Should adding PoW to Peercoin's security concept be considered?

Take a look at this thread of Yacoin, a fork of Novacoin which is a fork of Peercoin http://forum.yacoin.org/index.php?topic=473.0
POS block had been orphaning POW blocks of zccoing (fork of Yac, a great grandchild of Peercoin ::slight_smile: ) and after a while Yacoin had to change its protocol so that no consecutive POS blocks are allowed. I am not sure exactly how the POS of YAC is different from that of Peercoin. I guess just the differences of network size could make different coins facing different mortal probles.
It is interesting to observe different POS coins are facing different challenges, then adapting and evolving. The diversity of POS coin ecosystem make POS collectively more robust.

In the reddit thread killerstorm said:

The superiority of a hybrid PoW/PoS was mentioned pretty much right after PPCoin was announced, but Sunny King said that it's against his stated goal of energy efficiency.

So I guess if you want to give PoW more weight you’d have to fork Peercoin and create a new coin.

I don’t want to interfere with that goal. I like that goal. But this goal is not yet reached. We are still on the way to this goal. There is PoW. There is waste/use of energy for the PoW process. All I think about is to make use of the PoW on the way to that goal, use that is beyond generating coins.
Am I the only one who finds it interesting to make “dual use” of the PoW process on the way to the goal?

With roughly 100 TH/s (fluctuating, but currently in that order of magnitude) and assuming only energy efficient mining hardware that consumes 1 W/GH/s this PoW process uses 2400 kWh per day. This is more like the minimum energy consumption as I don’t expect all minining hardware in the PoW process that energy efficient.

100 TH/s = 100.000 GH/s
1 W/GH/s * 100.000 GH/s = 100.000 W = 100 kW
100 kw * 24 h = 2400 kWh

So the PoW process currently uses per day at least as much energy as 2 person household per year (for sure depending on their habits…).
All that is done by that is to get new Peercoins.
Know what? If you use the same amount of hashing power to mine Bitcoins, you can exchange them for almost the same amount of Peercoins you can mine directly.
I did a calculation 2 weeks ago: http://www.peercointalk.org/index.php?topic=2533.msg21404#msg21404
The numbers might not be 100% accurate and have changed meanwhile. With 1 TH/s you should receive approximately 20 PPC per day.

d7 pool total (with 47 TH/s):
24 h/day / 2.5 h/block = 9.6 block/day
9.6 block/day * 99 PPC/block = 950 PPC/day

the share for 1 TH/s (ignoring the fees):
950 PPC/day / 47 = 20 PPC.

Calculate the same with a bitcoin profit calculator or do the math on your own. Currently 1TH/s gives you a daily reward of 0.0822 BTC when mining Bitcoin.
These 0.0822 BTC can be exchaged at e.g. btc-e with a current exchange rate of 0.00406 BTC/PPC to 19.75 PPC (0.822 BTC / 0.00406 BTC/PPC).
So currently there is not really an economical incentive to mine PPC if you can get the same order of magnitude Peercoins by mining Bitcoin and exchanging those.
It is for sure easier to directly mine Peercoins if you want to have them.
Although there is no strong incentive for PoW mining Peercoins people do it.

All I say is: let’s use that. Let’s make more out of the PoW than new Peercoins :wink:

I don’t want to become dependent on PoW in terms of security aspects. I don’t want to create a strong security incentive to mine in the PoW process (which would make it hard to phase PoW out). I want to have PoW for security as side product that is insignificant enough to be pruned but significant enough to help defending against PoS attacks.

As I still see it, Peercoin’s (already high level) security can be enhanced by utilizing PoW for security reasons if deliberately implemented.

I don’t know enough about the security aspect to comment on that, but could one reason be that Sunny is planning on phasing out PoW faster than previously thought? In the recent chat he said:

Sunny King: iheart, the pos incentive structure is under review

Sunny King: there could be a proposal to enhance the incentive with minimal change to inflation model

If the PoS reward is raised, then to maintain the inflation model would it make sense that the PoW part be phased out slightly?

