PoW and PoS debate: Who has real openness? Who can stay away from the end of thermodynamics?

These two days have produced a great discussion of PoW and PoS in the WeChat group of the Orange Book, which is very exciting. I have seen many valuable opinions from the discussion.

Since the WeChat group itself is a very unsuitable tool for discussion, many of the responses were ignored after the discussion. Many questions were repeatedly raised and said that the efficiency is too low, so I will sort out the issues raised in the discussion here and unify them. Reply once to avoid duplication of work.

A: The capital gains that the POS family sits on are the insurmountable gaps that can't be restrained.

B: This problem is a normal phenomenon in society. It is easier for rich people to earn money than for civilians. He invests so much money but has less income than others. That is unfair. Now everyone is getting the same proportion. Large households invest more money, they will get more returns.

This is a common conversation in PoW and PoS discussions. A raised two questions, 1. (Fairness issue) PoS big households sit and profit, ordinary people do not; 2. (cannot restrict) PoS big family rights can not be bound. B answered 1.

For question 1, I agree with B. It is reasonable to invest more in return, whether it is pow or pos. The blockchain is a tool to help achieve process fairness rather than fair outcome. We will still see the Matthew effect in the blockchain. The consequence of trying to solve the fairness of the results with the blockchain is that the connotation of blockchain governance is infinitely expanded, and the various problems that should be solved by the agreement (as will be seen later) are all pushed to the vote.

However, history or theory has long told us that there is no perfect group selection system in the world. The blockchain is a tool that can record data, ensure that data is not tampered with, and provide data for everyone. It is a very big improvement to help us achieve process fairness through such a tool.

Question 2 is a key issue that was ignored in the discussion. Investing in resources in exchange for the return of the righteousness, but the premise is that you want to invest can invest? For example, a star entrepreneurial team financing, is it that any vc wants to vote can be invested? PoW has a very good openness, so that later consensus participants can always join the consensus group, and PoS does not have such openness. Quote the discussion here:

In PoS, the future consensus group is determined by today's consensus group. Any new node that wants to participate in the consensus needs to be implemented through at least one transaction (eg mortgage, vote, etc.), and whether the transaction is processed is determined by today's consensus group, they can handle the transaction, or not This transaction, if not dealing with this transaction, the new node will never be able to participate in the consensus .

At the same time, "do not deal with transactions" is an act that is easy to disguise and difficult to punish. I have not seen a solution to solve this problem in a consensus agreement. PoS often allocates the block ratio according to the weight of the stake (it has nothing to do with the number of nodes). Considering the concentration of the stake in most systems, this is a very practical problem.

PoW is thoroughly Permissionless. Whenever you want, you can buy miners and electricity to join the ranks of the block, do not need today's miners to give you any form of permission. You might say, I still need to buy a mining machine and electricity. Is this a form of license?

Yes, from the lower level, this is also a license. But unfortunately, in all Proof of XXX, this is already the most decentralized form of licensing. After all, the degree of decentralization of mining machine production and power resources is much higher than that of various tokens. We should always pursue decentralization as much as possible, otherwise it would be nice to use a centralized system.

"Is it possible to invest" itself can be seen as an option with very high value. PoW can have such a nature, because the calculation of the proof of work is a calculation that does not depend on history. No matter if you buy the calculation power at any point in time, you are on the same starting line with other miners. This is a very The unique, counter-intuitive nature of this nature makes it possible for latecomers to break the advantages of early participants.

PoS is different, because the stake is an endogenous asset in the system, the ownership of the asset is determined by the history of the system, and the order of the transaction is determined by the history of the system. Therefore, whether it is a pos that needs to be mortgaged, or only a token is required. The participating pos, whose validator set is the historical decision of the system itself, PoS and PoW are completely different in "whether the participation consensus needs to depend on history". It is easy to see that this is a fundamental difference, no matter what kind of upper layer design can't solve this.

