Opinion: PoW Will Always Be Criticized for Inefficiency
The war of consensus algorithms is still raging on. While some believe that only Proof-of-Work can underpin a real cryptocurrency, others think that its time passed long ago, and now it’s time for other algorithms like Proof-of-Stake.
Whichever side you are on, it would seem obvious that no consensus algorithm is perfect in its own right. Any of them has its shortcomings that its competitors lack.
To better understand PoW and criticism directed at it, we’ve had a short conversation with Roman Oleynikov, Doctor of Engineering Sciences and research fellow at Input Output HK. Below is the transcript of what Dr. Oleynikov said.
The first issue with PoW systems is that network security has to rely on a limited physical resource. In order to maintain the blockchain, you need to have powerful computing equipment and lots of electricity.
Since this is a limited resource, an attacker who cannot afford to obtain such a resource in overwhelming volumes has no opportunity to organize an attack. The security of PoW systems is based on the fact that an attacker cannot get more physically limited resources than honest users. This approach inadvertently spawns one of the most tangible disadvantages of PoW systems: basically, PoW artificially slows the network down. In PoW, calculations by design take a certain period of time and that is necessary so that the numerous network nodes are synchronized with each other. This artificial slowdown obviously affects the network’s bandwidth. As such, this is an inefficient solution. There are much more efficient solutions available with different algorithmic structures, like, for example, DAG (Directed Acyclic Graph — forklog.media), where the problem is solved without wasting physical resources.
Another significant problem with PoW systems is power consumption. For small-scale cryptocurrencies, the costs are not so significant, but Bitcoin consumes enormous amounts of electricity. Modern-day Bitcoin power consumption is on par with certain small countries (see the stats by Digiconomist — forklog.media). The entire nation of Ethiopia consumes less electricity than the Bitcoin network. Ethiopia has 100 million people. A tremendous amount of electricity is consumed just to build a chain of blocks and ensure its safety. Surely there have to be more efficient solutions to this problem.
For the production of each block, a complex computational problem is solved. If similar equipment was used to crack the DES algorithm (Data Encryption Standard — forklog.media) used in the U.S. financial system in the 80’s and the first half of the 90’s, in just ten minutes (time needed for a single block to be mined) this hypothetical computing power could hack into tens of thousands of payments that were transferred between American banks. A really huge amount of work is being done here, on which colossal computing resources are being spent. This is necessary to maintain the safety of Bitcoin.
At the same time, there are alternative solutions related to PoS which allow using the computing power of an ordinary smartphone, while achieving a similar level of security. Research is still in progress, but at the moment there are already robust PoS systems and PoS algorithms. Among them are Ouroboros, Ouroboros Praus, Algorant, and other solutions.
Another problem associated with Nakamoto’s consensus is the so-called orphan blocks. A certain chunk of the resources that honest network members spend on finding blocks is simply lost. From the point of view of the Bitcoin consensus protocol itself, it’s a completely normal situation when different miners almost simultaneously find a new block. Thus our blockchain briefly appears to have two blocks at the same height.
These blocks are released into the network, part of the network sees one block at the same height, part of the network sees another block at the same height. Part of it is working on the extension of one version of the history of the Bitcoin blockchain, another part of the network is working on a different version. One of these groups will find the next block before the other, and all miners will switch to its version of the blockchain. But the other, now redundant block or chain of blocks will be discarded and they will become orphan blocks.
What does this lead to? This leads to the fact that some honest miners will simply waste their time and resources. At the same time, while some miners are working on the wrong chain, the blockchain has fewer computing resources and this increases the likelihood that a double-spend attack can occur.
Additional protocols are being developed to solve such problems. The first generation protocol is GOST, which allows you to switch from a linear structure to a tree structure and use consensus based on a tree structure. The next stage of development involves the use of DAG, where all blocks are included in the data structure itself and as a result, the loss of computing resources does not occur at all.