Maybe I’m just reading into things but if that is the case it might explain why he doesn’t want to add PoW to the security, as he wants to phase it out as soon as possible for economic reasons.

Ok, so I looked again at the recent chat. Sunny said these things: “mixing pow in security model weakens the pos security and waste energy” “with ppc you can’t take over the network immediately even if you have 99% mining power” “if you mix then you can” It seems to me that Sunny is looking at it like if you also added PoW to the security model, you would only need to attack one or the other, PoW or PoS in order to successfully take over the network. What I think you’re saying though is something else, that it wouldn’t be one or the other, you would need to attack both PoW and PoS simultaneously in order to successfully take over the network. It’s not one or the other, but both simultaneously, correct? This would give Peercoin a double layer of protection.

I also think you understand that PoW is going to reduce in size over time until it’s barely nothing while PoS becomes a greater part of the network over time. You’re not saying that you want PoW to stick around forever in order to provide this extra security, because you know that PoW ultimately wastes energy. All you’re saying is that while PoW is still a large part of Peercoin, it should be used as an extra protection layer against attacks on the network, correct?

I’m not sure if Sunny misunderstood you or not, but my opinion is that while it sounds great for PoW to provide an extra layer of security while it’s still around, I don’t think it’s really necessary, the reason being that it’s going to eventually be phased out over time anyway. Is there really any point in doing all that coding work and changing things in order to create this extra layer of security that is only going to be around temporarily while PoW is still a large part of the network? The entire network is eventually going to have to rely solely on PoS, so I think it would be better to make sure PoS is properly tested and protects the network by itself right now rather than in the future once PoW gets phased out. If PoS can’t handle security by itself, we wouldn’t know it until the PoW security layer wore off in the future, which could prove disastrous for everyone involved. I think it’s safer to continue on as we are and make sure PoS is properly tested by keeping it as the sole security layer.

I am interested to hear Master of Disaster response

I imagine the issue in the following terms:

There is a security building with a 100 doors that an attacker needs to get through: 99 of the doors require their own, individual, metal key - this is POS, it represents 99% of the security doors. Every key is different - a strong defence

One door, perhaps the final one, has a combination lock - this is POW, reduced over time to one door, 1% of the security

The importance of the POW is not that it represents another door, but that it represents a different type of lock. This causes the attacker to need two sets of skills, one for key locks, another for combination locks. Thus, minority POW punches above its weight in terms of the extra defence it can offer

Is this analogy accurate? I am not technically competent to say. But, if it is accurate, it represents a case for keeping (or inserting) a POW element

First I want to thank you for joining the discussion. I was afraid that I would sound like I was trying to foul our own nest and that’s why nobody was interested in what I consider debatable.

@Sentinelrv you understood my intention. What sums it up is:

[quote=“Sentinelrv, post:20, topic:2161”][…]
while PoW is still a large part of Peercoin, it should be used as an extra protection layer against attacks on the network, correct?
[…][/quote]
But with all due to respect, allow me to put a small part into question. I’ll come back to that later.

@RobertLloyd
your “lock analogy” is quite well created to illustrate what I was talking about.

Not very long ago I thought that PoW would be a part of Peercoin’s security model. “killerstorm” made me aware of that mistake, although I didn’t believe it right away. “sigmike” confirmed that mistake.
Now that I know that PoW is no part of the security concept, all I’m asking is: if there is PoW, why not make use of it for more than just coin creation?

Just like I said:

[quote=“masterOfDisaster, post:18, topic:2161”][…]
I don’t want to become dependent on PoW in terms of security aspects. I don’t want to create a strong security incentive to mine in the PoW process (which would make it hard to phase PoW out). I want to have PoW for security as side product that is insignificant enough to be pruned but significant enough to help defending against PoS attacks.

As I still see it, Peercoin’s (already high level) security can be enhanced by utilizing PoW for security reasons if deliberately implemented.[/quote]

There are attack vectors for PoS as well as there are for PoW. If you do it right, you can create a security hybrid model that mitigates all “single process” (PoS/PoW process) attack vectors.

