The problem with waiting AFAIK is that it's vulnerable to attacks on the underlying peer-to-peer network.
Let's say you wait 1 hour to see whether there was a double spend. If an attacker wanted to, they could spend twice and somehow mess with the network for 1 hour.
For example, an attacker at the internet service provider could intercept packets from the Bitcoin network and just block the other spend transaction from getting to you. You wait 1 hour and consider the payment finalized, and you swap goods for Bitcoin.
> All that wasted energy is paid for by the holders
Could you explain me what energy is "wasted" in Proof-of-Work and also how the people currently holding the cryptocurrency is paying for that "waste"?
AFAIK, the same number of blocks are made no matter how many transactions are being made or how many holders there are (or how much each holder "holds"), so the energy consumption of Bitcoin remains more or less the same during an hour, only slowly rising as more miners get on-boarded. But the energy consumption of those brought online remains the same over the lifetime of the miner instance itself.
> Proof of work = trust physics to determine what happened.
This is the kind of vapor Bitcoiners love to inhale and it's just not true. In the history of Bitcoin, it has happened many times where the "work" of a chain was irrelevant because humans disagreed with the contents of that chain. See: 2010 fork, 2013 fork, 2017 fork, etc.
When two chains are mined using the same binary, yes, "physics" seems to be in control on which chain wins (ie. the one with the most work). But when one chain expresses a slightly different protocol, humans take over and decide which protocol is the valid one (even if it has less work).
And if humans are ultimately deciding on what's valid Bitcoin and what's not, we have to ask ourselves which humans are the most influential in the discussion on what's valid and what's not. We need to know who these players are because with a project worth this much, you can bet that they are targets of powerful and wealthy entities.
Boring histrionics aside, you haven’t refuted GP’s point. Pure proof-of-stake consensus systems all suffer from the misfeature of not even having a basic quantitative fork ranking protocol. Jude C. Nelson critiques this better than anyone [1]:
PoW requires less proactive trust and coordination between
community members than PoS -- and thus is better able to recover
from both liveness and safety failures -- precisely because
it both (1) provides a computational method for ranking fork
quality, and (2) allows anyone to participate in producing
a fork at any time. If the canonical chain is 51%-attacked,
and the attack eventually subsides, then the canonical chain
can eventually be re-established in-band by honest miners
simply continuing to work on the non-attacker chain. In PoS,
block-producers have no such protocol -- such a protocol
cannot exist because to the rest of the network, it looks like
the honest nodes have been slashed for being dishonest. Any
recovery procedure necessarily includes block-producers having
to go around and convince people out-of-band that they were
totally not dishonest, and were slashed due to a "hack" (and,
since there's lots of money on the line, who knows if they're
being honest about this?).
Under adversarial conditions like those outlined by Jude C. Nelson, PoS reverts to “phone-a-friend consensus”, or — to use a euphemism coined by Vitalik Buterin — “weak subjectivity”. Centralized Git repos offer a close to identical consensus model.
What’s the point in having a “blockchain” at all if under adversarial conditions, miners are necessarily demoted in favor of trusted human coordinators? Git is very “green-friendly”, too.
> What’s the point in having a “blockchain” at all if under adversarial conditions, miners are necessarily demoted in favor of trusted human coordinators?
In the quote you posted, Nelson is wrong when he states "[Bitcoin] provides a computational method for ranking fork quality". It only provides such a method when both forks agree on the underlying protocol. If two chains aren't being reconciled because the network is in disagreement on which set of rules is valid, the "computational method" is thrown out the window, and the big guns are called in (high profile developers, influencers in the space, etc.). He uses the words "canonical chain" and "attack" as if it's clear which chain is the attacker and which chain is canonical, but we need humans to help us make that determination on which is which. Chains by themselves aren't hostile or not, they're just numbers.
I'm not saying Ethereum is better by the way... they're all the same.
> In the quote you posted, Nelson is wrong when he states "[Bitcoin] provides a computational method for ranking fork quality". It only provides such a method when both forks agree on the underlying protocol.
Firstly, the “underlying [PoW] protocol” assumes the “majority of CPU power is controlled by nodes that are not cooperating to attack the network” (Satoshi, 2009). IOW “Bitcoin” is defined as the chain with the highest cumulative hashing power. That assumption is baked into all PoW networks.
