Editor's Note: This article comes fromBabbitt Information (ID: bitcoin8btc), Author: Vitalik Buterin, Compiler: Free and Easy, released with authorization.
Editor's Note: This article comes from
Babbitt Information (ID: bitcoin8btc)
, Author: Vitalik Buterin, Compiler: Free and Easy, released with authorization.
Translator's Foreword: After the official release of the Ethereum 2.0 deposit contract, Ethereum has taken a big step towards the transformation of the PoS system, and Vitalik Buterin, the co-founder of Ethereum, summarized in his newly published article that Ethereum will The reason for switching from the current PoW system to the PoS system, in his opinion, under the same cost conditions, PoS provides better security, which can resist potential attacks, and in addition, the PoS system can be faster after being attacked Recovery, and the last advantage is that PoS is more decentralized than ASIC mining (note: GPU mining is not included), however, Vitalik also mentioned two possible advantages of the PoW system, but these advantages are still insufficient To keep Ethereum in the PoW system.
Compared with the Proof of Work (PoW) consensus mechanism, Proof of Stake (PoS) is a superior blockchain security mechanism for three main reasons:
1. Under the same cost conditions, PoS provides better securityarticleThe easiest way to do this is to put PoW and PoS together and look at the cost of an attack on a network with a block reward of $1 per day. With GPU-based proof-of-work you can rent GPUs cheaply, so the cost of attacking the network is simply renting enough GPU power to exceed existing miner costs. For every $1 in block rewards, existing miners should spend close to $1 in cost (if they spend more, miners will quit as unprofitable, if they spend less, new miners can join and gain high profits). Therefore, attacking a network is not very expensive and only takes a few hours.
Total attack cost: Assuming a 6-hour attack, it is about $0.26, and it may be reduced to zero when the attacker gets the block reward.
ASIC-based Proof-of-Work ASICs are a capital cost: when you buy an ASIC miner, you can expect it to last for 2 years, until it wears out or becomes obsolete with newer, better hardware. If a blockchain is 51% attacked, the community may respond by changing the PoW algorithm, and your ASIC miner loses its value. On average, ongoing costs account for about 1/3 of mining costs and capital costs about 2/3 (see this
article
). So for a block reward of $1 per day, miners will spend about $0.33/day on electricity + maintenance and about $0.67/day on ASICs. Assuming an ASIC mining rig has a lifespan of 2 years, a miner would need to spend $486.67 to purchase such ASIC hardware.
Then the total attack cost is: $486.67 (ASIC hardware cost) + $0.08 (electricity + maintenance cost) = $486.75.
And as the barriers to entry get higher, ASICs provide a higher level of security at a higher centralization cost.
Proof of Stake (PoS) PoS is almost entirely a capital cost (coins deposited), the only operational cost is the cost of running a node. Now, how much capital are people willing to lock up to get rewarded with $1 a day? Unlike ASIC miners, deposited coins are not depreciated and you can get them back with a short delay after you have staked them. Therefore, participants should be willing to pay a higher cost of capital for the same amount of rewards.
Assuming a 15% rate of return is enough to incentivize people to invest (which is the expected rate of return for Ethereum 2.0), a reward of $1 per day would attract deposits for 6.667 years, or about $2433. While the hardware and electricity costs of a node are small, a $1,000 computer can stake hundreds of thousands of dollars in deposits, and about $100 a month is enough to cover electricity and internet costs. We can conservatively say that these ongoing costs represent approximately 10% of the total investment cost, i.e. our return of only $0.90 per day ultimately corresponds to the cost of capital, so we need to cut the above figure by approximately 10%.
In the long run, this cost is expected to be higher as staking becomes more efficient and people feel comfortable with lower rates of return. I personally expect that number to eventually rise to around $10,000.
Note that the only "cost" for this high level of security is the inconvenience of not being able to move coins around while you are staking. It may even be that the total amount of currency circulating in the community, ready for productive investment, etc. remains the same because the public knows that the coins are locked, causing the value of the coins to rise! In PoW, the "cost" of maintaining consensus is that real electricity is consumed crazily.
