It is well known that you "get what you pay for".. except of course when you don't
It depends on what you call "a few blocks".
As you are aware of when owning less than 50% of the mining power (be it hash power or staked coins), your probability to successfully conduct the attack decreases exponentially when the number of blocks you want to replace increases.
So I guess we agree that to reverse any transaction of significant value, the attacker would need 50% of the mining power.
In this case I guess it boils down to: Could an attacker realistically "rent" 50% of the mining power?
While it might be possible in PoW if you suppose a very fluid hash rental market (it might be worth noting that this is not what Bitcoin is heading towards), in the case of renting the coins themselves, it sounds highly unrealistic. There will never be an escrow system with 1/ no limit to what you can borrow 2/ enough liquidity.
There's no technical flaw in your argumentation, I just don't believe this is realistic scenario 50% of the mining coins represents a significant portion of the coins. However, it's a very good point against coins with very low mining participation (and PoW!)
Quote
Quote
By time weighting do you mean the use of coin age in the mining equation? If so, the goal was to diminish the variance of the mining process to encourage small stake miners to mine. It has proven ineffective to attract more miners and it greatly hurts the security of the coin.
Concerning the 1 second rule, it is enforced by the fact that the only parameter that varies with time in the kernel (PoS's equivalent of Bitcoin's block header) is the time stamp which has a 1 second granularity.
Interesting. Isn't there a range of timestamps I can look through? Do blocks need to be sequential in timestamp? (they don't in bitcoin classic) Time enforcement is very central to these networks, if you have some new approach I would like to hear it.
What do you mean look through? If you mean guess when your stakes will mine, the stake modifier prevents this.
Blocks do not need to have sequential timestamps. Anyone can broadcast a valid block at any time, however, nodes do not accept blocks created with a proof which time stamp is too far in the future.