Therefore, the design of PoW and PoS is fundamentally two different ideas, reflecting two different concepts:

  1. (PoS) system should give starters a natural advantage
  2. (PoW) system should not give starters a natural advantage

Note that the subject is "system", and the advantage of consensus participants outside the system is not solved by any protocol design. If you think that 1 is correct, you should naturally support PoS, and you should agree more to PoW. CKB chose PoW in the design because CKB is designed to be Layer 1, a shared infrastructure around the world. We hope it will last long and neutral. To do this, the system should not let the first mover (including the system). The designer himself) gains a natural advantage.

A: Is pos buying money staking not just invested?

It is indeed an investment, but the "return" in the "investment return" here has changed. For the return on investment, we need to look at it separately. One kind of return is the token income. The most recent pos basically supports the delegate, so basically everyone has this option. The other is the right to participate in the consensus. According to the above answer, It can be monopolized by the existing validator, and most people have no options. There are many kinds of rights, and dividends are just one of them, and they are not the key ones.

So why is the right of consensus important, and what is the use of it? It means that you can sort the trades, and the sorting of the trades determines whether your trades can be wound up in time when crowdfunding on the chain, whether your orders can be traded in time when trading in DEX, and so on. Do DeFi on a PoS system? You need to seriously consider what the validator itself does and whether it has an interest in the transaction you are sending.

We know that DeFi trading is likely to be a very high value transaction, a huge payout in eg DEX, what if the validator arranges a cut-off transaction? Just the difference in the order of transactions can make a huge profit, not to mention that the consensus node can do much more than this?

You'll be smart when you think: "Isn't the PoW miner/mine pool the same problem?" Yes, PoW miners have the same rights, but PoW has two advantages that can weaken the problem:

1. Outbound nodes and key users in the ecosystem are decoupled. The key users in the ecology refer to service providers that provide services around the blockchain, such as exchanges and wallets. They provide high-quality services for a large number of users and gather a large number of users and transactions.

In PoS, because there are a large number of users and transactions, Stake will naturally concentrate on key users in the ecology to form a natural Stake pool, so the advantages of key users in business can be transformed into advantages in consensus and governance (in a certain These chains have been very obvious, which makes the advantages of the first mover more intensive.

In PoW, miners and exchanges/wallets are independent. They have different professional divisions, and they get rewards through different professional knowledge and different ways. Key users cannot turn their business advantages into advantages in the agreement. Miners There is no way to turn the advantages of the agreement into the advantages of the upper business. In PoW, checks and balances can be formed between developers, users, and consensus nodes.

2. The consensus of PoW is open (see above), full of fierce competition. Maybe a mine/miner can do this in a short time, but since the new miners are always free to join, it is very difficult to do this for a long time, and fierce competition will make it more and more fair. The fully competitive market, which takes time (30 years? Maybe).

Conversely, in PoS, due to the advantages of the natural forerunners and the combination of business and consensus advantages, the advantages of the first mover will only become larger and larger, the competition will gradually disappear, and finally a monopoly or an oligarch will be formed. In infrastructure-level agreements, we should try to avoid monopoly as much as possible.

The blockchain itself is a large queue, and the right to sort is the most critical right in the system.

A: (Bitcoin) The cost area of ​​the 51-hour attack is $443,000…

A wants to express that Bitcoin is not safe, because as long as $ 443,000 can attack it, then the PoS token is limited, no attacker can buy enough stakes from the market to attack.

This view ignores the problem: at some point, the computing power on Earth is also capped. If a PoW chain has only 10% of the SHA256 power, this is no problem. But if Bitcoin has concentrated 90% (estimated) SHA256 computing power, where do you get another 90% of the SHA256 computing power? Quantitative changes cause qualitative changes, and changes in the power status can affect safety.

It is not PoW that is not safe, and it is a PoW chain that does not have enough computing power. Blockchains that use PoW will encounter greater start-up problems than blockchains that use PoS, but it is this real and cruel test that proves the security of the blockchain. Otherwise, I also run a PoS chain, 99% of tokens belong to me, 1% in the market wants to stir up how high the speculation, security is not more than Bitcoin in minutes? Bitcoin has been running for 10 years, carried on top With so much value, why didn't the attack happen? On the contrary, some chains have been running for less than a year, and the smart contracts with hundreds of thousands of yuan in value are stolen countless times… The theory needs to be revised with facts. When the theory and the facts are inconsistent, it must be theoretically wrong. .

