问题
Sorry for too long post, but I had no choise!
So the question is “can we establish a blockchain (precisely DAG) as an infrastructure of a cryptocurrency, which uses only Proof Of Stack to securing transactions?”. What are the flaws of this approach?
The scenario is like that:
I develop and release the prototype software and run the first node.
As a founder and the first member of the network, I made a to-do list of future develops of that software. The goal is improve software and strengthen its security. Also I planned to add many more features to software.
The software daily mints x amount of new coins (call it newCoins), and these new coins are distributed among shareholders as soon as they are minted.
The number of new coins is halved after a certain time, till reaching zero new coins.
As a unique member of the network, I have total shares (cal it totalShares). So all the new coins go into my wallet.
I announce the software release and invite ALL developers to join project.
The developers run software and join to network. There is no PoW, so there is no cost to join to network. Everyone can connect to network and validate the transactions or send & receive coins.
In case of double-spends attack handling, or participating in polling ONLY the shareholders can vote. The only way to get shares is to participate in software development.
Developers review the to-do list and accomplish some of those tasks, if they like and can and want to do.
After accomplish the task, developer claims her/his wage. She/he claim how many hours dedicated to that particular task. Say 5 hours.
Network members vote on the new contributor's claim. If the claim wins the polling, the new contributor becomes a new member of the network. Now new member has some shares in network. New shares are calculated based on the hours dedicated to the accomplished task. For example if a contributor dedicate 5 hours to a task, she/he will have 5 shares. So now the new total shares are totalShares+5. So in next minting, the new contributor will get ((5/totalShares) * newCoins) coins.
The new member also has the right to vote in proportion to her/his shares.
With each new contribution, the number of shares increases, but the minting coins are fix, so the dividend of treasury will decrease.
In order for the distribution of wealth to be fair, each share will be valid for the next 7 years from the issuance date. So contributors have two incentives to keep continuing to work.
The to-do list is regularly updated by network shareholders. They polls regularly to add/remove tasks to list. The first goal of tasks is developing and maintaining software itself. Shareholders can/will add other tasks as well.
The graph topology is DAG, so theoretically it will be scalable (unlike blockchains). Every block contains the hash of all its ancestors.
Since this money is community-based, so the network members make it secure. We do not need PoW at all. The 51% attack still is possible like every other blockchains (PoS, PoW, DpoS, LPoS), but the cost of the attack is very high, because it destroys the member’s "current reputation" and the “future’s income”.
In early days this new money worth nothing, but after a while we will have the “pizza day”. This new money is a social contract -like Bitcoin-, and because of its scarcity will have some value. And its value increases over time. Since we are creating a “good money” which has many good features, it will be used as a currency in daily trades.
Famous double-spend problem: So let start with CAP theorem which claims in partitioned distributed system you can not have both Availability and Consistency features together and you can have only one of them. So I prefer to choose availability in spending maturated coins, and Consistency in spending not maturated coins. Therefor I make a 12 hour settlement time for transactions. That is, all transactions are immediately recorded in blockgraph and they are absolutely irreversible. But the recipient can not spend coins before 12 hours. This 12 hours makes an powerful security for transactions and help the network’s synchronization as well. And now about double-spend problem. If a cheater actor try to spend a coin double(or multiple) time, both (or all) transactions will be rejected and all coins engaged in double-spend transactions will be seized in favor of network’s treasury. So the cheater will hurt itself. In fact after a certain percent of confirmations the cheater even can not hurt itself and the second spending transaction simply will be dropped.
This new money and its network are distributed and have no single point of failure.
adversaries can bribe or force or eliminate the key persons or major shareholders (much like shouting down some mining farms), but here the community can fork with zero cost and continue the network. Note that the coins still are valid, but network abolished some corrupted shareholders, so they still have their coins, but can not vote anymore.
At the end of the day we will have a proved “good money” and a robust software (client & wallet) to manage it.
I think this kind of PoS is as secure as PoW, since everybody knows everything. We have a DAG and at least once in a day all leaves will be merged to a single leave. So having this merged leave hash is enough to ensure about the graph’s health. To make this hash (and implicitly the DAG history) immutable, shareholders will sign this hash and the hash of signatures can be registered in Bitcoin’s block (although in my opinion it is not too necessary). Is it right? Is there any flaws?
In my opinion Satoshi used PoW as a mechanism to distributing coins in a loosely random and fairly way, despite the other functionalities of Pow (such as securing network). Is it true?
Any comment, hint, tip, note or critique is welcomed.
来源:https://stackoverflow.com/questions/62113965/can-we-establish-a-blockchain-precisely-dag-as-an-infrastructure-of-a-cryptocu