> This time bomb has, however, functioned more like an alarm clock with a snooze button. In October 2017, when mining time had already nearly doubled to 30 seconds, the Ethereum team reset the clock, delaying PoW’s doomsday by about 12 months. And they will likely hit snooze again shortly.
How can Ethereum be decentralized if they can so easily keep changing it?
> In June, they decided to make a clean break and to build an entirely new blockchain—one that operates solely via PoS.
How can Ethereum be decentralized if they can so easily keep changing it?
I'm a total dilettante in crypto but if something is decentralized you can't make large-scale changes to it at the drop of a hat.
Imagine how much coordination effort it takes to change TCP/IP or HTTP.
The development of crypto has really demonstrated an institutional inertia to moving away from the blessed official implementation. Tons of BTC forks were tried and failed, and almost all coins die when development stops than see their clients forked.
A lot of it, I imagine, has to do with... trust. That magical thing crypto users keep trying to keep decentralized. But when development of the currency is centralized... and at the end of the day, someone is the owner of the git repo... you can't decentralize the implementation of the currency.
So what we see instead is enthusiasts putting their faith and trust in the sense of the developers of their chosen coin pretty much to the bitter end. You can fork these currencies - like Bitcoin Cash succeeded in doing for the most part - but you won't steal their mindshare or userbase to any major degree. They will stick to the original client or see that particular chain abandoned entirely.
Doge and so many other coins died to negligent or exploitative developers and whomever that someone is thats proposing to take over is an unknown, at least less trusted quantity. So most would jump ship than take the chance, so coins either stay under one development process or die completely with no real middle ground.
Isn't this an odd example to use since it was created to be a parody of cryptocurrency, or did I mix up my crypto-history?
If I issue 100 trillion “runeks”-tokens, and sell you one for one cent, this crypto will have a “market cap” of 1 trillion. But that doesn’t mean it’s either useful or successful.
Your example shows there’s something wrong with using market cap to measure the success of cryptocurrencies, not that Dogecoin is successful.
The Goldilocks Zone.
Or shall we call it The Goldiblocks Zone?
Most projects will be by successful leaders and enthusiasts, until one of these experiments will hit the perfect combination of factors, and gain world traction.
Think of the crypto industry as AI training, most is pure junk, until a regression is fit.
Grandparent had a good point:
TCP/IP were the right approach, and the internet grew rapidly in a big bang.
Personally, I think The Goldiblocks Zone won't be blockchain at all, it'll be decentralization.
We've seen sites like D.Tube grow 2,000,000% because there is NO pay-to-play scams, you just use it and it just works.
They, and other sites, including the Internet Archive (top 300 in world), use GUN for decentralization. Ethereum makes the mistake in assuming every site needs to operate like a bank, but people hardly use banking websites compared to YouTube or Reddit.
The best way to cut 99% of power out of Ethereum is to just make it a decentralized compute platform, not some pay-to-play blockchain. Then you can really scale up.
As a comparison, for instance, a P2P version of Reddit (notabug.io) can handle 1000X the throughput as Bitcoin on only $99 worth of networking hardware.
The efficiency gains here are economical, but also scalable. Neither PoS or PoW will ever be able to fine-tune for that.
Otherwise you just use a torrent network or IPFS as your decentralization store.
I do think there is a lot of potential there, especially with how ipfs-js and webtorrent are getting to where you can have users transparently seeding and reinforcing the network in the browser. Its going to open up a lot of alternatives to big dumb data centers storing exabytes of cat videos.
Strawman. There is a time and place for strong security guarantees, nobody said social networks and media hosting should be done on the same network you use to transact money with.
Maybe you'd be interested in EOS, Stellar and other transparent blockchain platforms? They make the same observation you do, not everyone needs to have complete control over everything they do online if that means every action has a cost, sometimes only having auditability is fine.
It's a strong consequence of the 0,1,N rule. The correct number of networks is clearly not "zero", and Metcalfe's Law ensures N networks are worse than N-1 networks with the same nodes in, so you get one network at the limit.
Once upon a time I'd have called it "the Internet" but that's really redundant at this point, just call it "the Network" and have done with it. One network, for everything, for everyone, for ever.
This isn't even a new idea, the Bell company couldn't build a single telephone network across the continental US until a better electrical repeater technology existed (today we barely even think of this problem because the transistor is so ubiquitous its original purpose becomes invisible) but they insisted it was a single network anyway, because that's very obviously what you actually want even if you still haven't invented the technology to do it.
e.g.: Imagine a fast but slightly centralized Twitter chain (only 21 validators let's say), committing hashes of every day of tweets to a decentralized public blockchain.