I like your security building, but allow me to change it a little bit.

We have 100 doors. And we currently have one type of locks (PoS) at each door. If one knows how to pick those locks, it gets dangerous for all that rely on those locks. The locks on each door get more and better over time (as more and more PoS minters - or to be precisely: Peercoins - join the PoS process).
But still if one tries long and hard enough that might lead to success.

If you introduce a completely different type of lock (PoW) that requires a completely different set of lockpicking utilities (sufficient PoW hash rate) and fortify each door with that type of lock, an attacker needs two sets of utilities.

You don’t have a small percentage of doors secured by that new lock. Instead you have small percentage of locks per door of that new type.

Each set of utilies costs some money.
Tell me - which security building would you rather raid: that with one type of locks or that with two types?

…finally there will be so many PoS locks that you don’t want to afford the number of PoS lockpicking utilites (assuming you can parallelize the lockpicking) to be successful in a timely manner. This should at least be true if the raider has economical interests.
If the costs are higher than the gain, the lockpicker will rather sooner than later go bankrupt :slight_smile:
This might not prevent from a purely evil attacker without economical interests. But even for him it did get ultimately expensive to pick tons of locks in a timely manner.

Now let me get back to that part for which I take the liberty of questioning:

[quote=“Sentinelrv, post:20, topic:2161”][…]
The entire network is eventually going to have to rely solely on PoS, so I think it would be better to make sure PoS is properly tested and protects the network by itself right now rather than in the future once PoW gets phased out. If PoS can’t handle security by itself, we wouldn’t know it until the PoW security layer wore off in the future, which could prove disastrous for everyone involved. I think it’s safer to continue on as we are and make sure PoS is properly tested by keeping it as the sole security layer.[/quote]
It is eventually going to have to rely solely on PoS. But it is expected that it can’t do that yet.
That’s why we have some defense of last resort: the checkpointing.
I hope and think that it works (technically) in case it is needed.
But I don’t want to find out the implications (psychologically/economically).
I doubt that using the checkpoint feature won’t have a large impact.
I think it could be desastrous to need the checkpointing - maybe not as bad as without it, but worse than not being needed…
I don’t want to see that feature being needed.
That’s why I want to discuss about making use of PoW for security while we still have it.
PoS will have to handle security itself one day. Let’s make the way to there a bit more secure. I want to see that day!

Another reason is that many people think (or should I say: believe?) that PoW secures Peercion as well. I was one of them until not so long ago. I liked that idea. I understood why this is clever on the way to a sound PoS process.
We need more Peercoins in the PoS process to call it sound. We need better software, easier and more secure minting. We need to go some way!
I, for one, would feel better if I had a bit more security on that way.
I don’t want PoW as important part of the security concept; just a little more than 0 - more like a second to last resort :wink:

Either one explains, why it is impossible to effectively enhance the security by adding PoW to the security concept, or I keep asking how it can be done :wink:

That’s what I said in my 3rd paragraph above. I haven’t had time to read MoD’s recent post yet though.

I don’t know the code, so someone may have to help me here - but I have a question…

If you incorporate both PoW and PoS as methods of security how is the CURRENT system supporting Solves from the PoS side and solves from the PoW side? Which block is getting the trust/validation as a solved block? Which one advances the blockchain? I’m confused as to how this sytem would work. It almost seems to me that it would be a competitive security system based on biggest brute force.

I may be blowing steam out my barn doors, but once you clear this question up I’ll understand better.

What I understood from Sunny comment is that you would not add a security layer. You’d just add other doors with direct access to the network.

So an attacker would not need the two set of lockpicking utilities. He may still need just one.

So you’d just give new options to attackers.

If there’s a significant weight for PoW blocks you give the ability for someone to have enough hash rate to overtake the weight of PoS. That’s a new risk, not a new security.

Sorry for another extended post. I’ve put a TL;DR section on the end for those who want to follow, but don’t want to get in.

