top | item 31963301

(no title)

ntoskrnl | 3 years ago

I'm extremely skeptical that it's more secure.

PoW burns a lot of energy, but the algorithm has an elegant simplicity to it. Crucially, the _work_ is impossible to fake.

PoS (very roughly) means that the richest control the network... which seems reasonable. But suppose you decide to rewrite the blockchain to say you're the richest, do you then control the network? It's a circular loop, and defending against those kinds of attacks is dramatically more complex. I've been lightly following development and I get the sense they've been playing whack-a-mole with vulnerabilities and bugs since ~2016. It's hard to have confidence in the result.

discuss

pshc|3 years ago

Even if you controlled 51% or even 67% of the staking power, you would not be able to “rewrite” the blockchain to give yourself free money. A common misconception. All state transitions must follow the rules of the chain.

ntoskrnl|3 years ago

To be clear, I'm not claiming that any particular implementation of PoS is vulnerable to this exact attack. It's an illustrative example of one class of attack that is a danger on PoS chains but not PoW chains, and might help people intuit why PoS implementations are more complex.

Coming back down to earth, this is why ETH requires checkpoints[1], but PoW chains do not[2].

[1]: https://ethereum.org/en/developers/docs/consensus-mechanisms...

[2]: https://bitcoin.stackexchange.com/questions/75733/why-does-b...

Gigachad|3 years ago

Miners can not rewrite the blockchain. They only get to choose which transactions go in and which are rejected or delayed. Each transaction must be signed by the wallet owner so miners can not just assign money to themselves.