I'm not 100% sure whether that tweet posted by my friend 5 minutes ago is legitimate, but I don't need to be 100% certain to answer them and carry on the casual conservation. I can verify though, that the Trump tweet bordering on declaration of war posted 24h ago is indeed real, because the hash of the whole day of tweets was committed to a strong blockchain, and the author of the tweet didn't post any subsequent objection to it. I can proceed to hide in my bunker, confident in my choice.
This is perfect description. Best sentence I've read today.
From the minute they decided to back out The DAO's mistakes, they proved how centralized Ethereum was - anyone who believed it was a truly decentralized network left at that point.
There was no central entity mandating that everyone was required to run the "new" network. It was entirely up to miners and people running nodes to decide which network they supported. Further the decision to back out the DAO hack was done via vote so that's another important part of decentralization called consensus.
Is the choice to run a less valuable network really a choice?
Remember that the foundation people gave themselves most of the coins that will ever exist before the network was even started, even if a lot was sold long before there was a word for ICOs. Only ~ 20% or so of the supply will ever be mined. It is not economically rational to differ in consensus rules from the foundation.
Well yes it is, although people take Ethereum quite seriously the code-base led Vitalik has quite a distance to go before it completes the roadmap delivered some years ago. So it is fair for the foundation to patch hacks as well as provide other upgrades.
It you want to continue to use the hackable version because you believe that code should never change and be immutable and never change then that is also a choice.
It's meaningless as a store of value, it's too volatile because there's no government backing it or mature monetary policy, and pretty much everyone will take a lawyer and the legal office over a 'smart contract'.
If you want to force a transaction to be reverted you need to either create a cataclysmic event prior to the event you want changed, or you need to own billions of dollars in hardware and spend tens if not hundreds of millions on electricity currently to overpower the network via 51% attack.
I don't think "decentralization" is a good term to define cryptocurrencies like bitcoin or ethereum. There are lot of properties in these systems. For example limited supply, untamperability of history, irreversable transactions, permissionless use etc. You can compare to older systems offering similar features and how well these systems work compared to them.
Transaction capacity & speed is most often not the primary point of blockchain systems, somehow many seem to assume that. For example it is no possible to create truly irreversible transactions in centralized system, since centralized system is always prone to forceful intervention.
Reversible transactions are a huge positive.
I think that's a little simplistic.
Without reversibility you're not going to receive as much. People are far less likely to trust smaller or newer merchants without these sorts of features.
You probably also want your customers to be able to rectify mistakes, such as sending money to the wrong place.
I guess we could say when you are receiving you want irreversibility if you're planning to rip off your customers or otherwise not fulfil your contract with them
The point is that it is useful to both have reversible, and irreversible currencies existing in the world at the same time.
That way people who want to use reversible currencies can use that, and people who instead prefer irreversible ones can use those.
If you hand a bearer instrument like a bank note to someone, that transaction is technically irreversible. They put it in their pocket, and you can't recover it without a physical assault. You have to trust them to provide the goods or services that you just paid for. Or you have to trust the justice system that it will allow you to (eventually) recover your payment if the other party reneged. These remedies are often not available with cryptocurrency. You may be unaware of the counterparty's physical location or true identity, and even if you did, they may be in a different legal jurisdiction altogether. You can't round up a posse to go get the money back.
If you pay with a finance system account, you can dispute the charge with the payments processor, and your payment may be reversed by them, even after the cash balances have already been altered, by withholding payment from a future transaction through that processor. Criteria for reversal may vary between processors. If consumers trust the reversal policy of the processor, the merchants get more money, because consumers don't have to trust them or the formal justice system. They can get refunded now, and let the processor and the merchant argue over the details. This remedy is available to cryptocurrencies. While individual transactions are irreversible, it is possible to redirect future transactions through a trusted intermediary or a smart contract.
Basically, everyone wants an escrow mechanism of some sort built in to the system, so that if a customer doesn't get the goods or services, the merchant doesn't get their money; and if a merchant doesn't get paid, the customer doesn't get goods or services. As long as the transactions are irreversible, someone can get ripped off, and they have to go out-of-band for a remedy. As long as transactions are trivially reversible, someone can get ripped off, and they have to go out-of-band for a remedy.
Conveyance of money and delivery of goods or services are each half-trades. We don't like those half-trades. They're too much like gifts, in that there is too little ability to enforce reciprocity without a preexisting social link. If you conduct business in half-trades, you still have to trust, and people can still get ripped off. So far, cryptocurrencies only technologically validate the money-conveyance half-trade. What it needs is a way to validate the other half-trade, for goods or services, and bundle them both into an atomic whole-trade that either reverses or becomes permanent as a single unit.
Trade chains would be nice, too, but atomic transactions are what people need to trust the system instead of trusting each other.
If I pay someone for a laptop and instead of a laptop I receive a box of rocks, I can claim they didn't send the laptop and they can claim they did. There is no way for a third party to know who is lying.