The current situation is:

[quote=“sigmike, post:4, topic:2161”][…]
Indeed, the weight of a PoS block is about 40 billion at current difficulty, whereas the weight of a PoW block is 1.
So if someone wants to push an alternative chain, he doesn’t need to care about PoW.[/quote]
So currently the PoW BlockTrust is negligible. It can’t help defending against PoS attacks.

[quote=“sigmike, post:25, topic:2161”][…]
What I understood from Sunny comment is that you would not add a security layer. You’d just add other doors with direct access to the network.

So an attacker would not need the two set of lockpicking utilities. He may still need just one.

So you’d just give new options to attackers.

If there’s a significant weight for PoW blocks you give the ability for someone to have enough hash rate to overtake the weight of PoS. That’s a new risk, not a new security.[/quote]

Do we agree that the PoS process can be attacked by one with sufficient Peercoins on a random, but partly forseeable base?
Or is there something flawed with killerstorm’s assessment?
Don’t get me wrong on this. I’m convinced that the concept of PoS is very secure. I took part in several discussions and did some calculations.
Even killerstorm that can for sure be called critic or even slasher of Peercoin states “there is centralized checkpointing, perhaps it can prevent an attack. (?) Version 0.3 made attacks much harder to implement. PPCoin is theoretically unsound, but in practice it is pretty secure.”.
I believe that PoS is conceptually more secure than PoW. But why is it a bad idea to make it even more secure?
Don’t we have checkpointing for exactly that reason?

Currently we have practically no security weight for the PoW blocks. PoS attackers forging hiddenly fraudulent chains can’t be stopped by anything else than the PoS process (ok, and the checkpointing). And as we still have not too many Peercoins in the PoS process (although the number seems to be increasing), I think of ways to help Peercoin, as I want Peercoin to succeed. One way for sure is to convince people of PoS minting and I’m assisting them the best I can. I trust the concept of PoS. Yet I think it is not as secure as it some day will be. I want Peercoin to get safe to that day.
If the PoS attack vector could be mitigated by giving PoW blocks BlockTrust without creating a new attack vector (that allows “PoW only” attacks) that didn’t sound to bad.
For sure that requires an algorithm that needs to be developed (to make sure this effectively is an enhancement and no additional risk). But I think we’re currently still more in the phase where we try to find out if that can work in general.
Just like:

[quote=“masterOfDisaster, post:18, topic:2161”][…]
I want to have PoW for security as side product that is insignificant enough to be pruned but significant enough to help defending against PoS attacks.
[…][/quote]
Does that sound like a bad concept?

Taking into consideration that the PoW difficulty is adjusted after each block:

[quote=“sigmike, post:11, topic:2161”][quote=“masterOfDisaster, post:10, topic:2161”]How fast is the PoW difficulty adjusted?
Will you see a “flood” of PoW blocks in case of a quickly rising PoW hash rate?[/quote]

It’s adjusted after every block: https://github.com/ppcoin/ppcoin/blob/master/src/main.cpp#L916
So indeed, a quick rise of PoW should rise the difficulty immediately.[/quote]
it will be hard for attackers to overpower the honest PoW miners, although I see implications for calculating the BlockTrust of PoW blocks. An attacker with much more than the hashing power of the honest PoW process would drive the difficulty in the “attacking PoW process” quickly up, but not the frequency of the PoW blocks as much due to the quick adjustment of difficulty. As I stated in an earlier post, PoW difficulty would be a horrible base to derive trust from, because this way you could effectively overpower the trust of the honest chain by using lots of PoW hashing power.
I still think this is too much detail for now, but am willing to dig deeper if wanted, or create more scenarios.

TL;DR
currently there’s no PoW required to attack Peercoin as PoW only generates coins.
Even if you gave PoW blocks a BlockTrust of, let’s say 20% of the preceding PoS block (and 1 if the preceding block is PoW), how could that weaken the security? In that case you need in addition to Peercoins for the PoS process, hash rate for the PoW process as well, to attack Peercoin.
If the chain that is forged by the attacker has more ChainTrust, it wins anyway (with or without BlockTrust for PoW blocks). How does giving PoW blocks some trust make that worse?

