I think a better way to say it is that it moves from a trustless system to a system that trusts based on some criteria. That criteria is usually how many coins one has.
Since the original bitcoin concept was solving the byzantine generals problem, the entire point of all the cryptographic work was to be trustless.
If you are cool with trust, you can have reversibility, lost password retrieval, anti-money laundering checks, and all the other features of the existing financial system.
It would be a carbon copy of that, of course, which would raise the question of what problem this system is solving for people.
But I understand that Ethereum is about distributed computing, not transactions, so the calculus may be different. The point being to replace AWS, not Western Union.
I'm personally not sold on why a distributed trust algorithm would be superior to trusting AWS or Azure, given that those services can give you a refund for errors, are subject to the legal system, have a brand reputation to maintain, and so on.
I guess I don't understand how proof of stake uses trust while proof of work doesn't. They seem very similar to me. I could argue that with Bitcoin you have to trust all of these large pools that are constantly flirting with 50% of the hashing power.
With PoW, we trust that the mining algorithm is going to take X amount of time given Y amount of computation. That arguably removes trust from people and puts it in the properties of tech.
PoS argues that PoW is just a proxy indicator of stake, where the stake is computing resources that are committed to mining. With PoS, rather than reifying your resources into CPUs that churn wastefully, we reify the resources into in-ledger coins which are held in escrow. Block-writers are selected randomly from a pool of miners which are weighted by the amount of stake in escrow. If the miner violates the protocol, they lose their escrowed stake.
So PoS moves from "trust in algorithm runtime on modern hardware" to "trust in economic game theory," I figure.
I wouldn't call Bitcoin's POW as "trust in algorithm runtime on modern hardware".
Just think about it. The algorithm can be changed by anybody. What does prevent the miners from changing the source code to allow them double spending or even extra coins?
But if they do that and don't have a significant hashrate that do the same, they are on a blockchain fork that is worthless to anybody else.
So we trust in the economic game theory that miners don't tamper with the code.
> Just think about it. The algorithm can be changed by anybody.
It can. But the key point is if you change the algorithm by say reducing the number of hashes required (so you increase your chance of winning) it can be detected by just inspecting the block. You don't need access to the code, or be able to watch it running, or trust some hardware, or the person running it, or anything else beyond inspecting the output block and trusting calculating the hash is as hard as it appears. The easy of doing that check that is ultimately what keeps the system safe. Everybody can trivially determine you've cheated, so everybody knows you've behaved in a way that helps you and hurts them, so everybody rejects your block. I guess you could call it game theory, but it is a drop simple game that is easy to analyse and see it gets the desired end result - your bitcoins trade has been immutably recorded in the block chain.
I don't understand how PoS stake works, but the parents description ("reify the resources into in-ledger coins ... block-writers are selected randomly ... weighted by the amount of stake in escrow") makes it sound much more complex. So complex that I wonder if it can be verified by just taking a quick peek at the output block it produced. If it can't, and it's something that relies on trusting code, people or hardware, and within that complexity may well lie a hidden flaw that leads to everyone realising they lost control of their Ethereum days or weeks after it happened. The importance of days or weeks is it's already been cashed out before you realised what was happening.
But I guess that's all wild speculation, and I should look at the algorithm.
You have to differentiate between consensus rules and how the blockchain is secured.
Verifying if the consensus rules hold is equally simple in both POS and POW. But with Bitcoin's POW, the hashrate is part of the consensus rules by requiring the hash of the output block having a certain property which can only be attained in a timely manner with enough processing power and luck (in that sense, also in POW a block proposer is chosen "randomly").
With POS, you don't have the hashrate. But you have the stake which (in Ethereum's POS) is lost if you try to vote for more than one possible new block for the chain. Which is a direct economic incentive to behave correctly.
You could have 99% of the Bitcoin hashrate and start mining blocks that give you double the reward, but every other miner and node on the network would just ignore you because you aren't following the rules.
That is a good point. Although, in principle Proof of Stake could use any number of algorithms, and thus the trust could be based on something other than who has the most resources. In general for distributed systems, trusting based on reputation is a common idea. "Circles of trust" was how the original Ripple concept was explained.
The important question is not which of these ideas is better than each other, but which is better than existing infrastructure.
Since the original bitcoin concept was solving the byzantine generals problem, the entire point of all the cryptographic work was to be trustless.
If you are cool with trust, you can have reversibility, lost password retrieval, anti-money laundering checks, and all the other features of the existing financial system.
It would be a carbon copy of that, of course, which would raise the question of what problem this system is solving for people.
But I understand that Ethereum is about distributed computing, not transactions, so the calculus may be different. The point being to replace AWS, not Western Union.
I'm personally not sold on why a distributed trust algorithm would be superior to trusting AWS or Azure, given that those services can give you a refund for errors, are subject to the legal system, have a brand reputation to maintain, and so on.