Part 3 by Matthew Czarnek
Proof of Stake has some serious blockchain trimming issues that Proof of Capacity does not have
It turns out that Proof of Stake has some serious blockchain trimming issues. To understand this, let’s start by describing the current idea for blockchain trimming. To take even one more step back, we should start by explain what a merkle tree is.
Here is a diagram of a merkle tree:
The idea is that you start with a bunch of data, in this case account information and hash it, then you pair up those hashes in a reproducible way. Eventually you arrive at the top hash. If you trace any of those leaves all the way up to the root, you all you need is the hash that is paired with it to very quickly prove that the data was correctly hashed together to create that top hash. The top hash is also known as the merkle root.
Using a merkle root you can store one root that is only about 32 bytes large that can prove that million of account balances had a certain state. Then you simply provide one hash per level of the tree which when combined with hashes of the data and previous levels proves that it belonged in this tree.
Because of the way this is stored, you only need log base two hashes per proof that certain data being held on to is correct. So for example, even once Burst gets to the point of having 1 billion accounts on the network:
This means that using only 30 hashes, you can prove that a customer has a certain account balance to any customer that wants it.
Point being, you can store just this merkle root that can be used to prove thatany customer has a certain balance. And other than some information about the miner and proof that the miner had permission to mine this block, this is the only information that is needed.
The key being in these block headers that are the only information you store is the Proof of Work, this is true for both Proof of Work and Proof of Capacity. The problem is that you can’t simply store the proof that a miner was able to mine in a Proof of Stake system. Why is this? Because in a Proof of Stake system, a miner has to be able to prove that they have a certain amount of stake at the point where they mined a block. This is very tricky without having the blockchain which proves they had that amount of stake.
There are two blockchain trimming algorithms that have been proposed that I will discuss.
First of all, there is the idea proposed by Bill White:
The idea in is one is that every miner will include in the blocks that he mines a merkle tree of all account balances, as well as the proofs required to prove that he was allowed to mine off of the previous block. The theory is that this allows you to prove at any point in time that you had the stake to mine. The problem with this is that there is nothing stopping anyone who gets the right to mine a single block from inserting a merkle root for entirely fictional accounts with fake balances. If a light client were tracing through this fake chain, it would believe that it were on the real one and this fake chain could easily be made stronger than the real chain.
In general when analyzed, many proposed Proof of Stake blockchain trimming algorithms have this ‘ghost miner’ attack, where you can insert fake miners and mine using them.
There is one other idea, and this one is quite interesting, it is the algorithm proposed by Ethereum. This idea can be found here:
You’ll see even in that article, the author Vitalik Buterin, is arguing that Proof of Stake does not have a blockchain trimming algorithm that is as simple and nice as Proof of Work has. But as he has argued in the past, the reason Proof of Stake is necessary is because it’ll save energy. Which we now see that Proof of Capacity does just as nicely, using only 23% more energy.
However, they have proposed a solution, so let’s analyze it.
Their solution has a very interesting idea of inserting checkpoints into the chain that allow miners to skip large sections of the processing of it. The most basic component of their algorithm is that every checkpoint is held together by at least 2/3rds of the miners that signed off on the last block signing off on the newest block. Then building off of those checkpoints miners will mine using the account balances from the last checkpoint when calculating who has permission to mine, otherwise they run into the same
First of all, I’m not going to run the numbers but even using this method, all those signatures still add up to be a lot bigger than how small Burst can trim it’s chain to be.
However, more importantly this algorithm has an interesting problem. If at the wrong point in time more than 1/3rd of the miners drop off the the network then Ethereum is going to have serious problems. You may think this is unlikely but it’s easy to show that it could definitely happen. And I want to note, there is a reason they picked the number 2/3rds, it has to do with the Byzantine General’s Problem which states that if coming to consensus in such a manner that at least 2/3rds of the signers need to agree, so keep in mind that lowering that number is not a viable solution.
In order to determine what the network of any of these cryptocurrencies that make it big will look like is to look at the current state of the Bittorrent network. The Bittorent network is a good comparison because it’s a bunch of people who are contributing their resources to power a decentralized network. Therefore a miner using this algorithm is similar to a Bittorrent seeder.
Going to http://demonii.com/stats/?t=month you will find statistics on the Bittorrent network.
For example, looking at statistics over the past month ending on April 18th, 2015 where the number of seeds is the black line and the number of peers are the blue:
You can see right here the network dropping the number of seeds by more than 1/3rd of the number of people powering the network in a number of places. Note that this doesn’t factor in unique seeds either. In a Proof of Stake network that uses this algorithm, it needs to be unique miners that stay online not just total miners, which just make this issue even worse. And not even just unique miner, this includes any miner that has signed up to be eligible to mine, whether or not he actually decides to then mine.