The recipient could be lying to get a refund when they received the laptop, the sender could be lying to get paid when they sent a box of rocks. Maybe neither of us is lying and the delivery driver swapped the package contents.
This is not a problem alternative payment methods solve, nor one they created. See Amazon. The solution is some kind of insurance, which can be layered on top of any payment method -- you buy through Amazon using whatever payment method you like, they take a cut in exchange for eating the returns when sellers send the wrong stuff. Then crappy traders are the intermediary's problem and whether they kick them out or eat the losses themselves is their own choice.
But you don't want that kind of system built into the payment method itself, because it has overhead, and not all transactions require it. Sometimes the thing you're paying for has already happened and you're just settling your account, in which case a proof of payment is all you need out of the transaction. Sometimes you are buying something in person or can otherwise verify the goods yourself before making payment. Sometimes the seller is known and trustworthy enough that you're willing to buy without insurance. In all of these cases mandatory insurance is costly dead weight overhead, and they represent a significant proportion of transactions.
Meanwhile if you're buying from someone you don't trust and can't verify, you have the option of using an intermediary or escrow service or buying insurance. But that doesn't mean it needs to be mandatory in all cases.
You either need to replicate the trust system that greases cash transactions, or make the "get stuff" half of the trade as easily verified as the "move money" half. The latter is the easier part of the problem, because part of the reason that money is money is the fungibility factor.
Solving the former would eliminate counterfeiting, provide record of provenance, track supply chain, simplify customs clearance, and trivialize recalls in one stroke. But it is a truly massive undertaking. Solutions like insurance and charge-backs are several orders of magnitude cheaper to implement, and don't require an unbroken chain of cooperation from everyone in a supply chain from manufacturer to consumer.
It doesn't exist. It won't exist without a lot of work. But that's what everyone wants. Right now, protecting yourself from scams in a caveat emptor marketplace is an externality that can be diffused away, such that it can be paid a little bit at a time, by everyone. If you eliminate the possibility of scamming, that's removing a cost, such that no one has to pay it any more. A payments system that cannot be scammed by anyone but a giant conspiracy of renegades, or a state-level actor, would likely be preferred by everyone.
But a weak link like Amazon prevents this. They do not themselves know whether the goods in their warehouse are counterfeit, so if you buy something, receive genuine goods, and return a counterfeit to them for a refund, they don't even know that you were the one that scammed them instead of one of their "fulfilled by Amazon" sellers. If they eliminated the common binning, and were able to show that the goods shipped to you were verified as genuine, with a record of provenance going straight back to the factory, you wouldn't be able to do that. But Amazon would rather pay the scammers than pay someone to build a scam-resistant system. That's a reasonable business decision for one company to make. Society as a whole might prefer that the scammers get a smackdown instead of a payoff.
We want it at the systemic level, too. I used to work for financial traders. One day one of our traders made a quick profit by buying something at an absurdly low price. It turned out that a major market participant had fat-fingered a trade offer; they lost enough that the company could well go out of business.
Eventually the exchange stepped in, reversed all the transactions, and put things back the way they were. I thought our trader would be mad, but he just shrugged. And why not? The rules protected them all.
Well, yes, that's the question, isn't it?
HODL. Lambo. Moon!
That's about it.
The other thing to note is that decentralisation isn't just about ideology. If we forget finance and focus on data, a blockchain solution may in the future provide the ability for open federated data that is provably correct and can operated on transactionally.
Think flight availability: right now the majority of flight ticketing is controlled by Amadeus. A highly centralised, controlled and opaque service. Assuming _many_ technical problems were solved, a blockchain flight ticketing service could allow anyone to run a local node with real time availability that was guaranteed to be correct.
Even if this was run be a federation of providers, it would be a better solution than the current one.
Or do you believe that users would have followed the developers even if they forked the chain to pocket all the money themselves?
The majority of the ETH world doesn't believe that, which is why people like Charles Hoskinson left it.
That belief is contra to the concept of an immutable decentralized ledger, which means ETH isn't canonically a cryptocurrency, an immutable ledger, or a decentralized ledger anymore. The upcoming (well, it's never going to happen) POS fork is going to centralize it further among the very small number of massive whales who control the ecosystem.
In PoW only a few people have the resources to build and run mining farms. Certainly not me. In PoS anyone can stake on a desktop or laptop. This greatly increases the amount of people who can participate in the network.
Just to clarify a bit in an edit here -- As a general comment about POS vx POW, you have to purchase a huge amount of the cryptocurrency to participate in POS in a meaningful way -- so there is a cost to that just as there is in mining. The recurring costs of electricity are not there in POS of course.
I'm relatively confident the network will never go POS, but not confident enough to put money on it anyway -- you never know what these kids will pull.
The largest predecessor to bitcoin was e-gold
>The e-gold system was launched online in 1996 and had grown to five million accounts by 2009, when transfers were suspended due to legal issues.
