[Cryptography] Proposal for a PoS blockchain
matbit at airmail.cc
matbit at airmail.cc
Fri May 22 21:49:11 EDT 2020
Hi everybody, It may not related to cryptography at the moment, but
later it faces cryptographic engagements.
So the question is “can we establish a blockchain (precisely DAG) as an
infrastructure of a cryptocurrency, which uses only Proof Of Stack to
securing transactions?”. What are the flaws of this approach?
The scenario is like that:
- I develop and release the prototype software and run the first node.
- As a founder and the first member of the network, I made a to-do list
of future develops of that software. The goal is improve software and
strengthen its security. Also I planned to add many more features to
software.
- The software daily mints x amount of new coins (call it newCoins), and
these new coins are distributed among shareholders as soon as they are
minted.
- The number of new coins is halved after a certain time, till reaching
zero new coins.
- As a unique member of the network, I have total shares (cal it
totalShares). So all the new coins go into my wallet.
- I announce the software release and invite ALL developers to join
project.
- The developers run software and join to network. There is no PoW, so
there is no cost to join to network. Everyone can connect to network and
validate the transactions or send & receive coins.
- In case of double-spends attack handling, or participating in polling
ONLY the shareholders can vote. The only way to get shares is
participating in software development.
- Developers review the to-do list and accomplish some of those tasks,
if they like and can and want to do.
- After accomplish the task, developer claims her/his wage. She/he claim
how many hours dedicated to that particular task. Say 5 hours.
- Network members vote on the new contributor's claim. If the claim wins
the polling, the new contributor becomes a new member of the network.
Now new member has some shares in network. New shares are calculated
based on the hours dedicated to the accomplished task. For example if a
contributor dedicate 5 hours to a task, she/he will have 5 shares. So
now the new total shares are totalShares+5. So in next minting, the new
contributor will get ((5/totalShares) * newCoins) coins.
- The new member also has the right to vote in proportion to her/his
shares.
- With each new contribution, the number of shares increases, but the
minting coins are fix, so the dividend of treasury will decrease.
- In order for the distribution of wealth to be fair, each share will be
valid for the next 7 years from the issuance date. So contributors have
two incentives to keep continuing to work.
- The to-do list is regularly updated by network shareholders. They
polls regularly to add/remove tasks to list. The first goal of tasks is
developing and maintaining software itself. Shareholders can/will add
other tasks as well.
- The graph topology is DAG, so theoretically it will be scalable
(unlike blockchains). Every block contains the hash of all its
ancestors.
- Since this money is community-based, so the network members make it
secure. We do not need PoW at all. The 51% attack still is possible like
every other blockchains (PoS, PoW, DpoS, LPoS), but the cost of the
attack is very high, because it destroys the member’s "current shares"
and the “future’s income”.
- In early days this new money worth nothing, but after a while we will
have the “pizza day”. This new money is a social contract -like
Bitcoin-, and because of its scarcity will have some value. And its
value increases over time. Since we are creating a “good money” which
has many good features, it will be used as a currency in daily trades.
- Famous double-spend problem: So let start with CAP theorem which
claims in partitioned distributed system you can not have both
Availability and Consistency features together and you can have only one
of them. So I prefer to choose availability in spending maturated coins,
and Consistency in spending not maturated coins. Therefor I make a 12
hour settlement time for transactions. That is, all transactions are
immediately recorded in blockgraph and they are absolutely irreversible.
But the recipient can not spend coins before 12 hours. This 12 hours
makes an powerful security for transactions and help the network’s
synchronization as well.
And now about double-spend problem. If a cheater actor try to spend a
coin double(or multiple) time, both (or all) transactions will be
rejected and all coins engaged in double-spend transactions will be
seized in favor of network’s treasury. So the cheater will hurt itself.
In fact after a certain percent of shareholder's confirmations the
cheater even can not hurt itself and the second spending transaction
simply will be dropped.
- This new money and its network are distributed and have no single
point of failure.
- adversaries can bribe or force or eliminate the key persons or major
shareholders (much like shouting down some mining farms), but here the
community can fork with zero cost and continue the network. Note that
the coins still are valid, but network abolished some corrupted
shareholders, so they still have their coins, but can not vote anymore.
- At the end of the day we will have a proved “good money” and a robust
software (client & wallet) to manage it.
- I think this kind of PoS is as secure as PoW, since everybody knows
everything. We have a DAG and at least once in a day all leaves will be
merged to a single leave. So having this merged leave hash is enough to
ensure about the graph’s health. To make this hash (and implicitly the
DAG history) immutable, shareholders will sign this hash and the hash of
signatures can be registered in Bitcoin’s block (although in my opinion
it is not too necessary). Is it right? Is there any flaws?
- In my opinion Satoshi used PoW as a mechanism to distributing coins in
a loosely random and fairly way, despite the other functionalities of
Pow (such as securing network). Is it true?
Any comment, hint, tip, note or critique is welcomed.
Thanks for your time
Hu
More information about the cryptography
mailing list