As many of us, I’m just coming to terms of the new reality that PoW doesn’t contribute to the security of the network, but is only useful for the distribution of coins.

Based on this I would conclude that even without the PoW security the network haven’t been attacked and as far as I know, we never had to rely on checkpointing. The network is already strengthening by the day with the increased PoS minting. We do have the ultimate backup, but probably more used as a threat, to resist an already unlikely PoS attack.

So are we not trying to find a problem for a solution? Or maybe a feel good for all those Peercoin miners? And yes, PoW can be used for security. But in a network where the importance of PoW diminishes it wouldn’t make sense to use PoW. If and I say if we would want even higher security I would invest my time into something which can keep or increase security over time.

Just my thoughts.

My apologies, I guess I just needed my own wording to grasp this. Writing this down helped me to understand it 8)

[quote=“Cybnate, post:27, topic:2161”]As many of us, I’m just coming to terms of the new reality that PoW doesn’t contribute to the security of the network, but is only useful for the distribution of coins.

Based on this I would conclude that even without the PoW security the network haven’t been attacked and as far as I know, we never had to rely on checkpointing. The network is already strengthening by the day with the increased PoS minting. We do have the ultimate backup, but probably more used as a threat, to resist an already unlikely PoS attack.[/quote]
It is unlikely, but possible. It is unlikely to be involved in a serious car accident, too. Tell me, imagining a car accident, would you prefer the more or less safe car to be involved in such an accident? Is a safety belt enough, or would air bags be nice?
We do have the ultimate backup. But do we know what happens in case it is used?

[quote=“Cybnate, post:27, topic:2161”]So are we not trying to find a problem for a solution? Or maybe a feel good for all those Peercoin miners? And yes, PoW can be used for security. But in a network where the importance of PoW diminishes it wouldn’t make sense to use PoW. If and I say if we would want even higher security I would invest my time into something which can keep or increase security over time.

Just my thoughts.[/quote]

There is a problem. The problem is: there is no absolute security, only relative. I want this relative security as high as possible; not at all cost, for sure.
But I still imagine more security for no or low cost and I haven’t read anything that disproves this idea.
Maybe I’m too dumb to understand it. Then I beg you to explain it patiently.

One more question, if I may ask…
how exactly you currently see a diminishing of PoW? The PoW hash rate is going up and up ever since Peercoin has started. For sure the number of coins per PoW block decreases as a result of the rising hash rate and hence the rising difficulty, which limits the economically reasonable hash rate in relation to a given Peercoin price. But I don’t recognize PoW as really diminishing anytime soon. In fact the hash rate will increase in case the Peercoin price rises. Do we expect Peercoin to stay at the current price level?
I can’t foresee the future, but I have an assumption regarding the price.
So there might be years to come with PoW playing a role for Peercoin.

Ok, I think we are down to opinions. How secure is secure? How much more do we invest to heighten it further? I don’t have the answer to that. I think it’s better to invest in infrastructure, e.g. nodes and more minters to increase the security.

Regarding diminishing PoW, you answered your own question already. It depends and maybe you are right about the years to come, but in the long term it will be diminishing as I understand the network is designed to do that.

That part is understood. I have currently 2 VPS running (currently with 62 and 42 connections). And I have a RPI PoS minter.
And I try to explain to others why whis is important for those who want to keep Peercoin’s network stable.
But that doesn’t keep my from trying to find out how the concept can be improved as well.
Currently Peercoin is secured by PoS and (as a defense of last resort) by checkpoints.
It is not only about opinions. It is about conceptually inspecting Peercoin.
And although I have not backed it up by numbers (in fact these are not really available for PoS as well) I think I have conceptually explained why there’s a chance to enhance Peercoin’s overall security by utilizing PoW (while it is still here) as well.