The founder, Dr. Jackson, in July 08 - "pleaded guilty to "operation of an unlicensed money transmitting business" and "conspiracy to engage in money laundering"
Bitcoin founded in Aug 08 was decentralised so the authorities couldn't easily shut it and the founder went anonymous to avoid the problems of Dr. Jackson.
That's what the decentralisation is all about. It doesn't really matter that Bitcoin is effectively controlled by some Chinese miners or that Ethereum forks. It's about governments not being able to control them.
Your argument is like how left-liberals claim that poor Americans vote against their own self-interest by voting for Republican. No, they aren't voting against their own interest, they are voting for it, you just don't get what that is and in your mental model that's the case.
Specifically to your argument, can you pass an ideological Turing test of representing the opinion of people who supported the hard fork? In other words, sitting behind a computer, someone has to judge whether you are a true DAO hard fork supporter or not, and will they be able to correctly identify you.
The fact is, all software is mutable. All software (including Bitcoin) can go for changes (irrespective of the nature of those changes, which could even be, "hand over the write access of bitcoin network to federal govt").
So what is decentralization then if literally any piece of software can be changed if enough number of people go for it?
> If someone puts a gun to my head & tells me to write a hardfork patch, I will definitely write it. If I publish a patch to delete a bunch of accounts, how many people here would download & install the update & switch to that chain? I see few raised hands. This is called decentralization.
Sure, the Ethereum Foundation has substantial influence in the sense that their proposed changes tend to be adopted, but that's because they tend to propose good changes. If they propose a bad change, chances are the community will reject it. If they propose a questionable/controversial change, chances are the community will fork, as with the DAO fork.
"Sure, the government can send men with guns. But that's because they have the backing of the people. The police and the military. If they lose that, they can't."
A gun would have to be put to every individual miner's head to force the majority to upgrade. Even then, if it caused a fork, individual users have the freedom to continue using the old version, new miners can choose the old version. Miners can even switch back to the old version after the gun is gone. Everything will still work.
Equally police/military have probably been used when there would not be democratic support.
Did you have some examples in mind?
The analogy applies to this, too. Governments have long shown that you don't have to put a gun to each individual's head - murder a small amount of dissidents in a nasty manner and it quite effectively squashes dissent in a lot of cases.
A lot of miners are in China, which has lots of practice doing this.
If your currency forks, and you are now in the minority, chances are your values will fall, and become harder to make liquid, as the market shrinks.
With cryptocurrencies, anyone at any time can fork for any reason.
This can't be done with the government. The government will prevent you from doing so.
A cryptocurrency can't prevent another cryptocurrency from existing, though.
I understand that it is not describing a good situation but my understanding was that the miners are a part of the decentralizing infrastructure in the way that was described in the quote.
Also, if you wouldn't mind, could you suggest some other reading for me on creating decentralized applications not using blockchain. I've wondered myself if it makes much sense that everything would be built on blockchains in the future.
Another issue that I see with these projects that claim to be decentralized, for example ipfs.io is that they do not consider worst case scenarios so they cannot have a service level agreements on their service. Most of the customer networks are asymmetric, you have much more bandwidth to download content than to upload so if you are providing services than you are going to saturate your uplink. Nodes can also be turned off, worst case scenario is that all of the nodes are off that has a piece of data that you can't recover from anywhere else.
As of everything going to be built on the blockchain in the future, most definitely not. I think 2019 going to wipe out most of the cryptocurrencies and we are going to see very few successful blockchain (or more like distributed ledger) projects succeeding in the corporate space. Maybe there will be some use cases for blockchain/DLT like food traceability (one project i have contributed to) and customer warranty for example but all this hype that everything will be running on blockchain will just fade.
Decentralization doesn't mean it needs to be immutable. It just means that power and responsibility is distriubted to many.
> I'm a total dilettante in crypto but if something is decentralized you can't make large-scale changes to it at the drop of a hat.
Exactly, you're correct. It's not easy for these changes to actually take effect. It takes a majority of miners to vote for and adopt any change/fork. The miners are the ones who are running the decentralized network. Even miners who vote for the change can choose to not upgrade their software to the new version.
> Imagine how much coordination effort it takes to change TCP/IP or HTTP
This is why I'm amazed at the skill of the Bitcoin & Ethereum team's ability to continue upgrading a platform that has no central control.
So the "snooze button" as they call it, is pretty much guaranteed to keep getting pushed.
It is also impossible to create immutable software.
Ultimately, the consensus in any classical blockchain HAS to be uniform, and that introduces an element of centralization (via the consensus algorithm used). That has always been true, and the contentious forks of BTC (and lately BCH) with their fights about the ticker symbol, name, and who has the "true vision" have made this pretty clear. Differing minority opinions have to go the hard fork way and hope to build something better.
