I recently had the absolute pleasure of discussing two of my favourite topics with a group of people I respect greatly: core Ardor team members, including a principal developer and long-term enthusiasts.
The topics debated were around which consensus mechanic is the most secure, Proof-of-Work (PoW) or Proof-of-Stake (PoS), and which of the two leads to the most effective distribution of power.
The starting point
PoW was first introduced as an anti-spamming mechanism. It’s an economic measure to deter denial of service attacks and other service abuses such as spam on a network by requiring some work from the service requester, usually meaning processing time by a computer.
In essence, PoW requires machines to spend power (resources) in order to avoid “nothing at stake” spam messages.
PoW was applied to the Bitcoin protocol in a similar way. It allowed for decentralised trust by making miners compete for your trust.
The way PoW works, which is discussed in-depth in this piece, enables people to send money digitally without having to worry about double-spend attacks. With each new block that is created, the hash gets more complex and harder to find, meaning miners will need to use more power to mine the same number of blocks. The goal is to make miners less dependent on Bitcoin rewards and more dependent on transaction fees.
PoW was a clever and witty introduction of an anti-spam measure into a P2P gossip protocol, aligned with a monetary incentive working as a mechanism to achieve trust between users.
Many PoS advocates blame PoW for wasting energy, even though at the time of writing, it has been shown the most prominent mining farms are now using renewable energy.
So the energy waste critique doesn’t stand up, at least not in my opinion.
What other critiques are there?
Two major discussion points were raised during the debate with the Ardor community:
- Is PoW more or less secure than PoS?
- Is PoW more or less prone to centralisation than PoS?
Personally, I would argue what matters is to promote both security and decentralisation.
PoW or PoS?
We have already discussed what PoW is and how it works. PoS has a similar goal of allowing users to reach consensus without trusting each other. Its working mechanics, however, are quite different.
PoS does not have miners, nor hashes. It does not require nodes to mine. Token holders simply stake a certain amount of coins and then nodes can validate transactions. Simple, right?
There are no block rewards (in pure PoS), just transaction fees that are paid to forgers (the name given to validators). In the event a validator tries to double-spend, he/she loses his/her stake. That is the incentive to not misbehave and to address the “nothing at stake” problem. A really neat example of this is Ardor.
Given the fact PoS does not rely on energy spending, can it be more secure than PoW?
Is PoW more or less secure than PoS?
Long-range attacks (51% attacks) seem deadlier to PoS systems, whilst short-term attacks (or double-spending attacks) are way more likely to happen in PoW systems.
Simply put, PoS systems have an issue with long-range attacks. If you take into account what it means to control 51% of the network, you realise whoever takes control, can’t be removed. From the moment I own 51% of the coins staked, there is nothing other validators can do to remove my power. Most likely, that stakeholder will only keep consolidating their power, due to the fact he/she will be rewarded more often (as in PoS, the more stake you hold, the higher the probability you get to forge a block).
On the other hand, PoS is quite resilient against double-spend attacks – the moment a validator misbehaves, they lose their stake.
Finally, the purpose of a cryptocurrency plays an important role in how security is perceived, depending on whether you’re looking for a long-term store of value, a currency that enables smart contracts, or a faster and more scalable network.
In the end, it’s difficult to arrive at an obvious conclusion about which system is the most secure, as security seems to be dependent on attack time frames and overall cryptocurrency purpose.
Is PoW more or less decentralised than PoS?
The argument for centralisation, in my view, is derived from security. In fact, it is derived from very specific dimensions within security: permissionless, openness, and immutability. With that in mind, which consensus mechanic do you think promotes a more decentralised outcome?
Again, it depends. If you take into account you need to purchase specific hardware to mine PoW cryptos, you could argue that there is a higher barrier to entry, which clearly promotes centralisation. On the other hand, because the network is resilient to long-range attacks, an attacker would need to spend energy continuously to maintain control of the network, making it quite hard to change the blockchain in the long term (immutability).
In PoS, it seems the only way to protect the network against a successful long-range attack is by rolling-back the blockchain, which completely goes against the immutability ideology (decentralisation).
Both PoW and PoS seem to promote equal levels of permissionless, openness, and immutability.
Depending on your goal, there can be benefits in using either.
If you want a network that is resilient in the long term and which doesn’t require rolling back, go for PoW-based systems (Bitcoin).
If you want a network that is resilient in the short term, easy to scale, and which protects against double-spending attacks, go for PoS-based systems (Ardor).
Thanks to the open approach of the Ardor community, most specifically @AvdiuSazan, @Petkodp, @Ardorgate, and @CryptoDemetrius, I had the chance to have an interesting debate around a topic that excites me quite a lot. It seems both PoW and PoS are quite secure, depending on the hash rate in the first case, and on the price of the token in the second.
Both consensus mechanics offer advantages and drawbacks. However, it seems to me the most secure protocol for a monetary system is still a high hash rate PoW-based system like Bitcoin, if only for the fact it appears to offer higher security in the event there’s a successful attack.
If electricity becomes incredibly cheap, or PoS implements a burning stake model, I argue PoW could lose its main advantage. However, because PoS security depends greatly on its currency pricing, we could experience undesired outcomes. Plus, having a hash rate makes it harder for a single entity to control the majority of the network for a long period of time, given the long-term monetary constraints.
Still, it’s hard for me to conclude with certainty which consensus mechanic is the most secure and which promotes more decentralisation, as there is a great dependence on community members and their enforcement of social rules. If Bitcoin’s community wasn’t as disperse and immense as it is, would changes be easier to enforce, making it prone to centralisation?
In my next piece, I aim at debating the role of rewards and incentives in security and privacy, as well as the key organisational structures that contribute the most to a decentralised outcome. Questions I will ask in upcoming related articles will be a) Can incentives and rewards promote a more secure system through better user behaviour? And b) What organisational structures can promote the most decentralised systems?