Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Altcoin Discussion
Topic OP
PPCoin Criticism / Security / etc
by
fido
on 27/11/2012, 06:38:34 UTC

At present, I've concluded there are only a few 'legit' remaining alt-coins at the moment (ie. not dead yet) , with varying degrees of legitimacy.

Litecoin (LTC)
PPCoin (PPC)
Namecoin (NMC)
Devcoin (DVC)
Terracoin (TRC)
Liquidcoin (LQC)


All of the remaining alt-coins which are not dead are Bitcoin Forks -- with the two main exception being PPcoin (using 'proof of work' along with 'proof of stake') and Liquidcoin (which is based on Tenebrix and modified Bitcoin).

The main advantage of a pure Bitcoin fork (Litecoin, Namecoin, Devcoin, and Terracoin) is that the security model is well analyzed, and the strengths and weaknesses are well-known.   Yet we avoid the existing bureaucracy and codebase from Bitcoin, allowing the development to take a different direction from BTC.

However, this 'inheritance' of Bitcoin's security model certainly does not apply to PPcoin.

I have yet to see a comprehensive whitepaper or design document on PPcoin.   There is a complete lack of transparency with PPcoin, and it seems to be based upon novelty of 'proof of stake' without any comprehensive cryptographic rationale.

Criticisms of PPcoin:

(1) The author has not published a Design Document or a Protocol Specification ... only an extremely shallow non-academic whitepaper , which prevents analysis of how addition of proof-of-stake affects the security model.

(2) The author is not amenable to community suggestions (such as integrating the proof-of-stake and proof-of-work blocks together, rather than keeping them separate) to increase security.

(3) There have been numerous criticisms regarding the PPcoin protocol security on these forums, but the PPcoin author seems to take a 'trust me I'll fix it in the next release' approach to security.  Why rush to release PPcoin in an immature form (with an awful name), rather than taking the time to get the design right from the start?   Arrogance and secrecy is not a substitute for security.

(4) It appears the PPcoin algorithm uses SHA256 rather than Scrypt.  Why is this fact so buried (in that we need to wade through the source to learn about it?)   

(5) Lack of transparency.  There is not an open discussion of flaws, strengths, weaknesses and possible attacks.  These are shot down by the author as being 'unrealistic' even though these attacks (accumulating 'stake' to attack the protocol) are quite realistic.

(6) The phonetic name "Pee-pee coin"... Would Coca-Cola have succeeded if it was called "PP-cola"?

As such, I do not consider PPcoin to be a secure alternative cryptocurrency.   Certainly not until the PPcoin author takes the time to draft and publish a comprehensive and detailed design document and/or protocol specification (with rationale for design choices, strengths, weaknesses, etc) to the community (rather than suggesting the community wade through the source code , and reverse engineer the protocol from the source).