So you can (try to) decentralize the process of verifying that everyone is playing fair (whatever that means in your system), but so long as you all want to trade with each other, you must have a centralized authority of some sort, to decide what "playing fair" means.
1. Producing blocks that abide to old rules will do nothing - client software will just reject them as incorrect. Fork choice rule (e.g. longest chain or most work done) applies when choosing between two valid blocks, not between valid block and invalid block.
2. Attempts to do a famous 51% attack is crazy expensive and have low impact. Why low impact? Because small events that are similar to rewriting history 51% attack does happen all the time. They are called block reorgs and all the software which uses blockchain as a data store have to handle it properly. Also, such attack will be perceived by users as attack on them, solidifying community around opposition to miners.
3. Targeting difficulty adjustment algorithm by mining on a fork and leaving it at the beginning of adjustment period. Lets imagine 80% of miners leaving. For Bitcoin it would create a situation when adjustment period would last 8 weeks instead of 2. Blocks would be produced every 40 minutes at average instead of 10. Ethereum is immune to this type of attack since difficulty adjustment is done every block, not every 2016 blocks.
May I ask you to elaborate? My point is - miners' power over the network is extremely limited. They are just a paid work force, working on a very small margin. They have almost no say where network will go in terms of evolution.
OTOH, I am not strongly against it, as decentralization doesn't mean every single aspect has to be free of centralized decision making (starting with the name, logo or the code). In the end, users decide if they want to use it or not.
Bitcoin could be entirely ruined by a couple dozen people around the world in different ways at any time. Eth and other coins even more so.
The idea of who “gets trusted” in these coins is just nuts. I’m not anti-coin... but man, I’m feel like I’m far enough from it to see a reality that many want to ignore.
That's different to e.g. PayPal where your funds can be locked and there's nothing you can do.
Decentralized control over name, logo, features or code of a crypto coin is extremely hard to impossible, if only because there aren't too many people alive that can discuss core crypto features with any meaningful knowledge (I know I can't). Some coins do have governance features, but none of those have profited very much from that.
Furthermore, crypto value is beholden on whales not to just dumping their vast hoards of coins into marketplaces all at once. That is to say, the largest stakeholders in a chain have the opportunity to crush the value of that chain, which means that they have power over other users' choice of chain .
Itslired by the great mystery of bitcoin, it’s like an appealing urban legend to say “we don’t know who owns all our coin by design! wink”. So this doubly makes the coin devs more powerful than “but it’s decentralized” people want to admit.
One - every Ethereum update is a soft fork of the protocol
Two - they are required to be soft forks by the very existence of the difficulty bomb.
Three - running a blockchain is already a social activity that requires everyone participating to opt in to the same protocol.
I don't think it would be easy, by any means, to convince the community to move a different direction than that desired by the core devs. But my main point is that the difficulty bomb is a mechanism to force soft forks frequently. It is not a mechanism to force any particular long term path.
Also because from the very first whitepaper it’s been known Ethereum would move to PoS.
I think this is true of a lot of cryptocurrency tools as well. Centralization is okay. There is a lot of power that comes with it.
In my view Ethereum has chosen to wield that power while wearing the backwards hat and skateboard of decentralization and claiming to be one of the cool kids.
An important ability required to understand Ethereum is to be able to separate the raw technology's properties with the development governance story.
The Ethereum network derives trustlessness from PoW and its miners. The security guarantees these provide can be considered in isolation to politics. It's just numbers, and the git history of the various specs and implementations is public.
Any community can start a new chain, from any version of Ethereum. And they do, many altcoins are more or less 1:1 forks of Ethereum yet reach huge valuations. The Ethereum foundation has 0 power over these networks. That's what decentralization means in this case, even if the development is as centralized as any other FOSS project.
That's perhaps the least useful pejorative ever invented.
It's been a trivial observation from the start that if your problem is adequately solved by payment service backed with a traditional database then that will always have lower operating costs. (This does not mean blockchains are useless, but that there is a natural limit to their usefulness.)
Lately that's enough to get you branded as a "Bitcoin maximalist", which is more than a little bit silly.
The difficulty bomb is in the code but the node operators (miners, etc) have to chose to upgrade their clients to work with the new fork rules. The decision of which code to run and which chain becomes canonical is in the hands of the community of users and not the developers, despite the Ethereum Foundation having full ownership of the protocol development process.
It is the predecessor to Monero, development there stalled in politics, and some people forked Monero.
Admittedly, it wasn't very big when the split happened. I'm not sure of the capitalization.
The discussion is when did a coin - fork into a different coin and become more successful than it's predecessor?
Because if it's "well, never... yet!", then the argument that "development is centralized but that's ok because you can just fork it if you don't like the developer's plans" - is effectively a lie.