There is also an upper limit. The upper limit of resources required to participate in the consensus in the PoW chain is changing with time. The progress of science and technology, human initiative and fierce competition continue to push forward. The acquisition of natural resources is completely gone. Centralized; and the resource limit required in the PoS chain is well stipulated by the agreement. All the issued tokens are in the hands of the existing validator, and then distributed through the sale of the validator in the market or the dividend of the staking pool. Will it be distributed? Some deja vu?

A: The two abstractions are capital at the end, pow is the capital cost calculated by capital expenditure and opex; pos is the computer cost of the collateral market value. Both of these costs are irreversible

I don't agree with this logic, ignoring the intermediate process directly to the essence just ignores the key. The process is the key, the process creates friction and the process produces losses. Even if it is capital, the liquidity of capital and the speed of monopoly are different. There is also a difference in whether the agreement can be recovered from the monopoly. See the previous article.

A: I don't think that the holders of PoS will always sell A: Who will over-concentrate who will contribute to the ecology A: If the chip is 90% in your hands, this ecology will not work. A: It is highly concentrated for you. There is no value in A: You are monopolizing 90% of the token, no one is paying you rent

Monopoly can also build an ecological environment. Tencent and Apple are examples. Whether it is history or economic principles or <0 to 1>, it is clear to us that monopoly can make huge profits.

At the same time, the existence of monopoly does not mean that you know that there is a monopoly . Token is the most liquid capital in the world. Even if I have 90% of tokens, I will spread it into 100 staking pools instead of focusing on a staking pool. Monopolists don't like to jump out and say "hey, I monopolize this system!".

A: Potentially a bad monopolist will sell tokens for short-term benefits. A: Evil is for short-term benefits. A: That is, potential short-term interest monopolists will sell tokens for short-term benefits. B: Head mortgagors are clearly seen. If you solve the mortgage, or withdraw the money to the exchange, it will cause the price to fall. He hasn’t said anything yet. It already reflects A: I mean this too. Is it safe for the monopolist not to be evil? [smirk]

This confuses the concept of monopoly and evil. Evil means an explicit attack, such as a double transaction, evil can be observed, and the system or ecology can also make a corresponding counter. Monopoly is implicit , monopolists do not need or attack the system, but it can still use its own consensus rights to gain more benefits, as said before, as long as you can control the order of transactions, you can control everything.


Manipulating transaction ordering is undetectable . In the PoS system, manipulating transaction ordering also means manipulating the future set of validators, which means that the monopoly position can be easily maintained. This is the inevitable result of ensuring system security based on system history. This does not exist in PoW.

We haven't found a way to rule out all the monopoly at all times, but PoW at least gives us a design that makes the monopoly difficult to exist in a longer time dimension, which I think is crucial for Layer1.

A: First, why can't the late pos chain participate? Buying coins is much lower than buying a mining machine. There is a long-standing monopoly in pos. I don't agree with this conclusion. There is no economic scale effect. 2 The cost of attacking pos is compared. The acquisition of Stake is only one aspect, and there is a retrieval system. The node is very concerned about its own reputation, this cost is huge for the node.

In the first question, the question of monopoly has already been answered. Regarding the threshold issue, I think this is a mistake often made by many people, including even protocol designers. The primary goal of the blockchain is security and decentralization, and the threshold is that all usability issues are not the goal of the blockchain.

Discussing the threshold problem in the blockchain protocol is like arranging the different levels of goals in the same way as saying "How do you let ordinary people construct TCP request packets?" To lower the threshold and improve the usability, we can do a lot of work on the upper level, do wallets, do cloud mining, design various financial products, why should we consider the threshold in the blockchain agreement?

Nervos pursues a layered protocol architecture because it sees ease of use and security issues must be considered separately. Ease of use/threshold and security are inherently contradictory, and forcing together will only give us nothing. The direct participants in future blockchain agreements must be professional users who build support (trusted) services, lower usage thresholds, and provide ease of use to gain support and benefits for the average user in the ecosystem.