Secondly, Jude C. Nelson — who you seem to have a professional/academic disagreement with — has a PhD in distributed systems from Princeton. I’m not saying your disagreement with Jude deserves no credibility, but I’m also not prepared to give a pseudonyous commenter on HN the same weight.
(JCN runs circles around Vitalik Buterin — a highly entertaining read [1].)
The 2013 bitcoin-0.7 BDB chainsplit incident you’ve propped up as “proof” PoW lacks a fork ranking protocol — which it doesn’t — was ultimately resolved with hashpower (of course). Humans only got involved there to prevent needless network downtime, read: “Eventually 24 blocks would be lost”. The incident would’ve eventually resolved itself on-chain by PoW miners, with hashing power only.
> I'm not saying [PoS] is better by the way... they're all the same.
Proof-of-Stake consensus lacks all notion of cumulative hashrate, and altogether lacks a quantitative fork ranking protocol. To claim PoS and PoW are “the same” in this respect is simply false equivalence.
PoS systems undeniably lack an on-chain mechanism for resolving fork disputes. Hence they have little need for a blockchain — after all, if a top-down human hierarchy presiding over a blockchain is going to unilaterally decide which chainfork to favor anyway, they might as well just skip the blockchain and use Git. As with Git repos, in PoS, forking disputes have to be handled by centralized authorities who outright dictate which Git history is valid. No other dispute resolution protocols are possible here.
Conversely, PoW systems make this determination by ranking cumulative hashing power amongst forked blockchains. PoW networks coldly and quantitatively come to consensus about what constitutes the longest valid chain. PoS systems use less energy than PoW systems, but they can’t even come to consensus without top-down hierarchical human intervention under adversarial conditions, hence they have little reason to use a blockchain at all.
> [The chainsplit] was ultimately resolved with hashpower
Did you read the article? Humans were needed to avoid catastrophe. Here let me post the relevant bit:
quote:
What would have happened if the developers had done nothing?
Throughout the text I’ve emphasized that the downgrade option was the correct one and that speed of developer response was of the essence. Let’s examine this claim further by thinking about what would have happened if the developers had simply let things take their course. Vitalik Buterin thinks everything would have been just fine: “if the developers had done nothing, then Bitcoin would have carried on nonetheless, only causing inconvenience to those bitcoind and BitcoinQt users who were on 0.7 and would have had to upgrade.”
Obviously, I disagree. We can’t know for sure what would have happened, but we can make informed guesses. First of all, the fork would have gone on for far longer — essentially until every last miner running version 0.7 or lower either shut down or upgraded their software. Given that many miners leave their setups unattended and others have custom setups that aren’t easy to upgrade quickly, the fork would have lasted days. This would have several effects. Most obviously, the psychological impact of an ongoing fork would have been serious. In contrast, as events actually turned out, the event happened overnight in the US and had been resolved the next morning, and media coverage praised the developers for their effective action. The price of Bitcoin dropped by 25% during the incident but recovered immediately to almost its previous value.
Another adverse impact is that exchanges or payment services that took too long to upgrade their clients (or disable transactions) might find themselves victims of large double-spend attacks. As it happened, OKPay suffered a $10,000 double spend. This was done by a user trying to prove a point and who revealed the details publicly; they got lucky in that their payment to OKPay was confirmed by the 0.8 branch but not 0.7. A longer-running fork would likely have exacerbated the problem and allowed malicious attackers to figure out a systematic way to create double-spend transactions. [1]
Worse, it is possible, even if not likely, that the 0.7 branch might have continued indefinitely. Obviously, if this did happen, it would be devastating for Bitcoin, resulting in a fork of the currency itself. One reason the fork might keep going is because of a “Goldfinger attacker” interested in de-stabilizing Bitcoin: they might not have the resources to execute a 51% attack, but the fork might give them just the opportunity they need: they could simply invest resources into keeping the 0.7 fork alive instead of launching an attack from scratch.