You’ll note that the spikes comes from the number of seeders going up and down over the course of a day as people turn their computers off overnight.
If this happens only a single time for this algorithm when miners are trying to agree on a checkpoint, especially if there is a temporary spike in miners, this causes major problems for Ethereum.
Luckily Burst’s Proof of Capacity algorithm does not have to deal with this problem and can deal with the number of miners entering and exiting the network rising and falling in this manner since the difficulty will automatically adjust to accommodate such scenarios. If fact, if done properly Burst should also be able to incorporate this checkpointing idea in a more secure way than can be done in POS. However, the method Burst developers have come up with for this requires exploiting the ability of miners to mine on multiple chains simultaneously, which means it is not a viable solution for Proof of Work either.
Proof of Capacity has an additional new customer acquisition method
Why did Bitcoin become popular? One of the big features that was a big draw to new customers was that anyone could download the mining software, connect their computer to the network and mine and earn ‘free’ Bitcoins in the process. Unfortunately with the rise of ASICs, your average person can no longer do that, they need to now buy special equipment for mining, which is an investment with some risk attached to it, which just isn’t worth it for most people.
However, given that Proof of Capacity is ASIC proof, this should continue to prove to be a great way to get an easy foot in the door for new users who are looking for a way to earn ‘free money’. Plot your hard drive and mine, it’s that simple. Proof of Stake also doesn’t really have a concept of mining for free and earning your first coins in this way, you have to buy them first.
The problem with Proof of Work is that the only way to mine it is with ASICs and as previously discussed, it is likely impossible to make an ASIC proof Proof of Work coin. This means that if a customer wants to switch over to using a Proof of Work currency you either have to convince him to take the risk of investing in a new currency he isn’t used to owning or convince him to buy new mining equipment to mine for the network.
With Proof of Stake, perhaps you can buy in and then earn interest on your Proof of Stake coins but customers/investors will still have to be convinced to take the leap and buy their initial currency and other currencies don’t have any easy way to get a foot in the door for attracting initial users.
With Proof of Capacity, Burst will be able to pay him to rent out his extra hard drive space to mine for Burst. Because Proof of Capacity is ASIC proof, market demands should balance out in order to be profitable for everyday people to mine for the network. Consider that the cost of a TB is currently approximately $30 and that most new computers these days have at least 1TB hard drives, and your average person doesn’t make use of their entire drive but rather ends up with a lot of extra space, and this means these customers would probably be able to make approximately $20 worth of this Proof of Capacity coin considering that they will not plot their entire drive. Once people own some Burst, he can spend it somewhere. And remember that for on average business, 80% of your business comes from repeat customers. Getting customers to try the coin is important. So, assuming that cryptocurrency works like other businesses, once people own some Burst, they should be more likely to buy more Burst and convince others to mine/buy Burst.
Also keep in mind one big boost of new Bitcoin customers was when Bitcoin opened the first free faucet giving away 5 free Bitcoin to new customers, this was when Bitcoin was going for a few cents per coin. So best case, people would get $0.25 worth of Bitcoin to wet their appetite and make them feel like they were a part of Bitcoin. Burst can almost definitely do better than that just by giving people an easy way to plot their hard drives and mine from it in order to attract more customers.
And once you give people that tiny investment in your currency.. they’ll be much more likely to encourage others to join and get involved in ensuring the success of the currency.
Not only that but many large companies that have extra storage could be encouraged to mine for Burst. Once they are mining for Burst, they are also much more likely to be Burst friendly and have the money required to spread the news of the coin to others.
Proof of Capacity has the positives
of both Proof of Work and Proof of Stake,
without the negatives
Ultimately this all boils down to making a better experience for the customer, helping them make the environmentally friendly choice, while still maintaining security and having a easier way to attract new customers to the coin.
To summarize, Proof of Capacity is ASIC proof, more secure than either Proof of Work or Proof of Stake, and has a much better method for trimming it’s blockchain than Proof of Stake while barely using more energy than Proof of Stake. Also very importantly, it should be easier to attract new customers than coins using either of the other two algorithms.
Proof of Work and Proof of Stake both make various trade-offs that Proof of Capacity does not have to make.
If you are interested in learning more, please check out Burst, the first and currently only Proof of Capacity currently available. There are a lot of friendly knowledgeable people who are working hard to make sure this coin is a success who will be happy to help you out. You may also feel free to post at burstforum.com and we will happily help you and answer any questions you may have.
My wallet, donations greatly appreciated: BURST-SYYS-QMGR-BCYN-BVQ2A