Re: Proof-of-stake can never scale without blowing up, because PoS isn't trustless
kiklo, you can't just claim that 'difficulty' field has any relevant meaning in PoS, unless you know what in code is driving the value of that field. Programming isn't like "the UI is always correct". We have to actually understand what the hell "difficulty" means in this PoS algorithm your code is using. Who knows maybe the programmer is setting some value there what is random or just some gibberish hash of some other data. The programmer might have just wanted to use a consistent set of fields between the two UI (PoW and PoS). I really can't determine any thing from that. I'd have to dig into the code, which really isn't fair since I am not being paid to do that.
Every reference I have studied on PoS has never mentioned a difficulty. There is some talk about strategies that an attacker might use which end up using a lot of computation thus being sort of like PoW, except these aren't in the official client and there is no record of the level of that difficulty recorded (since it is an attack not designed into the protocol).
I am sorry but your point about PoS having difficulty doesn't make sense as far as what I know about PoS and the numerous references I have read. The reason your coin hasn't been attacked is it isn't worth doing so. Ethereum wasn't attacked until the marketcap reached $billion and DAO $160m. It has nothing to do with you not needing to use checkpoints. You just got lucky because your coin doesn't have a large enough marketcap to be worth attacking.
That is not intended to be an insult to your coin effort. Everyone should be free to create and market an altcoin. I am not out to destroy all these smaller coins with my words. If you ever manage to reach your larger goals with it, I assume you'll hire a full time programmer then you will start to deal with some of the issues I am pointing out.
Every reference I have studied on PoS has never mentioned a difficulty. There is some talk about strategies that an attacker might use which end up using a lot of computation thus being sort of like PoW, except these aren't in the official client and there is no record of the level of that difficulty recorded (since it is an attack not designed into the protocol).
I am sorry but your point about PoS having difficulty doesn't make sense as far as what I know about PoS and the numerous references I have read. The reason your coin hasn't been attacked is it isn't worth doing so. Ethereum wasn't attacked until the marketcap reached $billion and DAO $160m. It has nothing to do with you not needing to use checkpoints. You just got lucky because your coin doesn't have a large enough marketcap to be worth attacking.
That is not intended to be an insult to your coin effort. Everyone should be free to create and market an altcoin. I am not out to destroy all these smaller coins with my words. If you ever manage to reach your larger goals with it, I assume you'll hire a full time programmer then you will start to deal with some of the issues I am pointing out.
Hey,
if you don't want to believe it , your choice.
I gave you the name of two guys that could talk code , it is up to you whether it is worth your time.
I think many of those articles on PoS were written by people like G.Maxwell that push BTC.
The difficulty increase is also the reason , maxwell's line about the nothing at stake is a bunch of B.S. .
Because if he stakes online, he increases the difficulty , so that his offline coins will never reach a difficulty as high as his online coins, since they are competing with others so he can never overwrite the chain as long as he is trying to stake in both places.
Here is a Proof of Stake formula for you
hashProofOfStake <= [Coin-age] x [Target]
[Coin-age] = [amount of coins] x [days in stake]
Target = Difficulty
Later,
I understand now that by "difficulty" you are referring to the threshold to sign your stake over. And as I told you from this start, this is not computational work that prevents a Long Range attack. One can go back and sign for some state of the chain as far back as the genesis block and pretend that signature was issued back at that time. And rebuild a completely new chain this way, because there is not computational work that has to be done to prevent the attacker from building a very long chain quickly. That is precisely what is meant by the "nothing-at-stake" problem and why checkpoints are required.
So after several pages of you trolling me, now you see I was correct. I warned you.