I only see a diminishing of the coinbase reward per PoW block.
But I see a steep rise in the PoW hash rate the more valuable Peercoin gets.
Phasing out is neither announced not intrinsic in the protocol as far as I understand it (or is there a block number x after which PoW is changed or even forbidden?)
And the more hash rate in the PoW proces means more energy consumption, which currently is mainly wasted.

Hey guys,

First of all, sticking with the thread: It is my opinion that PoS should be the only mechanism used for of network security for PPC. Sunny believes this, and admittedly that is the main reason I do too.

And the reason I’m here: I’ve been trying to research an answer to this thread:

The theoretical attack is done by splitting a large number of coins into a bunch of addresses with 1 PPC each, using these to generate a side chain and then forking the network to double spend coin. My initial reaction was that the attacker can create a longer chain, but not a chain with more “trust”.

From the PPC White paper:

The protocol for determining which competing block chain wins as main chain has been switched over to use consumed coin age. Here every transaction in a block contributes its consumed coin age to the score of the block. The block chain with highest total consumed coin age is chosen as main chain.

But after reviewing the relevant code (as sigmike was so nice to reference):

This function is run when your client has validated a block it received and is going to save it: https://github.com/ppcoin/ppcoin/blob/master/src/main.cpp#L1748 Inside this function you calculate the total trust of this block (total trust of previous block + trust of this new block): https://github.com/ppcoin/ppcoin/blob/master/src/main.cpp#L1769 And you check whether this total trust is better than the current best total trust: https://github.com/ppcoin/ppcoin/blob/master/src/main.cpp#L1808

…I see no reference to the coin age consumed, only the difficulty of the block, just like bitcoin, which makes me think the attack could be a possibility. (There would still be other factors to figure in, as mentioned in the thread)

Can someone verify or set me straight that the trust calculation code does not back Sunny’s claim in the whitepaper about the main chain being based on the chain with the most consumed coin age?

https://github.com/ppcoin/ppcoin/blob/master/src/main.cpp#L1769:

// ppcoin: compute chain trust score
    pindexNew->bnChainTrust = (pindexNew->pprev ? pindexNew->pprev->bnChainTrust : 0) + pindexNew->GetBlockTrust();

This sets the current block’s chaintrust to the previous one plus the current one as calculated in GetBlockTrust()

https://github.com/ppcoin/ppcoin/blob/master/src/main.h#L1269

CBigNum GetBlockTrust() const
    {
        CBigNum bnTarget;
        bnTarget.SetCompact(nBits);
        if (bnTarget <= 0)
            return 0;
        return (IsProofOfStake()? (CBigNum(1)<<256) / (bnTarget+1) : 1);
    }

I get confused here, but I see that the only value used for the PoS block “trust” is nBits. nBits is the difficulty target calculated using GetNextTargetRequired when a new block is created at https://github.com/ppcoin/ppcoin/blob/master/src/main.cpp#L902. From what I can tell none of this has anything to do with coin age.

unsigned int static GetNextTargetRequired(const CBlockIndex* pindexLast, bool fProofOfStake)
{
    if (pindexLast == NULL)
        return bnProofOfWorkLimit.GetCompact(); // genesis block

    const CBlockIndex* pindexPrev = GetLastBlockIndex(pindexLast, fProofOfStake);
    if (pindexPrev->pprev == NULL)
        return bnInitialHashTarget.GetCompact(); // first block
    const CBlockIndex* pindexPrevPrev = GetLastBlockIndex(pindexPrev->pprev, fProofOfStake);
    if (pindexPrevPrev->pprev == NULL)
        return bnInitialHashTarget.GetCompact(); // second block

    int64 nActualSpacing = pindexPrev->GetBlockTime() - pindexPrevPrev->GetBlockTime();