Also, while I probably know way less than you on this overall, I do know Monero has seen successful because it's effective to be run as a scam on victim computers (mining malware) and on websites that use JS on your computer to mine coin. Almost all the web and malware mines Monero. It gives me the impression as the least legitimate coin I can think of because of the number of times I've seen this.
I just want people to admit and understand their “decentralized” commodities are anything but. Yea, the mathy database is, but you still need to put all your trust in a handful of developers with mostly no economics experience, no oversight, and no track record.
Ethereum is not ready yet. When it is ready it will be decentralised. Still, miners need to agree for the hard fork and if they don't just like Ethereum Classic they can split. Protocol changes in blockchain projects are about consensus.
You can easily change How HTTP works on your own server, as can the core devs on a blockchain project.
None of that actually matters until clients begin using the new features/blockchain software en masse, that's where the decentralized piece fits in
From the article we read "the long-term hope is that apps built from them will eventually make Ethereum the ultimate cloud-computing platform." Ethereum does not claim to be a computing platform in the same way that AWS is; it's for low-complexity business logic only. I think it's misleading to use "ultimate cloud-computing platform" to describe Ethereum.
With PoW, an entity could theoretically out mine the 51% attacker by just throwing more hashing power at bitcoin
There's a lot of misinformation regarding PoS. Vlad Zamfir has spoken a lot on cartel attacks and how they're mitigated, but the biggest, and I mean bigger than biggest, argument against all of these attacks is that it's always detectable by honest nodes shy of 2/3rds attack and it defaces the value of the coin itself to attack at that volume.
You could do a hard-fork and slash their stake. In PoW, you can't do this.
> With PoW, an entity could theoretically out mine the 51% attacker
Not in the case of "selfish mining attack", where you may never know that an attack is happening until it's too late, you'll have little chance in defending with hashpower since the attackers will have a significant head start...
So ... theft?
you're being intellectually dishonest or even outright manipulative here.
there were never 184 billion coins created on bitcoin chain, there was a bug in validation logic of bitcoin client that made it follow the chain that was invalid.
are you seriously trying to compare that to stealing coins from somebody on a valid chain?
They're not stealing coins from someone on a valid chain, they are forking away to another chain and slashing the user's stake. The user will still have all their coins on "their" chain and it's up to everyone else to decide which chain is "the right one". If the 51% user is truly malicious, the majority of network participants will move away to the new chain, rendering the 51% user's tokens (near) worthless.
so being successful is punished by destroying all wealth of the richest participant in the network? nice.
> If the 51% user is truly malicious
Having 51% doesn't automatically make you a malicious user. People also wouldn't move away to another chain simply because someone or some group owns 51%. They would move if said person or group abuses the power they get from owning a majority.
It won't surprise me at all if a PoS blockchain ends up looking just like a two party political system, where every now and then you get to choose which fork/party has the least objectionable outcome for you, but where both choices leave you worse off than you started...
You and I can go fork Ethereum right now and now just tell people it's great, but show them it's great. It's like if we could fork the US government, refactor all the policies and let it run to demonstrate how good it is, and then people can come on board. You can't do that in politics, but you can absolutely do it in crypto.
It is not clear at all that a small political experiment will scale to a super power. It is equally unclear that a small crypto currency experiment will scale.
This is without even touching on how easy, or difficult to it is rally support for a new system. Quite difficult, I'd say.
It holds because you can demonstrate its utility on a small network.
Whilst this is great for decentralization, I've read interesting arguments in favor of ASIC mining. People who buy ASICs are committed to a coin. This leads to a stable base of mining. Meanwhile, GPU miners tend to mine whatever is the most profitable at any given time. This leads to large fluctuations in mining rates.
The Ether switch to POS has some people worried, as it might free up a lot of GPU power, which might overwhelm other GPU based POW systems.
Then again, any argument regarding mining algorithms is filled by people who have biases to the tune of 100 000$ of hardware investments.
PoS is way more secure.
I think Ethereum is going big places, but the AWS ledger solution is probably also going to be good for smaller industries where competitors don't trust each other, they want a database that's shared, and they all might trust Amazon enough to control it (eg if they're all using AWS anyway)
This has been possible since the 80’s due to public key encryption.
It’s not having to trust a central actor that’s the innovation behind e.g. Bitcoin.
To put it another way, the problems that Ethereum will solve are not ones that could be solved by AWS.
Despite both being energy/transport companies, Embraer and Tesla are solving two very different consumer problems.
You could make an argument it’s a competitor to AWS Lambda, but it would be akin to saying lxc is a serverless competitor.
Everybody can see the code/transactions that are run for free. Everybody can have their code run and execute transactions for a price.
There are quite probably innovative new things that can be built using Etherium's "world computer", but my guess is that almost _none_ of what's currently running on (and paying for) AWS resources will move to it.