Greater security or lower cost? Please note that there are two ways to improve the security-to-cost ratio of the system by 5-20 times, one is to keep the block reward unchanged, but increase the security. An alternative would be to drastically reduce the block reward (thus causing "waste" of the consensus mechanism) and keep the level of security constant.
Both approaches are ok, I personally prefer the latter because, as we will see below, even a successful attack is more harmful in Proof of Stake (PoS) than in Proof of Work (PoW). ) are much smaller and easier to recover from.
secondary title
2. Easier recovery after an attack on a Proof of Stake (PoS) system
In a system based on GPU mining, there is no way to defend against this, and a persistent attacker could easily render a blockchain permanently useless (or, more realistically, switch to a proof-of-stake or proof-of-authority consensus mechanism). In fact, after the first few days, the cost to the attacker may become very low, as honest miners will drop out (due to the fact that they cannot receive rewards during the attack).
In a system based on ASIC mining, the community can respond to the first attack, but this is actually an attack. The community needs to change the PoW algorithm through a hard fork to deal with the first attack, so that "Block" all ASICs (attackers and honest miners!). However, if the attacker is willing to bear the initial cost, then after this, the situation is back to the GPU situation (because there is not enough time to build and distribute ASICs for new algorithms), so in this case, the attacker can still cheaply Continue to execute the nest attack.
However, in the case of PoS, the situation is much better. For certain types of 51% attacks (especially to restore finalized blocks), there is a built-in "slashing" mechanism in the PoS consensus proof system. Through this mechanism , most of the attacker's stake (and no one else's stake) is automatically destroyed. For other attacks that are harder to detect (notably the 51% coalition censorship attack), the community can coordinate a minority-user-activated soft fork (UASF), in which case the attacker's funds are again massively destroyed (in ether Square, this is done through the "idle leak mechanism"). There is no need for a "hard fork that burns coins", everything else is automated except for coordination on the UASF to select a few blocks, simply following the protocol rules.
Therefore, the first attack on the blockchain will cost the attacker millions of dollars, and the community will recover within a few days. Attacking the blockchain a second time would still cost the attacker millions of dollars as they would need to buy new coins to replace old ones that had been destroyed. Likewise, the third time, the fourth time... all cost the attacker millions of dollars, the game is very asymmetrical and it doesn't favor the attacker.
3. Proof of Stake (PoS) is more decentralized than ASIC mining
GPU-based proof-of-work is considered reasonably decentralized (obtaining GPUs is not difficult), but GPU-based mining largely does not meet the security standards we mentioned earlier to prevent attacks. On the other hand, ASIC-based mining requires millions of dollars in capital to enter.
This is also the correct response to the common "PoS makes the rich get richer" argument: ASIC mining also means that the rich get richer, and this game is tilted in favor of the rich. At least in PoS systems, the minimum stake required is fairly low and within reach of many ordinary people.
In addition, PoS consensus proves to be more censorship-resistant, and both GPU mining and ASIC mining are very easy to detect: they require large power consumption, expensive hardware purchases, and large venues. In contrast, PoS staking can be done without On humble laptops, it's even done through a VPN.
secondary title
I think PoW has two main real advantages, although in my opinion these are also rather limited.here1. The PoS system is more like a "closed" system, which leads to a higher concentration of wealth in the system in the long run. In the PoS system, if you have some coins, you can choose to pledge them and get more coins . Whereas in a PoW system, you can always earn more coins, but you need some external resources to do that. Therefore, one could argue that the distribution of tokens in PoS systems may become more and more centralized in the long run.
To this, the main response I see is that in PoS, the overall reward (i.e. validator income) will be quite low, in Ethereum 2.0 we expect the annualized total validator income to be equal to 0.5 of the total ETH supply -2%. And the more validators involved in staking, the less rewards they get. So it may take more than a century for the concentration of the coin to double, and in this time frame, other pressures (wanting to spend money, distribute money to charities or other means, etc.) may account for leading position.
2. PoS requires "weak subjectivity", while PoW does not require the initial introduction of the concept of "weak subjectivity", see
here
. Essentially, when a node first comes online and any subsequent time after it has been offline for an extended period of time (i.e. months), the node has to find some third-party resource to determine the correct blockchain. This can be their friends, it could be an exchange or blockchain explorer website, a client developer, or another participant, while PoW does not have this requirement.
