A Short Primer on Proof of Stake

From the CMC editorial desk: Having read all kinds of articles about Proof of Stake, we started wanting to see the whole picture, explained in the same place, in an easy-to-understand way. We got Luxcore to write for this week’s primer on Proof of Stake – hope you find it as good (and funny) a summary as we did!

The 2002 Charlie Kaufman / Spike Jonze film Adaptation is not, in fact, an adaptation of the Susan Orlean book The Orchid Thief as it was initially intended to be but rather a fictionalized story of the screenwriter’s struggle to adapt the book. I thought about pulling a similar stunt with this piece. How to write a primer on a topic so large, so complex, so fluid as Proof of Stake?

adaptation-5329dc4a9e36d.jpg

Source: Sony Pictures

In the end, I concluded a story about my struggle to do so would be of little utility to anyone, save perhaps my therapist. So let’s see if we can tackle this head-on, and hopefully by the end of this article we’ll all know just a little bit more about Proof of Stake than we did at the beginning.

Proof of Stake has been one of the most significant evolutions in cryptocurrency and blockchain consensus over the past 12 months. But what is it exactly, and what is it supposed to do? Is it really the future? The solution to all of crypto’s problems as some might have you believe? Well, just like Proof of Stake itself, the answer is… complicated.

Wherefore Proof of Stake?

Proof of Stake is a consensus mechanism for cryptocurrencies that provides an alternative to Proof of Work. To understand what Proof of Stake is, we must first understand a little about Proof of Work. A blockchain is a peer-to-peer database system with no central authority figure. Responsibility for its maintenance is shared among all network actors, and in this way a blockchain is both decentralized and trustless.

The reason it is called a “blockchain” is because transactions are bundled into blocks, and each block after the first (the Genesis block) references previous blocks in a way that links them together in a chain. It needs to be protected against someone making up their own blocks and sticking them in the chain, or going back and breaking the chain at an earlier point to stick in a new block. If either of these actions were allowed, there would be any number of chain variants, and nobody would know which one was the right one, effectively rendering the cryptocurrency pointless and, of course, worthless.

BlockChain.jpg

The mechanism that decentralized blockchains use to protect their integrity is called consensus. Consensus means that the majority of the network has to agree on every block that gets added to the chain. Proof of Work is the original form of blockchain consensus developed for Bitcoin by the infamous Satoshi Nakamoto.

With Proof of Work, network participants race to solve cryptographic puzzles to mine a block in order to add it to the blockchain. Once a miner finds a solution to the puzzle, they present it to the network for verification. Although solving the puzzle is deliberately difficult, verifying the solution is easy. If the network agrees the solution is valid, the block is added to the chain and the miner who found the block is rewarded with some cryptocurrency coins for their successful effort.

Proof of Stake performs the same function as Proof of Work: it is a method for maintaining consensus so that the blockchain cannot be tampered with. However, it does so in a very different way; a way that attempts to solve three of Proof of Work’s most significant criticisms.

The Shortcomings of Proof of Work

Environmental Concerns

The first criticism of Proof of Work has to do with environmental sustainability. The cryptographic puzzles that need to be solved for Proof of Work require considerable computing power. As the mining rewards for a cryptocurrency become more profitable, more computational power comes online to compete for those rewards. An estimate late last year suggested the worldwide electricity consumed in mining Bitcoin was enough to power Denmark. If cryptocurrencies increase in value over time, then so too will the power consumption requirements needed to mine them. This is an unsustainable trajectory with conceivably devastating ramifications for our environment. This factor further gives rise to the second, more insidious criticism of Proof of Work.

Centralization

When more computational power comes online, the complexity of Proof of Work’s cryptographic puzzles increases in direct correlation. As the compute requirements for finding solutions to these puzzles begin to exceed the capabilities of consumer-grade hardware, the mining power (and thus the blockchain consensus) becomes increasingly centralized in the hands of a few powerful miners with massive industrial operations. Bitcoin mining giant Bitmain is projected to earn revenues of $10 Billion in 2018; more than Nvidia and more than AMD. When it comes to the race to solve puzzles against such competition, home users simply don’t have a chance.

