Quote:
Originally Posted by sethseth
Regarding all the PPcoin mania: PPcoin is the ONLY alt-coin that significantly changes the bitcoin code and tries something innovative. Unfortunately it is fundamentally flawed. The problem is that you don't need 51% to double spend. If you hold any significant amount of coins, you can attempt a double-spend and succeed in proportion to the amount of coins you hold. The white-paper on it acknowledges this. There is no solution to this, but the author hopes that some solution can be found in the future and thinks it is a cool experiment. Of course, the current crop of idiot investors don't read the white-paper and don't know anything about crypto or the enormous weaknesses of all the alt-coins, so that doesn't stop them from buying it hoping it will go up like bitcoin, but the coin can never go anywhere with that kind of security hole.
This is a very interesting issue for me. You seem to know what you're talking about so I'd like to run a few thoughts by you. Most talk online about alt-coins, as you said, is mania or uneducated speculation.
You've probably heard about the recent protocol upgrade that was supposed to patch a flaw that would allow people to tweak the rate at which their client generates POS blocks, and then make a whole bunch of blocks in a short period of time and cause havoc. I don't really know how this works yet because the developer never really explained what the upgrade changed in detail, some have said you can figure it out by looking through the source code but that takes time and I haven't done it yet.
Regardless, any blockchain has a vulnerability like this to some degree. With significantly less than 51% of the hashing power, someone would be able to generate 2 or 3 blocks in a row and attempt a double spend. That's why a number of services require a handful of confirmations before accepting a transfer.
The bigger issue to me seems to be how to decide who gets to make POS blocks, the previous vulnerability existed because someone could burn up all his stake at once to make subsequent blocks with a minor tweak. Each client did some hashing at a slow rate which, along with enough coin-age, allowed one to generate a block. As I understand there's still some hashing that needs to be done to generate a POS block, and I don't know what's stopping a dishonest miner from sharply increasing his hashing speed to make a lot of blocks.
I've wondered if it would be possible to pseudo-randomly select unspent inputs, seeding the randomness with hashes of previous blocks. Each unspent input would be weighted according to size. If a client is connected to the network with the private key pertaining to the randomly selected unspent input, that client can create a new block, sign it, and receive a reward. If no active client controls the unspent input, then a different input is chosen, and so on...
This would make it impossible to create proof-of-stake blocks with offline stake, and offline stake is certainly a valued security and convenience feature, but that might be a worthwhile trade off compared to the expenses and potential vulnerabilities with proof of work. If you want to reap the rewards of mining, you need your coins on an active client. If you want complete safety, stick coins in an offline paper or brain wallet. Maybe there could be a separate private key for each address used to sign proof of stake blocks, that way you could mine proof of stake blocks without having to risk exposing the private key needed to spend inputs.
There are probably a number of other factors or obstacles that I'm missing, since I'm not super familiar with the nitty gritty of the block chain, but if a system like this could work you'd have something fairly comparable to proof of work, I believe. Having 10% of the online coin gives one a 1% chance of making two blocks in a row, .1% to make 3, .01% to make 4, and so on... Which is equivalent to having 10% of the online hashing power. You could then use 4+ confirmations for most low-priority, high-value, or high-risk transactions, and 0 or 1 confirmations for everything else.