In the Nothing-at-Stake chapter of Pillow’s Peercoin Myths he tries to bust the myth with some arguments.
But as I understand it, this post tells us, that there is indeed a problem, as
it doesn’t cost anything to mint an orphaned block, since the coin-age is consumed only in one branch but not in the others.
which in the end
leads to a destabilization of the blockchain, and users will have to wait for a larger number of confirmations before assuming that a transaction is irreversible.
One of the arguments against this attack is, that in the worst case the value or exchange rate would collapse, and that no owner of a considerable amount of Peercoins would risk this. But what if this bad owner hedges against the price collapse?
I am still not fully understanding the details described in the aforementioned post, but it seems that the problem exists, and that a solution was found. As this problem is often mentioned by opponents of Peercoin (it makes them afraid), I think we should consider implementing RFC0002.
Especially because this is one of the main arguments of opponents against Peercoin:
Implementing RFC0002 would be a solution for increasing the overall trust in Peercoin (and in PoS systems generally —if they have implemented this idea).
As the RFC states, a draw back could be that a hard fork would be required. The question is: Has anybody any problems with this RFC? Is there a debate about it? Because if not, I don’t see any problems with an unanimous decision of doing a hard fork.
Generally the N@S argument assumes that all minters are purely profit driven and so will willingly risk large chain reorgs in return for a slight mint reward advantage (very slight because it is only in regards to compounding interest due to accumulating coin days). I dont consider this an issue because it incorrectly assigns a value of “nothing” to the risk of someone losing the value of their entire stake due toa price crash.
The other version involves spending an amount larger than your stake against an exchange then reorging the 6 confirmations in an attack that is synonymous with a stake grind. N@S doesnt help much with this attack since the stake modifier is chosen deep within the merkel root.
How about in the the case of hedging (nothing), or even betting on a crash due to demonstrating a successful attack (less than nothing) which OP is alluding too? Today it may not be a valid issue but say the market cap is 10-50x bigger than it is now and mature (bitcoin level) financial instruments were available such as futures? Certainly drives up the motivation ?
Unless everyone hedges at the same time, it’s not an issue. The idea is that uncoordinated actors wont mint on multiple chains. Its only a problem if the majority is doing it, which would presume the majority is hedging at the same time to demonstrate an attack. This is an unlikely scenario.
Besides, if you’re coordinating the majority mint power for an attack you’d have more success doing a massive double spend or something similar.
My last question wasn’t answered: Is the RFC useless or should we implement it, to make the coin safer? Are there further reasons against the RFC?
One argument against it: It would change the protocol. But a big argument pro Peercoin is, that it has survived five years, i.e. the protocol was resistant to failure for a long time, which could imply that it has very few if not no bugs at all.
The RFC is far from useless, it is a precursor to cold-minting as well as making txns more similar to bitcoin’s. We’ve been discussing RFC 0002-0004 for a little while and will likely go ahead with them if no exploits or bugs are found. Just because Peercoin has been successful does not mean it can not be improved. The last peermeeting with lead developers like SunnyKing and Sigmike included discussions about implementing these RFCs and we will likely focus on them more after v0.6.
Very glad to hear that there’s followup to implementing some of the RFC’s. I think active development will only help bring attention to Peercoin and help separate it from other longstanding coins.