Depositphotos_189701408_xl-2015.jpg

Homogeneity of Node Hosts

The final criticism of Proof of Work is that miners do not need to run a copy of the blockchain themselves. If they choose, they can mine to a pool which pays them out to an address that might reside on an exchange or a light wallet that interacts with the blockchain but does not keep a copy of it. The impact of this is that those who bother to host copies of the blockchain are primarily major users such as pool admins, explorer admins and industrial miners. This means the connected network actors are not representative of the user base as a whole, and this poses problems to cryptocurrencies such as Dash that seek to involve users in their decision-making processes in a practice known as governance.

The Proof of Stake Advantage

In a nutshell, Proof of Stake is a system wherein users take the coins they have in their wallets already and put them at stake. When they put their coins at stake, users are entered into a pseudo-random selection pool for a chance to mint – the stakers’ equivalent of mining – the next block. That’s how even low-balance stakers stand a chance against high-balance stakers in the race to mint the next block.

Furthermore, Proof of Stake directly addresses the main criticisms of Proof of Work. Staking requires only minimal computing resources relative to Proof of Work. It legitimately solves the environmental sustainability problem of cryptocurrency. Moreover, a staking wallet can run on even the most entry-level modern consumer-class computing hardware such as a Raspberry Pi, making it accessible to all would-be participants and theoretically fostering decentralization.

Depositphotos_165829170_xl-2015 (1).jpg

Since users are required to keep their coins in an at-stake state in order to earn block rewards, they are thus required to keep their wallets connected to the network. This incentivizes broader participation in terms of hosting live copies of the blockchain among all types of network actors and therefore greater representativeness in governance endeavours, and wider decentralization of the network overall.

New developments in Proof of Stake include staking pools, the staking web wallet and the staking offline cold wallet. These might seem upon first glance to counteract the decentralization advantage of Proof of Stake due to centralized ownership and control of the hosting server architecture. However, decentralization depends not on hardware ownership, but rather on control of the blockchain assets (i.e., the cryptocurrency coins).

Proof of Stake almost sounds too good to be true, doesn’t it? Well, that’s because it sort of is.

Look Closer and You’ll See Its Blemishes

Proof of Stake is still in its infancy, and not all Proof of Stake blockchains are created equal. Any network that exclusively utilizes wallet balances for its selection algorithm will necessarily result in a situation wherein only the most affluent coin holders are likely to mint blocks, thus failing to address the centralization challenge associated with Proof of Work. A Proof of Stake network that rewards only its largest coin-holders is said to be a plutocracy. Given the dearth of staking pools relative to mining pools for smaller network actors, it would be reasonable to argue the centralizing influence of a plutocratic Proof of Stake blockchain is more severe than that of Proof of Work.

On the flip side, coin age as a selection method also has a significant drawback. It’s possible to manipulate coin age by keeping a large collection of coins offline for an extended period of time, thereby accruing age and thus selection capital. Malicious actors could leverage that manipulability to collude and inject a massive influx of very old coins into the network, thus achieving a dominant position in the consensus algorithm that they could use to attack the network.

When it comes to the security of a Proof of Stake blockchain, we frankly have much to learn about its possible attack vectors. The two we do know of most intimately, though, are the so-called Nothing-at-Stake attack and the Long-Range attack.

