[edit2]
adjusted title from “Peercoin’s security is based on PoS solely and not PoW as well?” to “Should adding PoW to Peercoin’s security concept be considered?”
Disclaimer:
This post is biased as all are, because we are all subjects and hence perceive the world subjectively.
I truly believe in the beauty of PoS. It addresses problems that PoW networks may suffer from. It creates economical incentives for those who are invested in such a concept to keep it safe. I think it was a great invention by QuantumMechanic and a mastermind implementation by Sunny King.
Peercoin is doing great, has never suffered from serious attacks, has a growing community, is soundly developed and even slashers admit that it is practically very secure. The combination of PoS and the next line of defense in the form of checkpointing would most likely render any attack useless.
Nevertheless I think it should always be allowed to discuss room for improvement.
As I got aware of the fact (and the initial post is in terms of this disclaimer a little bit outdated…) that PoW is currently not being used as part of Peercoin’s security concept, I thought it might be worth being discussed.
The intention is not to say “we need this, or Peercoin will fail”. It’s far from that.
Peercoin is in so many ways great and I expect it to prosper anyway.
But I like the approach of Primecoin to make “dual use” of the PoW - for both securing the block chain and generating information that might be useful.
So I developed the idea of making “dual use” of Peercoin’s PoW - for both coin distribution and securing the block chain.
I once was in favor for phasing out PoW as that would ultimately make Peercoin energy efficient and I still am in favor for that.
But as we already have PoW, we might consider making more use of it as we currently do.
This is why I’d like to gather thoughts regarding benefits and drawbacks of such an approach.
[/edit2]
I got involved into a discussion with “killerstorm” on reddit: http://www.reddit.com/r/Bitcoin/comments/22aw8c/most_altcoins_are_not_secure_enough_they_exist/cgl76p5
By killerstorm’s assessment Peercoins block chain security is based solely on PoS whereas the PoW process is only for coin distribution.
[edit]He takes the checkpointig into consideration as well.
Quote from one of his reddit posts:“Also, there is centralized checkpointing, perhaps it can prevent an attack.”
But regarding the hybrid model the security comes only from the PoS process.
[/edit]
I though that were different. Due to lacking coding skills I can’t really follow that assessment. And I’m far from being able to disprove it.
If it were true, that’d put Peercoin in a worse position than it had with PoW securing the block chain as well (as PoS does that).
I consider it a huge security drawback if this accusation is valid and would recommend a discussion on the drawbacks/benefits from changing the current security model.
I’m not sure if the same person is behind the “killerstorm” account on reddit and bitcointalk. But I assume it. The killerstorm on bitcointalk is well-informed (as the killerstorm on reddit appears to be) and involved in cryptos (and especially the security/economical aspects) for a long time.
Killerstorm was involved in discussions like this https://bitcointalk.org/index.php?topic=102342.0;all that helped improving Peercoin’s security in its early days.
So I honor his assessment quite a bit.
And I take it serious.
Killercoinstorm can be harsh - like in one of his posts here: https://bitcointalk.org/index.php?topic=101954.0;all (which is another interesting thread, btw.) - but I consider him smart and well-informed.
It would be great if someone could find in Peercoin’s source code how the security model really works.
The current status quo is:
http://www.reddit.com/r/Bitcoin/comments/22aw8c/most_altcoins_are_not_secure_enough_they_exist/cglcoxm
Q: Does the chain selection not involve chain length? A: No, it doesn't. Chain with biggest "ChainTrust" wins, ChainTrust is sum of BlockTrust of all blocks in the chain, BlockTrust is computed like this: [code] return (IsProofOfStake()? (CBigNum(1)<<256) / (bnTarget+1) : 1); [/code] That is, weight of PoW blocks in negligible, while weight of PoS blocks depends on PoS difficulty. (i.e. chain which was more difficult to mine wins. Just like in case with Bitcoin.)
The sorce code where this code section is from can be found here: https://github.com/ppcoin/ppcoin/blob/master/src/main.h#L1269
CBigNum is used in several other source files.