The most popular way to attack modern-day blockchain systems is a double-spend attack. To commence it, the attacker builds an alternative chain that hosts two different transactions that contradict each other, i.e. the same coins are spent on different things. As a result, when one chain processes, let’s say, a payment that has been received by an online store and the store has shipped the goods to the buyer, the attacker changes the history and replaces the transaction where the money goes to the address of an online store with a different one where the money is transferred to another wallet. As a result, the attacker can have the goods from that online store and he also receives back his money. That is how the double-spend attack works.
How is this implemented in practice? An attacker needs to have sufficient resources to build an alternative chain. If we use the non-strict definition of BFT protocols, then there is a non-zero probability that an attacker with less computing power will be able to build a longer chain in order to carry out a double-spend attack.
So first an attacker sends his payment transaction to an online store, then he builds his alternative chain, which he does not immediately make public, and then, in the alternative chain, he includes a transaction that returns money to his account. With a certain amount of luck on the part of the attacker (although the protocols minimize this probability), he might be able to build a longer chain and as a result, the honest nodes will see this longer chain and switch to it. In this chain, there will no longer exist a transaction of sending money to an online store and the attacker will end up with both his money and the goods from an online store.
How do we deal with such attacks? The success rate of this attack decreases exponentially with the number of blocks that are built in the chain. According to the generally accepted models, in order for the probability of a transaction being canceled in the Bitcoin blockchain to be less than 0.001, you need to wait for 6 blocks. So we’ll have to wait a while to make sure that our transaction will not be canceled. That’s is provided that the attacker has a minority of computing power in a PoW system. When we talk about traditional consensus algorithms with PoW, we always assume that the attacker has a minority of computing power. If the attacker somehow controls most of the computing power, then the attack will likely be successful in the absence of additional defense mechanisms.
When Satoshi Nakamoto worked on the protocol, he assumed that the network participants would work together to mine blocks and the network would work smoothly in this manner. But he apparently did not anticipate the scale of the network today where tens or perhaps hundreds of thousands are mining. What does this lead to? This leads to the fact that a person can buy the newest, most powerful mining equipment and put it to work.
Blocks are produced every 10 minutes and we have a limited number of blocks produced per day. And these blocks are evenly distributed between the participants who are engaged in mining. With this in mind, mining alone in such conditions makes absolutely no sense. Therefore, private miners in the network gather in mining pools and when one of them finds a block, the reward is evenly distributed among the participants, in proportion to the contribution of each of them.
And from here stems the problem of centralization. There are very few large mining pools and they are very large. There is this classic photo from 2015, where 7 people were photographed at the conference in Southeast Asia. These 7 people controlled large mining pools, and between them, they controlled more than 90% of the Bitcoin network’s computing power. There are serious risks of centralization for Bitcoin through the emergence of these centralized entities that allow their owners to influence the cryptocurrency itself.
There are several companies that produce mining equipment. More and more different companies are joining this process. As far as I remember, even Samsung Electronics, a leading global manufacturer, will begin to supply such equipment.
Optimization of equipment, including in terms of energy consumption, can go in several directions. It can really be via the invention of the next generation technological process, which allows you to build more energy-efficient circuits. It is also possible to use various optimization algorithms. Algorithmic optimization caused some serious issues with the activation of SegWit in Bitcoin. Fortunately, these issues have since been resolved.
Subscribe to our Newsletter<
- Base Block Podcast Host: The Further We Go, the More I Think That the Case of Bitcoin Is Not About the Technology
- Monument to Soviet Construction That Feeds Bitcoin Mining
- What Holds Real Decentralization Back
- Proof-of-Stake Future: Inevitability or Myth
- Bitcoin Halving Shifts Into Future All the Time: Will It Happen as Scheduled?
- Global Recession: What Are Risks For Bitcoin And Miners
- Will Proof-Of-Stake Go out of Fashion?
- How Miners Brace Themselves For Halving, and How It Can Impact Bitcoin