Second, the reputation is something that cannot be quantified and the blockchain protocol cannot judge. Placing the security of the blockchain on the reputation will only make the blockchain go back to the old path of the existing trust system. At the same time, there is also a feature of untransferability. Based on a non-transferable thing to establish a security model, will it be familiar?

A: Actually, there are a lot of implicit assumptions. If a pos chain appears that you have a cartel controlling 1/3 of the token, the community can fork out cartel by fork; I don't think a pow chain is 51% The chain of force control is also facing the same serious problem; in addition, I think that the possibility of hiding the last time to form a majority control is not great;

Pushing out the problems that can't be solved in the agreement to the out-of-chain governance (note that when cartel controls 1/3 stake and generates enough threats that the community wants fork, chain governance is no longer useful) and hard forks, indeed Can solve all problems, but this should be a costly last resort, should not be a casual tool, the blockchain protocol should be avoided as much as possible into this scenario.

The use of out-of-chain governance and hard forks is equivalent to the lack of recognition agreements, and people need to take over. I agree that a blockchain ecosystem ultimately needs people to govern, but I think the lower the frequency of human intervention, the better. If you don't pursue this, why do you need a blockchain? Only by reducing the frequency of people's participation, the automation costs of collaboration can be reduced, and the foundation of trust required for collaboration can be reduced.

"The possibility of a node hiding the last time to form a majority control is not great" – as long as the time is long enough, no matter how small the time will occur. The black swan in the financial market has told us countless times, and our memory is not just 7 seconds.

A: xxx's chips are constantly spreading A: xxx's wallet address from ICO more than 1000, less than 10,000 in a month

According to the address of the top 100 or the degree of dispersion of the top 20 staking pool, it is impossible to prove that the token is scattered. The reason is very simple. We are talking about a system that is not permissionless. The address represents only a public-private key pair and does not represent an identity. Generating an address is almost zero cost, and the number of addresses that have a stake cannot represent the different users holding those stakes. Don't confuse the address and the user.

In PoS, the number of validators in the validator set is irrelevant and does not represent the stake dispersion. As mentioned earlier, if you have 99% of the stakes, you should spread them to 100 or even 1000 validators.

PoW also has the problem of concentration in the hands of big miners, but due to the openness of PoW and the system does not create disadvantages for latecomers (see above), such concentration will only be temporary, and the computing power will be fierce. The competition is constantly moving from one person to another. PoW praises competition, PoW is an open system, and only an open system can stay away from the end of thermodynamics and maintain long-term vitality.

PoS has its value and its problems, so it can't be applied to all scenarios. Layer 1's blockchain protocol must use PoW. Only Layer 1 using PoW can solve the problem we hope to solve and realize the future we hope for.


Author: Nervos Chief Architect Jan

Source: https://talk.nervos.org/t/pow-vs-pos/1732?u=janx

Source: Orange Book

We will continue to update Blocking; if you have any questions or suggestions, please contact us!


Was this article helpful?

93 out of 132 found this helpful

Discover more


Chainalysis Research Mass Adoption of Cryptocurrencies in India, the Philippines, and Pakistan

Author | Chainalysis Central and South Asia and Oceania (CSAO) have the world's most vibrant and attractive cryptocur...


A paper reveals: "The Eye of the Government" and "Encryption World Perspective" Chainalysis

According to public information, the US federal government is the company's top government customer. The relatio...


Make money! How Chainalysis secures U.S. government ten-million-dollar contract

Encrypted data analysis company Chainalysis has received a $ 10 million contract from the US government over the past...


Japan's largest bank Mitsubishi UFJ Financial Group shot! Chainalysis completed $36 million in Series B financing

According to reports, Japan's largest bank, Mitsubishi UFJ Financial Group (MUFG), participated in an additional...


IMF Working Paper (Part II) How to Tax Cryptocurrencies?

In fact, to some extent, it is much easier to directly master the use of cryptocurrency for criminal activities than ...


Want to go to the "profit road" Blockchain analysis company Chainalysis layoffs 20%

According to Coindesk, blockchain analysis firm Chainalysis cut jobs by 20%. According to the report, Chainalysis fir...