Remember how I said earlier that earning block rewards depends on a user’s ability to win the race to the next block? Well, what happens if that race ends in a tie? Suddenly, the blockchain has two distinct blocks at the same point in the chain. This results in a fork. The chain splits into two and although everything that exists before that tie occurred is on one chain, everything that happens after is on two, totally different chains. These ties can result from happenstance, but often they are manipulated on purpose by malicious network actors.

chainsplit.jpg

Different cryptocurrencies deal with forked chains in different ways, and I won’t go into too much detail about it here because that’s beyond the scope of this article. Suffice to say, a methodology is implemented to choose the “right” chain, and this depends primarily upon user adoption. Proof of Work miners are thus incentivized to mine on the most popular chain at the exclusion of other chains to ensure the network selects it as the consensus chain. Choosing the “wrong” chain in this instance means miners would receive rewards that don’t actually exist on the consensus chain and cannot be exchanged with other network participants.

Nothing-at-Stake Attack

With Proof of Stake, on the other hand, a user’s wallet balance can exist on all available chains until which time a consensus chain is chosen. Therefore, instead of having to choose the “right” chain among the potential options, stakers are incentivized to stake their coins on all available chains to make sure they are rewarded regardless of which chain is selected by consensus. Unlike Proof of Work miners, stakers have nothing to lose. Said differently (and more ironically), stakers have nothing at stake.

This behaviour can result in the persistence of multiple chains, with no chain being selected as the consensus chain. If a cryptocurrency had multiple chains floating about, with participants unable to determine which one they should use, then it would effectively lose all purpose and value.

Long-Range Attack

A Long-Range attack is similar insomuch as it results in the creation of multiple chains. However, a Long-Range attack is even more alarming because it has the effect of starting a whole new, seemingly valid chain from basically the beginning – a chain upon which none of the previously-minted blocks exist.

All Proof of Stake blockchains have to begin somewhere. Unlike Proof of Work, however, there is no mechanism for distributing coins across a Proof of Stake network since block rewards depend on wallet balances. Proof of Stake blockchains thus either commence with an Initial Coin Offering (or ICO) or an introductory period of Proof of Work hashing in order to create that distribution.

As time passes and an increasing number of stakers join the chain to obtain block rewards, the distribution of coins across the network becomes increasingly decentralized. However, those first few Proof of Stake blocks would have had a much smaller user base. Potentially, that user base is small enough and homogeneous enough that the original group of stakers can agree to go back and revive an older version of the blockchain.

Some cryptocurrencies attempt to resolve this by stipulating that blocks of a certain age are ineligible for dispute. But that only reframes the problem; it doesn’t resolve it. What happens if someone connects their wallet to the network after a period of being offline that exceeds the stipulated age threshold? And of course, what are new wallets syncing from scratch supposed to think about all this?

Solving These Flaws Causes Proof of Stake’s Ultimate Flaw

Since the risk of both attacks is constant for Proof of Stake – that is, multiple chains can exist at any given time – there arises a continuous need for a method to determine which will be the consensus chain. For new nodes coming onto the network, an attacker could convince them that their nodes are fully trustworthy, and without a method for establishing their reputation new nodes can be easily duped. This is a problem known in cryptocurrency circles as weak subjectivity.

Again, there is no one answer here, as different cryptocurrencies address the issue in different ways. The most common method is to have a trusted, authoritative source on the network broadcast the hash of the valid chain at regular intervals.

This completely undermines the very purpose of cryptocurrency, which is supposed to be decentralized and trustless. If cryptocurrency is to rely on a central third-party authority for it to function, then it is no different than traditional assets that rely on banks and governments.

On the other hand, some people believe the infusion of human-driven social information into the decision-making process about which nodes to trust on a case-by-case basis is actually a beneficial augmentation of the computer-driven consensus algorithm. Trustlessness be damned! According to Satoshi Nakamoto’s original vision, though, those people are just plain wrong…

Whither the Future?

All traditional Proof of Stake blockchains necessarily suffer from weak subjectivity. Absolutely all of them. And there’s absolutely nothing they can do about it unless they innovate.