There’s another reason why the fork might have never ended. Miners who postponed their decision to switch from 0.7 to 0.8 by, say, a week would face the distasteful prospect of forgoing a week’s worth of mining revenue. They might instead gamble and continue to operate on the 0.7 branch as a big fish in a small pond. If the 0.7 branch had, say, 10% of the mining power of the 0.8 branch, the miner’s revenue would be multiplied tenfold by mining on the 0.7 branch. Of course, the currency they’d earn would be “Bitcoin v0.7”, which would fork into a different currency from “Bitcoin v0.8”, and would be worth much less, the latter being considered the legitimate Bitcoin. We analyze this type of situation in Chapter 7, “Community, Politics, and Regulation” of our Bitcoin textbook-in-progress or the corresponding sections of the video lecture.
While the exact course of events that would have resulted from inaction is debatable, it is clear that the downgrade solution is by far the less risky one, and the speed and clearheadedness of the developers’ response is commendable.
Basically none of that is consensus breaking. And I acknowledged the potential of a deep reorg leading to needless network downtime. In the author of the article’s opinion, this deep reorg would’ve resulted in utter chaos, which seems hyperbolic to me. Regardless, how does that disprove the existence of a fork ranking protocol in Bitcoin?
Alright, but even if they do, the original ETH token will be mined. Look at Ethereum Classic. It just recently pumped a lot. Which smart contracts run on it?
That's the thing. Read my analysis... it doesn't matter if something better comes along. As long as the tokens are around they can just be more and more scarce and go up in price.
Many people in the field don’t expect that there will be a viable fork this time, basically all defi smart contracts that are now a huge part of ethereum (not the case at the time of classic) would break triggering a cascading chain of liquidations breaking the usability/viability of the chain. However the past has shown that a broken chain can somehow still be valuable due to irrational speculation so we will have to wait and see.
Today's governments wouldn't have the state capacity and ambition to achieve what those of the 1940s-1980s were capable of. We've regressed; we're incompetent and moat of our effort is directed at virtue signalling rather than progress.
Reading the histories of any public infrastructure project is just depressing. The dissolution of the works projects administration, which is sorely needed today given much of our infrastructure still dates to that period, and perhaps building a schoolhouse or a bridge is more productive and fruitful a job than driving for uber. The atomic energy commission throwing in the towel and dissolving in the face of public opposition (read: to save face for some politicians). The US freeway system being halted in its tracks in the 1960s and forever doomed to be overcapacity and congested in cities like Los Angeles. LA's multiple opportunities to construct a sprawling subway or elevated rail system decades ago when work was cheap, now lines cost billions and take decades, and are riddled with compromises to favor the automobile on the roads. A lack of any initiative to meaningfully coat an American city in bike and bus lanes, despite this advanced technology being merely a can of paint and a new citation on the books. A lack of any plan to stymie the crisis of mentally ill people living in danger on the street, who refuse voluntary aid.
It's hard to have hope for the future of our country when you can drive around and literally see it fall apart on a daily basis. I drive around on crumbling roads and see countless shanty towns and addicts 50 feet from $2 million dollar homes. I see median apartments priced where the median worker has to give half of their pay to their landlord. What's the plan? Pass the buck to the next guy in office forever, seemingly.
The mainstream is confused by the sheer number of coins available. For example, I have never heard of zcash or aztek. I have no idea what they're about or how long they've existed, or whether or not they're a scam.
I understand there are different uses for all of these coins, vaguely. But I also have no idea which are scams, which are not, and which are good for what I need. Further, I have zero idea where to even start to evaluate those three points, let alone the trading process.
And a lot of that issue is because crypto zealots are sort of awful to deal with, because many times they are needlessly condescending. Ask for help in crypto forums, and you get responses such as, "don't be clueless" or "use [insert weirdly named coin here], obviously [zero references to follow this statement]."
Also, the number of people shilling various coins is genuinely startling. Too many people have too much invested in too many coins for me to be comfortable that I'm not being scammed.
Source: I am as mainstream as it gets with this stuff.
Zcash privacy features aren't even on by default. You have to explicitly choose to make private transactions. This isn't good for a coin with Tor-like properties such an anonymity set. In practice, that set will be small enough for users to stand out and be identified.
The link you provided literally has one option, "Connect", outside of the GDPR cookie banner.
I can't even see what this website is doing and you expect people to just trust their money with these types of actors? I think that says more about you than "the mainstream".
In related news, the bank will soon be renamed to HFSP Bank, in recognition of the crucial role it plays in reducing the risk of its clients making too much money.
