You mean because of the hype and scams associated with blockchain technology?
I would agree with the assessment, but avoiding it for research would be equally dumb. The tech itself has very interesting properties and potential applications outside of “finance”. It’s just a decentralized and slow global db with an (empirically battletested) consensus mechanism.
> with an (empirically battletested) consensus mechanism.
In fact there almost as many consensus mechanisms as there are blockchains. In the beginning it was PoW that defined what was a blockchain, but with its obsolescence in favor of Proof of stakes for many chains the situation got muddier. Facebook's Libra/Diem for instance was based on a strongly consistent algorithm (as opposed to the eventually consistent nature of PoS) that's not that different from PBFT and ByzPaxos.
I'd argue that most PoS networks are not fundamentally different from the consensus algorithms before Bitcoin - the difference is they include a token as an entry point into authority, and that getting caught attacking will demerit tokens from you.
But the attack vectors are the same, and now there is an incentive to pull off an attack since the system is representing money people are willing to trade for goods. I think PoS is dangerous for this reason - same vulnerabilities and defenses but with higher stakes on both sides.
Not defending PoW wholesale, but it is fundamentally different as a network defense tool - though, it too has a reward for attacking it, so long as you can get 51% together - or less with selfish mining (network latency attacks).
> , and that getting caught attacking will demerit tokens from you.
even that's only true if you define dememerit attack and caught in particular ways.
E.g. I have a lot of tokens then sell them. (or go around and buy up worthless no longer used keys from people who had a lot of tokens at some point).
Now I can bifuricate the history at that point, create all the alternative histories I can't and you can't take anything from me.
To protect against these alternative histories one needs to use a separate consensus mechanism. In many systems this has been essentially "some trusted third party signs the real stuff" -- often with some obfuscation in between. If you're okay with that security model, why not eliminate the intermediate step theater and just use the ultimate centralized consensus?
I ultimately agree - I'll play Devil's advocate a bit:
Such an attack is referred to as a "long range attack" and is 'solved' by 'finality' in Ethereum, the largest running PoS network. Finality basically means a hard checkpoint. I won't make you say it: finality can of course be changed on different forks, and that's the core issue in PoS.
There is probably some utility in adding friction to such corruption, but that the mechanism doesn't ultimately prevent it and really just adds incentives to controlling it.
Attacks on PoS are more convoluted, but there are more of them and more ways to approach them. I fully agree this fact is lost in obfuscation and jargon.
One risk in creating cryptosystems is that I think applies very much to these POS systems is that you create something, it gets broken, you revise it, broke, revise it broken, revise it broken, revise it each time adding more complexity... okay no breaks found. Is it now a cryptographically secure system or was it just revised until it was cryptographically secure against review?
That's very much the history of POS systems but it's even worse than that, because as the revisions went they added new conditions to the assumed security model so at the end of the day the security assumptions are very different from where they started. They might be secure but for example a function whose security definition is that whatever the function does it correct is always "secure". :P
There is one prominent POS cryptocurrency (I'll not name it because it's not relevant and naming it will just invoke vicious shills) which has a formal security proof that starts with the assumption that all participants have a network that faithfully delivers all messages without loss and in the same order. It's trivial to have a consensus system that is secure in that model because you don't even need a consensus system in that model: "first transaction out of any competing set wins" is an adequate policy, the network in that case is equivalent to a consensus system. (Maybe the system provides some useful security properties, but its security proof won't tell you anything about them)
In any case we're largely in violent agreement. I think.
While I can agree with your argument that some of the friction in these systems may have practical utility even if it doesn't meet a strong security criteria, the danger that worries me is that people don't actually have a clear mental model for what they do provide or what risks they have. This may lead them to expose themselves in ways that they wouldn't if the properties were better known, and ultimately result in losses greater than the benefits.
Or maybe not: lots of things work fine on fully centralized systems, or works fine even when their security rests on no one bothering to attack. But there is a little pedantic voice inside me that weeps at the obfuscation and misrepresentation.
I would agree with the assessment, but avoiding it for research would be equally dumb. The tech itself has very interesting properties and potential applications outside of “finance”. It’s just a decentralized and slow global db with an (empirically battletested) consensus mechanism.