For example, Ethereum has proposed a protocol to either penalize those who “equivocated” on a given block – that is, actively staked on multiple versions of the same block – or penalize those who staked on the “wrong” block. A malicious actor who submits or stakes on a faulty or tampered block risks losing all of the coins they had put at stake in minting that block. If another network actor detects malfeasance and submits evidence of a faulty or tampered block, the staker not only loses the block reward but all of the coins they put at stake to mint that block are permanently destroyed (with some portion going to the whistleblower as an award for their vigilance). Faced with the possibility of losing their at-stake coins, would-be fraudsters are discouraged from launching an attack against network consensus. Moreover, all stakers are incentivized to choose the likely consensus chain at the exclusion of alternate chains, similar to Proof of Work miners.

Another solution that has actually been in the wild for some time now is the hybrid blockchain. A hybrid blockchain contains both Proof of Work and Proof of Stake on an ongoing basis. (Note that I am not referring to projects with an introductory Proof of Work phase used to distribute blockchain assets that is superseded by a Proof of Stake blockchain.) Instead of doubling the potential attack vectors, the two halves of a hybrid chain work to protect each other. For example, the continued presence of Proof of Work blocks in the chain eliminate the possibility of a Long-Range attack against the Proof of Stake blocks, while the continued presence of Proof of Stake blocks in the chain incentivize miners to host a copy of the blockchain and ensure even minor network actors have an opportunity to earn rewards.

Depositphotos_16507485_xl-2015.jpg

Of course, any Proof of Work component drastically increases the electricity consumption requirements of a blockchain. However, some projects like ours are actively working to develop new Proof of Work hashing algorithms geared towards significantly reducing power consumption and heat generation. In this way, a hybrid blockchain can still retain the environmental sustainability advantages of Proof of Stake while benefiting from the protections offered by Proof of Work.

In Conclusion

Now that I’ve reached this point of the article, I’m very much second-guessing my decision not to mimic the Adaptation approach. I could have worked in more explosions that way, and maybe even a love scene.

I acknowledge this has been a long and meandering and – frankly – not entirely conclusive article. Proof of Stake remains in its infancy and it has some problems that we have yet to fully solve. If we’re honest with ourselves, the weak subjectivity problem undermines the fundamental purpose of cryptocurrency. But the fact of the matter is that Proof of Work is simply not sustainable should the cryptocurrency market continue to grow, so I have no choice but to conclude that Proof of Stake is a necessary step forward, but the question remains: How?

Certainly, this is not the end of the story. I expect there will be plenty of continued innovation and adaptation in the Proof of Stake realm over the next 12 months. Perhaps penalizing anti-social actors like Ethereum or developing hybrid blockchains like Luxcore will prove to be the next evolutionary stage for Proof of Stake – or perhaps it will be something entirely new we’ve never even heard of before. There’s even this thing called Delegated Proof of Stake that I haven’t mentioned because, well, I have to book an appointment with my therapist now.

Written by Lucas Marshall (aka deadthings)

About Luxcore

Luxcore is a blockchain solutions and services ecosystem providing enterprise-ready security and privacy products. The Luxcore platform is built upon a ground-breaking hybrid Proof of Work/Proof of Stake blockchain using a 100% customized consensus algorithm, the ultra-energy-efficient PHI2.

Luxcore offers an unparalleled suite of advanced features such as Smart Contracts, Cross-Platform Interoperability, SegWit, Block Pruning, and the Parallel Masternode Network (PMN). Never before have all these featured been combined on a single blockchain. As a result, Luxcore offers an unmatched degree of flexibility, sustainability and forward-compatibility for developing on-chain products and dApps.

Luxcore’s principle focus is to leverage its platform to address and ultimately resolve real-world use cases with blockchain technology. There is no limit to the industries and verticals for which Luxcore’s blockchain solutions and services apply: finance, insurance, government, supply chain, health care, and many others.

Led by antivirus pioneer and tech mogul John McAfee as CEO, Luxcore boasts a large and dedicated team of blockchain professionals. The team is well-equipped to support consumer and enterprise users alike in both ideation and implementation of blockchain solutions designed to address real-world needs in a way that is affordable, innovative and secure.

Find out more on the site and join the conversation on Twitter.