TL;DR
This paper establishes fundamental formal barriers that prevent the design of incentive-compatible Longest-Chain Proof-of-Stake protocols, highlighting key differences from Proof-of-Work systems.
Contribution
It introduces formal barriers specific to incentive compatibility in Longest-Chain Proof-of-Stake protocols, contrasting with prior work focused on adversarial corruption.
Findings
Proof-of-Stake's wasteless nature leads to unique incentive issues.
Formal barriers show impossibility of certain incentive-compatible designs.
Differences between Proof-of-Work and Proof-of-Stake are fundamental.
Abstract
The security of most existing cryptocurrencies is based on a concept called Proof-of-Work, in which users must solve a computationally hard cryptopuzzle to authorize transactions (`one unit of computation, one vote'). This leads to enormous expenditure on hardware and electricity in order to collect the rewards associated with transaction authorization. Proof-of-Stake is an alternative concept that instead selects users to authorize transactions proportional to their wealth (`one coin, one vote'). Some aspects of the two paradigms are the same. For instance, obtaining voting power in Proof-of-Stake has a monetary cost just as in Proof-of-Work: a coin cannot be freely duplicated any more easily than a unit of computation. However some aspects are fundamentally different. In particular, exactly because Proof-of-Stake is wasteless, there is no inherent resource cost to deviating (commonly…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
