Proof-of-Work versus Proof-of-Stake
Cryptocurrency can be confusing for a new user. There are many terms that the newbie must understand if he wishes to be a knowledgeable investor or observer. From “HODL” to blockchain, the potential list of vocabulary words is a long one.
One of the more important terms one need to understand is “consensus.” In the crypto world, there are two primary means to consensus: proof-of-work and proof-of-stake. This article will look at the two and how they differ.
When asked, most people would assume that they know how to make decisions: you have a discussion, you hear the options, and you choose the best option available. Even if you wanted to remove all the control from yourself, you just have a vote with everybody involved. This seems simple, but a deeper look reveals flaws.
For example, why is it you that get to decide or to hold the vote? Do those involved in this decision truly trust you to be fair? Are you being fair? How do you know that everyone voting is being fair? What happens if your decision is rejected?
Decision-making is an exercise in trust. Among family and friends, that trust is “baked in” because there is a common expectation of shared altruism. Simply put, you will do nothing that would disadvantage yourself, so – as part of the group – you will decide in good faith. In other words, trust is a measure of your ability to believe that someone will act in good faith; it is a measure of hope.
“Some people are natural risk takers; others are innately cautious,” Robert F. Hurley wrote for the Harvard Business Review. “How tolerant people are of risk has a big impact on their willingness to trust—regardless of who the trustee is. Risk seekers don’t spend much time calculating what might go wrong in a given situation; in the absence of any glaring problems, they tend to have faith that things will work out. Risk avoiders, however, often need to feel in control before they place their trust in someone, and are reluctant to act without approval. Not only do they not trust others, they don’t even trust themselves. Research by the organizational anthropologist Geert Hofstede suggests that at some level, culture influences risk tolerance. The Japanese, for instance, tend to have a lower tolerance for risk than Americans.”
“Psychologists have shown that individuals vary widely in how well adjusted they are. Like risk tolerance, this aspect of personality affects the amount of time people need to build trust. Well-adjusted people are comfortable with themselves and see the world as a generally benign place. Their high levels of confidence often make them quick to trust, because they believe that nothing bad will happen to them. People who are poorly adjusted, by contrast, tend to see many threats in the world, and so they carry more anxiety into every situation. These people take longer to get to a position of comfort and trust, regardless of the trustee.”
The reality is that – from an analytical point of view – we do not know much about trust, but it is essential. “Trust involves the juxtaposition of people’s loftiest hopes and aspirations with their deepest worries and fears. It may be the single most important ingredient for the development and maintenance of happy, well-functioning relationships,” Jeffry A. Simpson wrote in his paper “Psychological Foundations of Trust.” “Several major theories, including attachment theory and Erikson’s theory of psychosocial development, are built on the premise that higher levels of trust in relationships early in life lay the psychological foundation for happier and better functioning relationships in adulthood. Tooby and Cosmides claim that trust-relevant emission and detection mechanisms should have evolved in humans, given the importance of gauging accurately the intentions of others.”
“Considering the centrality of trust in relationships across the lifespan, one might expect the topic would have received widespread theoretical and empirical attention. Surprisingly, it has not. Although there have been significant pockets of theory and research on the subject, relatively little is known about how and why interpersonal trust develops, is maintained, and unravels when betrayed.”
So, what happens when you cannot trust anyone? What if you must decide with a group of strangers. If the stakes are small enough, one can just decide and take the loss if it comes. What, however, if the stakes were much higher?
Let’s visualize an example. Let’s say your daughter suffers from renal failure and is on a hospital-supplied list for a replacement. The hospital – out of fairness – decided to allow the recipient pool to vote for who gets the transplants when they become available. The hospital itself is not involved in this decision-making or in the maintenance of the list; they simply want a name, and that’s it.
Now, how would this decision-making go? Every participant in this vote have stakes that would suggest untrustworthiness. No one want to die or see a loved one die. If you cannot trust anyone on that list, or anyone that supports anyone on the list, who will be responsible for the list? Who would safeguard it? Who would gather and count the votes? How would you know that others’ votes are not malicious or intentionally biased?