    // ppcoin: target change every block
    // ppcoin: retarget with exponential moving toward target spacing
    CBigNum bnNew;
    bnNew.SetCompact(pindexPrev->nBits);
    int64 nTargetSpacing = fProofOfStake? STAKE_TARGET_SPACING : min(nTargetSpacingWorkMax, (int64) STAKE_TARGET_SPACING * (1 + pindexLast->nHeight - pindexPrev->nHeight));
    int64 nInterval = nTargetTimespan / nTargetSpacing;
    bnNew *= ((nInterval - 1) * nTargetSpacing + nActualSpacing + nActualSpacing);
    bnNew /= ((nInterval + 1) * nTargetSpacing);

    if (bnNew > bnProofOfWorkLimit)
        bnNew = bnProofOfWorkLimit;

    return bnNew.GetCompact();
}

[quote=“onthefrynge, post:32, topic:2161”]Hey guys,

First of all, sticking with the thread: It is my opinion that PoS should be the only mechanism used for of network security for PPC. Sunny believes this, and admittedly that is the main reason I do too.

And the reason I’m here: I’ve been trying to research an answer to this thread:

https://bitcointalk.org/index.php?topic=604716.0

The theoretical attack is done by splitting a large number of coins into a bunch of addresses with 1 PPC each, using these to generate a side chain and then forking the network to double spend coin. My initial reaction was that the attacker can create a longer chain, but not a chain with more “trust”.
[…][/quote]

Thank you for joining the discussion. Don’t get me wrong. I think Sunny King did a great job creating Peercoin. It has shown in the past one and a half years that it is soundly created and that the initial flaws (v 0.1) have been successfully addressed. But I don’t think it should stop from thinking about it and striving for improvements if they are possible.

So I don’t understand why you want to avoid the discussion regarding PoW as security concept for Peercoin if it could clearly help defend against the attack you mentioned (supposed that really is an attack vector what I still doubt but what I think is worth discussing about).
With PoW as part of the security concept an attacker did not only need to attack the PoS process but the PoW process as well.
Wouldn’t that seem better in terms of security?

At least I’d lke to know why you’d like to stick to PoS as the only mechanism for network security. Like I said before: I honor Sunny Kings work and think it is in its way as ingenious as Satoshis was when he/she/they created Bitcoin. But just like Bitcoin was not perfect Peercoin might not be perfect as well.

Improvement needs no blind following but discussion.

That’s why I won’t respect the argument “Sunny believes this” for PoS as solely security mechanism.
Why do you think it is not considerable to include PoW in the security mechanism?

If the security in Peercoin works the way it is spelled out in whitepaper, then I see no need to introduce PoW into the security model.

In every way (except when determining the main chain), vulnerabilities in Peercoin are the same as those Bitcoin. Bitcoin has matured thus far with no fatal blows, so when it comes to code updates that are not related to how the main chain is selected, these will me merged into Peercoin. If it could be proven that the vulnerabilities in PoW were greater than or the same as in PoS, then it could be said logically that Peercoin is more secure than Bitcoin, simply due to the price of obtaining stake versus hashing power. Since PoS does have its own unique attack vectors, those should be the focus of any improvement on the security model, not adding complexity for the sake of attempting to cover up potential flaws in PoS. Additionally, if an attacker can afford to swoop up enough PPC to execute a double-spend, then they can certainly afford the hashing power to control both at once.

Currently I am aware of two problems that are PoS specific, I’m sure there are a lot more.
-“Nothing at stake”: No incentive to not mint on multiple chains. This (for me anyway) been put to rest through duplicate stake protocol and consumption of coin age.
-“Split Stake”: using lots of 1 PPC stakes to increase chances of finding a block without consuming coin age. This would not be a problem if the main chain was chosen by coin age consumed…but as I wrote in my previous post, the code does not appear to function as laid out in the whitepaper. I would appreciate any help regarding this issue.

Indeed. It was changed in 2012 here: PPCoin: Switch main chain protocol to score with proof-of-stake diffi… · peercoin/peercoin@4bb6099 · GitHub

The reason is probably that using the coin age made it easy for a large stakeholder to accumulate coin age and generate a long trusted chain. For example they could cancel many blocks with a single one.