Proof of Stake (PoS) should solve the troubles of the Bitcoin proof-of-work algorithm: the consensus algorithm is faster, more efficient and more economical. While Ethereum is rapidly moving toward implementation, a look at various security concerns related to PoS seems like the order of the day.
More and more energy flows into Bitcoin’s security, now on the order of the entire nation state: According to a study by the University of Cambridge , Bitcoin currently consumes 79.06 TWh per year, slightly more energy than the Philippines (78.30 TWh / year) and Chile (73, 22 TWh / year) and only slightly less than Belgium (82.16 TWh / year).
Another consensus model is needed, so it sounds from many sides of the community. Ideally one that is less energy intensive with the same level of security. For some time now, the solution has been called Proof of Stake (PoS) from the Ethereum Community perspective. In contrast to Proof of Work (PoW), the model does not rely on computing-intensive hashing processes of the block header, but is based on a so-called staking model. Depending on the PoS algorithm, nodes that have a certain amount of ether (known as collateral) vote on the next block. Those who do not abide by the rules of consensus lose their stake; this should then be an incentive for the nodes to behave according to the rule. But with cryptocurrencies that are capitalized with several billion, one should not be negligent and take a close look.
1. The nothing-at-stake problem
Proof of Work incentivizes miner compliance by making the algorithm costly to break the rules. Whoever cheats by installing double spends in a block, for example, prospects for nothing. After all, a double spend contradicts the network rules – such a block would not be accepted by a node. In other words, dishonest miners use energy, but are not rewarded with the Coinbase Reward. So it is not worth cheating.
It’s a little different with PoS. Staking nodes can theoretically work on a large number of blockchain versions at the same time; including those that contain illegitimate transactions such as double spends. In contrast to PoW, PoS does not (yet) have a really mature mechanism to ensure cooperative forging on a single blockchain. Opportunistic validators shouldn’t care which chain wins – the main thing is that the rewards flow .
2. Short-range attack
But that’s not all. In addition to the much-discussed nothing-at-stake problem, other security gaps, such as possible short-range attacks, appear in PoS cryptocurrencies such as Peercoin.
A short-range attack takes place as follows: An attacker buys his coffee with ether and, after the transaction confirmation has been received by the retailer, bribes a validator to tinker with a blockchain that does not contain the transaction.
In short, a short-range attack aims at the short-term reorganization of the blockchain. Since validators are bribed, one speaks of a bribery attack.
3. Long-range attack
While short-range attacks aim at an opportunistic reorganization of the blockchain in order to sneak goods and services, a long-range attack is the evil twin of the same idea. In contrast to short-range attacks, the attacking node does not start in the middle of the blockchain generated at short notice, but at the very beginning, i.e. at the Genesis block.
The attacker can thus create a completely new transaction history without being noticed. As soon as it has passed the block height of the actually legitimate blockchain, it could even replace it. After all, validators usually start with the longest possible blockchain. With Pow blockchains like Bitcoin, such an attack is unthinkable, since an attacker would have to carry out all proof-of-work calculations from block one – an undertaking with almost infinite costs.
4. Sybil attack
Sybil attacks are an attack vector to which theoretically all blockchains – even those with PoW – can be exposed. A Sybil Attack describes an attack vector in the course of which a real node seals in a multitude of fake digital identities and tells the network that it is a legitimate network node. In the case of PoS, these Sybil nodes act like validators nodes and can thus determine the fate of the blockchain. If the number of fake nodes exceeds that of the real ones, the network is completely under control and can be remodeled at will.
5. Coin accumulation attack
Ultimately, there are still a lot of unresolved issues that can arise with excessive coin accumulation. Because validators who have a certain amount of capital naturally have larger votes and have a greater chance of being selected more often as a validator. However, delegated proof of stake, Ethereum’s own approach, seems to be able to circumvent this problem somewhat reliably. In addition, with highly capitalized coins, it simply seems unlikely that individual validators can accumulate a really significant part of the coins.