This decision-making in a trustless environment is known as a “consensus protocol” and it is the key behind cryptocurrency. It is also known as Byzantine fault tolerance (BFT), named after the classic Byzantine generals’ problem in cryptography.
The problem goes like this: imagine that a city was under prolonged seize by several Byzantine armies that surround the city. All routes of escape are blocked by the armies, but the armies must maintain position to ensure containment. If the armies can move as one, they can maintain the boundary; but, if one or more of the armies are out-of-sync, it would create a weak link that the city’s forces can exploit to break out. The city is large enough that the armies’ generals cannot see or speak to each other directly. There has also been talk of potential treason among the ranks.
So, how would the generals coordinate the attack while filtering out any treasonous attempts to distort or control the vote? The means to how one proves their “sincerity” while voting for consensus is a “proof.” Say that before the seize, the generals establish a code that only they can use. The code is difficult to use and takes five cryptographers many hours to encode a message. The recipient, however, could quickly read the message and verify the cryptography proof with a cipher. This would be “proof-by-labor” or a proof-of-work. As it would take a traitor an enormous amount of time to fake a message to the other generals and while the recipient will be able to check the verification, it is generally considered wasteful to attempt trickery.
On the other hand, a general could confirm his message by sending a large company of his soldiers to deliver it. As the general could not afford to lose these many men through deceit, this would constitute a trustful message. This is “proof-by-collateral” or proof-of-stake.
Neither proof method is foolproof. A dishonest actor can opt to lose his time or collateral if he thinks the rewards will be greater and if he believes he can get enough of the verifiers to go along. However, in most cases, these proofs create a situation where the vast majority of transactions are trustworthy.
Looking back at our donor list example, one way to resolve the list custodianship problem is by having everyone maintain a copy of the list. Votes are done on a regular schedule, and ballots are shared to all pool participants by using a “puzzle box” program that requires the voter to solve a complicated self-identifying puzzle to secure his vote. The other “puzzle boxes” can instantly validate this vote as being valid through an authorization scheme.
This would require the person seeking trust to perform work to assert his/her trustworthiness. This is called “proof-of-work” and it is the preferred consensus protocol for bitcoin, Ethereum, and many other coins. The work being performed here is mining.
“A proof of work is a consensus algorithm in which it’s costly and time-consuming to produce a piece of data, but it’s easy for others to verify that the data is correct,” Async Labs writes. “The most popular cryptocurrency Bitcoin is using Hashcash proof of work system. Although initial Hashcash idea was to fight against email spammers, Satoshi applied this idea to bitcoin transactions.”
“For a block to be accepted by the network, miners have to complete a proof of work to verify all transactions in the block. The difficulty of this work is not always the same, it keeps adjusting so new blocks can be generated every 10 minutes. There’s a very low probability of successful generation, so its unpredictable which worker in the network will produce the next block.”
“In a network users send each other coins and ledger gathers transactions into blocks, but someone should take care of all transactions and validate them. In every blockchain some nodes are doing validation In the example of Bitcoin miners are nods. The way those nods authorize transactions depends on consensus algorithm, it doesn’t need to be proof of work, but in Bitcoin example it is. Long story short, proof of work is a system which ensures security and consensus throughout blockchain network. It’s evident that participant which validates block have invested significant computing power to do so.”
The way this works is straight-forward and so simple, a person can do this with a pencil and paper. For a successor block, the mining solution take the hash of the previous block’s header, the hash of that block’s content, and a random number called a nonce and compute it into a 64-bits string. The software then converts that string to 32-bits. If that string 1) does not have 18 leading zeroes and 2) is not lower than the cryptocurrency’s current difficulty target, the mining software tries again with a new nonce and with the block in its current state, which will have new transactions. To make new guesses, the mining software will have to validate new transactions.
Once a miner found a hash that works, it will announce a stop-work order across the network. Nodes that have partially-finished blocks will discard them, while mostly-finished blocks will be marked as stale or uncles, depending on the coin’s protocol. Ties are settled by examining the “work” behind finding the block, or the energy expenditure used in transaction processing and guess-making. The harder-working node gets the block.
