Proof-of-work cryptocurrency mining is bad, stupid and damaging. Bitcoin uses 0.1% of all worldwide electricity consumption — as much power as Ireland — for just two to four transactions per second. This is a large enough externality that everyone else is noticing, and has a few objections.
Thinking about how to reduce CO2 emissions from a widespread Bitcoin implementation
— halfin (@halfin) January 27, 2009
Proof-of-work was a kludgy hack. When Satoshi Nakamoto created Bitcoin, he needed decentralisation — and this hack approximated it.
The approximation worked well enough for a few years. But proof-of-work has economies of scale, so — per chapter 5 of the book — it naturally recentralises. So we now have three or four mining pools controlling most of the Bitcoin transactions. Other cryptocurrencies do even worse.
Cryptocurrency advocates have cast about for other consensus mechanisms that can approximate decentralisation — but aren’t as stupidly damaging as proof-of-work.
Proof-of-stake was first proposed by BitcoinTalk user QuantumMechanic on 11 July 2011. The idea is that you show your commitment by holding coins. You get to mine the next block — and thus, get the coins — in proportion to your current holding:
I’m wondering if as bitcoins become more widely distributed, whether a transition from a proof of work based system to a proof of stake one might happen. What I mean by proof of stake is that instead of your “vote” on the accepted transaction history being weighted by the share of computing resources you bring to the network, it’s weighted by the number of bitcoins you can prove you own, using your private keys.
Proof-of-stake is a bit too obviously “thems what has, gets” — so you have to convince the users to go along with it. It’s also as naturally centralising as proof-of-work, if not more so.
The other problem is that people routinely spend up to $99.99 to get $100 — thus, proof-of-stake will rapidly approximate proof-of-work. Though spending $99.99 out of your bank account is unlikely to be as directly damaging as burning $99.99 of coal. Probably.
The idea is usually presented with variations, such as factoring in how old the holding is and so on. The Wikipedia article details various weaknesses of the schemes, and ways to cheat.
Ethereum and proof-of-stake
Vitalik Buterin has been talking about proof-of-stake since 2013. Ethereum was intended to be proof-of-stake in the white paper, but Buterin noted in 2014 that proof-of-stake would be nontrivial — so Ethereum went for proof-of-work instead, while they worked on the problem.
There are lots of existing proof-of-stake cryptocurrencies — but they’re all tiny altcoins nobody much cares about.
Ethereum is bigger and more important than all the rest, with hundreds of millions of (notional) dollars sloshing around in it — so they really have to get it right.
Ethereum Casper, the project to move Ethereum to proof-of-stake, started in 2014. It’s been six months away for four years now. The Proof of Stake FAQ is a list of approaches that haven’t quite worked well enough. Casper has had numerous technical and security issues. The current version only adds a bit of proof-of-stake to the existing proof-of-work system.
Worse is Better
The idea is that perfection is good — but a quick hack may be more viral.
I believe that worse-is-better, even in its strawman form, has better survival characteristics than the-right-thing, and that the New Jersey approach when used for software is a better approach than the MIT approach.
This is okay as long as you can approximate your way to full functionality.
Ethereum has always been a bit slipshod — it’s not technically polished, it has a history of frequent hard forks for protocol changes, and so on.
But — Solidity is the first successful smart contract language, and Ethereum is the first successful smart contract platform.
This results in some hilarious disasters, both on a small scale — the first Ethereum smart contracts exploring the field of incompetent fraud — and a large scale — The DAO disaster. And the disasters continue. But none that are bad enough to kill it.
Ethereum as a centralised system
Ethereum has the faith of its community — much more so than Bitcoin has — because so far the Ethereum developers have kept pulling the rabbits out of the hat. Functionally, they’re the trusted central entity.
Even the bit where they forked Ethereum just to rescue the big boys’ money from The DAO hacker didn’t kill off trust in the developers. (It shook it a bit, producing Ethereum Classic.)
The market doesn’t care about the Bitcoin ideology behind decentralisation. It cares about price — “number go up” — and functionality — is the public Ethereum blockchain clogged with cat pictures today?
The market treats centrally administered ICO tokens, and centrally-controlled cryptocurrencies like Ripple (XRP), as the same class of object as Bitcoins or ether. The market wants what it wants, not what ideologues want it to want.
So Casper just has to be good enough for the system to keep going. The market and the ecosystem won’t care that it’s functionally centralised, so long as it more or less works.
And, in any case — Ethereum proof-of-work mining is even more centralised than Bitcoin, with four pools controlling 75% of it. We left decentralisation behind long ago.
As long as:
- the network remains secure enough to function at all
- the price of ether doesn’t crash
- the ICO tokens keep pumping and dumping
- the latest CryptoKitties doesn’t clog it too badly
- and it doesn’t have any disasters that are more expensive than the ones the current system has, like The DAO or the Parity wallet disaster
— then Casper will be a good enough proof-of-stake that the community can live with it.
Casper doesn’t have to work well enough for the ideologues — it just has to work well enough for the market.
Your subscriptions keep this site going. Sign up today!