How Do Bitshares DACs Solve The "Nothing At Stake" Problem
Vitalik Buterin wrote an article, On Stake:
However, with the naive proof of stake algorithm described above, there is one serious problem: as some Bitcoin developers describe it, “there is nothing at stake”. What that means is this: in the context of a proof-of-work blockchain, if there is an accidental fork, or a deliberate transaction reversal (“double-spend”) attempt, and there are two competing forks of the blockchain, then miners have to choose which one they contribute to.
The optimal strategy is to mine on any fork that you can find. Thus, in order to launch a successful attack, an attacker need only overpower all of the altruists who are willing to vote only on the correct chain.
However, there is a problem: what motivates signers to sign blocks on only one chain? If the arguments against pure proof of stake are correct, then most rational stake-miners would sign both chains. Hence, in hybrid PoS, if the attacker signs only his chain, and altruists only sign the legitimate chain, and everyone else signs both, then if the attacker can overpower the altruists on the stake front that means that the attacker can overtake the chain with less than a 51% attack on the mining front. If we trust that altruists as a group are more powerful in stake than any attacker, but we don’t trust that too much, then hybrid PoS seems like a reasonable hedge option; however, given the reasoning above, if we want to hybridize one might ask if hybrid PoW + TaPoS might not be the more optimal way to go. For example, one could imagine a system where transactions need to reference recent blocks, and a blockchain’s score is calculated based on proof of work and coin-days-destroyed counts.
He also pressed a very high evaluation to TaPOS, which to my understanding is somehow part of DPOS.
I think what we Bitshares community, especially Stan Larimer gave to the so called "nothing at stake" problem is what we call "Bitshares Social Consensus" -- all chains that have people's "votes" all deserve existence. Let the FREE MARKET judge which chain or which DAC should take over the most, thus the main market volume.
I think we should stop calling it the "nothing at stake" problem because the phrase generates confusion. What are the factors of the problem we need to solve? List them.
Then once we agree on and understand those major issues we can find an approach to solving it if it is indeed a problem.
I gave some thought to this particular problem and the conclusion is there is a low probability of it being a successful attack vector. It's of low risk because the consequences of the attack would not be catastrophic because DPoS is set up to minimize the damage of any attack of this sort just by firing the delegates responsible.
And if it were so easy to pull off then other Proof of Stake coins with a higher market cap would face attack.
I think Bitcoin and Litecoin are centralized thus currently among of the most insecure cryptocurrencies. Proof of Work will end up being the cause of the insecurity as it promotes the centralization which ultimately will lead to attacks.
So given a choice I would say Proof of Stake is more secure than Proof of Work even if the "nothing at stake" problem is some theoretically possible attack. So far it has not been attempted or it has been attempted and proved ineffective.
If I'm wrong and someone can explain the "nothing at stake" problem in plain English then I'll give it more thought.
Bytemaster said several times that automatic delegate firing should occur if the are found to sign 2 different blocks.
However I dont think this is implemented... yet.
This should be sufficient provided it is difficult enough to become delegate. However some problems might arise if these who vote for the misbehaving delegate just vote-in another one.
Right. DPoS is self healing and somewhat collusion resistant too. Delegates can be fired and we can optimize for delegates which don't collude or attack the integrity of the network. I think DPoS offers way more flexibility than Proof of Work wit'h it's unelected government of miners. If miners desire they can gain complete and absolute control over Bitcoin and Litecoin over time and there is actual evidence of it happening right now.
If you look at Bitcoin or Litecoin neither are willing to swap out their hashing algorithms despite the fact that there are ASICs. No one gives a good reason why developers are sticking with ASICs and as a security design it really doesn't make any sense. ASICs result in extreme centralization which is very bad for security but I guess because the difficulty numbers look high it has everyone fooled into thinking it's more secure...
Difficulty is not security.