This is a far-from-perfect system. For example, this system requires at least half of the mining community to faithfully validate the blocks and the transactions. If a bad actor was to control most of a network’s hashing power, that miner can have his blocks – and only his blocks – past validation. This would effectively fork the blockchain, and as his fork will grow faster than the other fork – due to controlling most of the hashing power – his version of the blockchain will be read as the primary one. This will allow the bad actor to cancel transactions, double-spend coins, and steal block rewards. This is known as a “51 Percent Attack” and is increasingly becoming common among lower validation coins.
Additionally, if the cost to mine a coin is lower than the profit to mine, there may be a bleed-out of miners. This may result in a situation where there are not enough miners to quickly validate transactions, resulting in a loss of trust in the consensus process.
Proof-of-work is taxing on computers not because of the difficulty, but because of the speed need to perform the hashing process repeatedly while simultaneously validating transactions. The best miners are not necessarily the strongest processors, but the fastest. This is why Application-Specific Integrated Circuits (ASICs) – which were designed just to do the one function they were meant for – are better suited to mine than GPUs or CPUs, which must multi-task between multiple task groups.
What if, however, for the hospital group, a member passed on a copy of something valuable and unreplaceable with his ballot, such as the deed to his house. Of course, it is understood that if the ballot is okay, the house would not trade hands. But, if the voter was to act in bad faith, the voter may have just made himself homeless. This “voting by collateral” is known as “proof-of-stake.”
“Proof-of-stake” in cryptocurrency basically say that the right to validate transactions is proportionately based on your stake in the coin distribution. If you have 15 percent of the coin distribution and you stake 15 percent on your node, you will be entitled to validate 15 percent of the transactions and mine 15 percent of the blocks. To avoid centralization, block origination would be by random seed or some other means.
“The proof of stake was created as an alternative to the proof of work (PoW), to tackle inherent issues in the latter,” per Investopedia. “When a transaction is initiated, the transaction data is fitted into a block with a maximum capacity of 1 megabyte, and then duplicated across multiple computers or nodes on the network. The nodes are the administrative body of the blockchain and verify the legitimacy of the transactions in each block. To carry out the verification step, the nodes or miners would need to solve a computational puzzle, known as the proof of work problem. The first miner to decrypt each block transaction problem gets rewarded with coin. Once a block of transactions has been verified, it is added to the blockchain, a public transparent ledger.”
“Mining requires a great deal of computing power to run different cryptographic calculations to unlock the computational challenges. The computing power translates into a high amount of electricity and power needed for the proof of work. In 2015, it was estimated that one Bitcoin transaction required the amount of electricity needed to power up 1.57 American households per day. To foot the electricity bill, miners would usually sell their awarded coins for fiat money, which would lead to a downward movement in the price of the cryptocurrency.”
“With a PoS, the attacker would need to obtain 51% of the cryptocurrency to carry out a 51% attack. The proof of stake avoids this ‘tragedy’ by making it disadvantageous for a miner with a 51% stake in a cryptocurrency to attack the network. Although it would be difficult and expensive to accumulate 51% of a reputable digital coin, a miner with 51% stake in the coin would not have it in his best interest to attack a network which he holds a majority share. If the value of the cryptocurrency falls, this means that the value of his holdings would also fall, and so the majority stake owner would be more incentivized to maintain a secure network.”
Due to PoS solving the problem of miner disinterest, some cryptocurrencies, such as Ethereum, that used PoW have plans to transition to PoS in the future. As PoS is considered more resistant to “51 Percent Attacks” than PoW, more new tokens are choosing to use PoS. But, as PoW is the consensus protocol of bitcoin, there will likely always be a place for PoW.
“The purpose of a consensus algorithm, in general, is to allow for the secure updating of a state according to some specific state transition rules, where the right to perform the state transitions is distributed among some economic set,” Ethereum creator Vitalik Buterin once said. “An economic set is a set of users which can be given the right to collectively perform transitions via some algorithm, and the important property that the economic set used for consensus needs to have is that it must be securely decentralized – meaning that no single actor, or colluding set of actors, can take up the majority of the set, even if the actor has a fairly large amount of capital and financial incentive.”