Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: Proof that Proof of Stake is either extremely vulnerable or totally centralised
by
d5000
on 07/08/2018, 02:29:02 UTC
Quote from: Zin-Zang on July 28, 2018, 11:47:11 AM
If you modify the wallet client to place false time date in the blocks , all you are doing is making a hard fork that the other nodes will ignore.
No, monsterer is right here. You cannot differentiate a blockchain with "fake" timestamp and one with "real" timestamps.

The blockchain is a relatively simple database. It's only possible to check if the hashes correspond to a real block.

Things would be different if, at every block, a majority of the staking participants (=those holding 50%+1) would have to sign a message that the last block they received was received in a certain time interval, and all these messages would be included in the next block. This is basically what Proof of Approval is wanting to achieve. The downside is that a majority of all coin holders must be always online.

This isn't the case in "traditional PoS", where you can simply write your blockchain to the disk, when you want. You can even build it in something like Excel, based on previous blockchain data, and then save it Wink

I still believe traditional, "naive" Proof of Stake is pretty secure if certain conditions are met, the most important being no incentives to stake multiple chains at once - staking algorithms like Peercoin with coin-age based rewards (not to be confused with coin-age based weight!) achieve that. A N@S attack is not impossible, but I think it is so difficult to carry out that it becomes extremely expensive, in the same order of magnitude than a 50+1% PoW attack.

The basic question is: how to buy old keys or bribe the stakeholders holding the  50+1%?

I already heard some ideas, like distributing a fake wallet client which is praised to give holders a "higher minting reward" but steals their coins or ensures in other ways that the network consensus gets corrupted. But people with significant holdings ("whales") would not be easily tricked into this. And if the code is open source then the hack will be discovered soon.

It could also be tried to buy the old keys at a black marketplace, but if the coin is mature enough, you would never get near even 10% of the holdings - at least if rolling checkpoints are implemented.

The only relevant option I know until now is the "shorting attack", but it is extremely expensive and risky. And it works with PoW coins, too, if you buy mining hardware/hashrate instead of coins.