Those are multi billion dollar business with billion dollar requirements in infrastructure investment on a yearly basis. Not going to happen.
There's not a lot to go in in those two words, but claiming they mean Etherium is out to capture all (or any) of AWS's customers is a _very_ long stretch.
If POS worked, great.
I wouldnt trust it for a half decade of use.
Only if we enumerate all possible attack vectors, and prove resiliency against these, is the proof as general as you claim. The difficult part — as the WPA2 paper shows — is the former.
How do you know when you’ve enumerated all possible attack vectors?
> peer reviewed
not so sure.
Most PoS systems I’ve seen basically reward the oldest money holders with the right to stamp new transactions. This reduces the cost, but is extremely centralizing, bordering on neo-feudal.
The cynic in me also notes that developers of these chains are regularly the oldest money, making their motivations suspect at best.
Most PoS designs don't otherwise favor old accounts. I know Peercoin does, but that's a very small project, and I'm not aware of any others. Ethereum 2.0 definitely won't have any such mechanism. In the current spec , staking is binary; either you have an active validator account or you don't.
Instead of mining, those who want in put down a stake of ether that they can mine it and get a better chance of winning based on the size of the stake. If they get caught cheating, they lose their stake. There probably going to be some fun when the first serious exploits happen (oh shoot, what happens if someone does [whatever]?) but I think the premise is solid enough that it's worth trying.
I do still have serious concerns over things like the DAO hard fork and the expectation that non-expert developers can or should be writing smart contracts, etc. Ethereum isn't perfect. But if they can provide the same service without the need for mining, all the power to them.
in that chain. In any distributed blockchain there's going to be several chain(tips) at any given time.
("Some or all" because the devs recognize that you might get hacked, so the penalty depends on how much of the total stake misbehaves at once. If it's only a small portion, it's not damaging and presumed to be accidental.)
Ie. the cheater just extends the chain at one block before the block that contains evidence of the cheating.
How will clients agree to use the chain that contains the cheating proof, and not the other — just as valid — chain?
And HN discussion: https://news.ycombinator.com/item?id=18780489
>Conjectured governance under proof-of-stake seems to involve programmers & other amateurs making legal & accounting decisions. Bitcoin governance does not. Even when lawyers & accountants properly take over PoS governance, PoW governance will likely be far more socially scalable.
Tuur is a pretty insightful guy, and even if he doesn't have the credentials, the critique stands on its own.
Until then, Ethereum continues to be unusable for serious dapps (which are rare to begin with) that have expectations that exceed having reasonable transaction throughput (<4/s, globally, for everyone) and latencies (minutes to hours).
Until then, this is a toy platform for wannabe ICOs, misc gambling applications, and not much else that I would qualify as substantial in transaction volume or user base. I
f your use case is "nobody does anything that requires a transaction to happen more often than maybe once a day and you can justify the high tranaction cost", ethereum is for you. Otherwise if say, you expect to have users that do stuff in your platform, use something else that works right now instead of waiting for the next two years for Vitalik et. al to actually deliver on their promises with something that is usable, scalable, stable, secure, and available.
We switched to Stellar, which also implements proof of stake and provides a reasonable compromise between security and availability. It has its own challenges but transactions clear in <4s and there are dozens to hundreds of them per minute globablly. It also skips the convoluted smart contracts (which IMHO are severely expensive, hard to fix, exploitable bugs waiting to happen) in favor of simple but adequate financial constructs builtin to stellar for custom assets, transactions with multiple signees, transactions with limited time validity and many other features that you can combine to emulate many of the more things people attempt to do on top of solidity. E.g. you can do escrow transactions, payment channels, and many other things. It also scales down reasonably well for micro transactions with values measured in a percentage of a cent (though payment channels are probably the way to go for that).
Bearing this in mind, we picked Stellar based on the fact that it has actually been around for a while and launched late 2017, is used by several more serious players in the ecosystem (e.g. IBM seems to like it) and a few fin tech companies are building stuff with it. It has a few tokens that seem less about speculative trading and more about solving a real problem (e.g. several stable coins that tend to be relatively stable in value, by design).
If you look at e.g. EOS, the picture is a bit different. It seems to be favored by asian gambling tokens which have pathetic numbers of transactions per day. Also, they launched after we decided to move to Stellar. Tron seems to have similar issues. Then there are a lot of smaller chains that are currently not launched yet e.g. IOTA, hashgraph, that you might see as potentially of interest in the future. After that comes a long tail of solutions that nobody can vouch for right now.
So, we're taking some risks here with Stellar but it seems to be relatively OK for us so far and I haven't really seen anything more suitable for our needs so far. In terms of transactions per second there's way more happening on Stellar than Ethereum is even capable of handling currently. Also, Stellar seem to have distanced themselves a bit from the whole ICO business, which I count as a good thing.
Sooo... paypal on blockchain?
Ethereum is a nice science project so far that may one day result in something usable and when that happens, I will look at it again. However, that is not right now and we are trying to run an actual business right now. Most of the smart contracts I've seen are convoluted and tend to solve things that Stellar can do out of the box with zero programming.
The smart thing seems to be to reuse smart contracts from Github and avoid writing your own and thus avoid taking the risk of introducing exploitable bugs right in the heart of your financial operation.
Not to say that they are useless, but I have no need for them with Stellar. That saved us a lot of time so far.
> It also skips the convoluted smart contracts (which IMHO are severely expensive, hard to fix, exploitable bugs waiting to happen) in favor of simple but adequate financial constructs builtin to stellar for custom assets.
To me that feels very very limiting and my optimism about Ethereum is the generality of the smart contracts and ability to programmatically enhance Ethereum.
It's incorrect to say they "can't figure out how to make it work." They figured out one way, then a much better way. Right now they have a near-complete spec; the remaining changes are small optimizations. Eight independent teams are working on implementations in various languages.
1. The number of nodes is not fixed.
2. The process for node selection is random, based on the amount staked. This happens continuously.
3. The D in DPoS is entirely optional. Anyone holding Tezos can directly participate by running a node. The only cost is the cost of a VPS.
The only real restriction* is a 10000 XTZ minimum for running a node. At current / ICO prices that's around $5k. While that's not cheap it's a lot more attractive than the CAPEX/OPEX of mining hardware.
Also, that $5k will grow by 5.5%++ per year, i.e., no depreciation of hardware and only a trivial amount of overhead.
Those not wanting to run a node (or with less than 10k XTZ) can delegate to a baker. There are a wealth of them available already.
*This restriction may be lowered in the future -- by way of on-chain voting (as opposed to a hard fork).
Some numbers regarding decentralisation: The last couple of (3-day) cycles the number of unique blockproducing nodes (bakers) has averaged just above 200 pr cycle, and is steadily increasing. The Tezos foundation nodes are now down to producing ~25% of the blocks.
I recommend this post for anyone interested in Tezos 'Liquid Proof of Stake'-model: https://medium.com/tezos/liquid-proof-of-stake-aec2f7ef1da7
This is mainly because a small amount does no damage and is presumed to be accidental, but also helps decentralize since you're safest not using a large staking pool, the most popular client, the most popular hosting service, etc.
Running as a small staker is feasible because the minimum stake is only 32 ETH, you're profitable if you're online at least 2/3 of the time, and the load on an individual node is feasible for a laptop. The computational load increases fairly linearly with the amount of stake, so there's little economy of scale for a large staker.
What Tezos does is merely let you lose a different key to custody funds and to create blocks. By itself this creates the possibility of delegation.
Last but not least, with trusted hardware the difference blurs even more.
The only risk associated with delegation is that the baker will run off with the baking rewards instead of distributing them. Of course, the incentive is low since this can only be done once. The community is active is discussing the trustworthiness of bakers (which, to date, has been pretty much all of them).
The staking risk (risk of losing a bond) is entirely on the baker. This incentivizes them to make sure they're not double baking or otherwise running misbehaving nodes.
However after reading that I am pretty sure the current Ethereum Serenity spec allows for delegation as well, so it seems to be on the same level Proof of Stake
The ETH network doesn't want to make it work.
PoS is a disaster waiting to happen for Ethereum.
It's true that Ethereum 2.0 will require 2/3 availability in order to finalize transactions, but that's true of any BFT system; see  for a proof.
Ethereum is designing the system specifically to accommodate that sort of problem, last I remember you needed 95%+ uptime to generate return, so if your internet goes out 5% of the time you should not stake.
Because it would be obvious?
The world does not exist in a state where a "true" network partition can ever happen.
A "true" network partition I would define as preventing all information, of any type, from going into and out of a country.
This is a ridiculous scenario that isn't even worth considering.
One party can hold >50% of all funds and we would have no way of knowing.
I wish people would look at less energy consuming proofs of work that still allow us real world evidence of decentralization.
We need more experiments like Chia with proof of wasted disk space instead of proof of wasted electricity.
Is is a compute platform? A cryptocurrency? Something else? Both?
Most notably, it requires no 3rd party trust to execute the code whereas traditional cloud architectures require you to trust that the execution environment is kosher e.g. amazon vm is not compromised, amazon hardware does not have side channel attack.
It is ideal to write a token or currency on ETH platform as state changes like balances are better left completed on trustless architectures
One party can hold >50% of all mining power and I find that far more likely.
Are there any candidates for this? I can't imagine a PoW problem where you can't get ahead by throwing more computers at it.
Generally, it is 'constant' w.r.t. the witness you are proving you know, and something like logarithmic w.r.t. the statement about that witness you are proving.