Tuesday, March 17, 2020

Proof-of-Stake In Practice

At the most abstract level, the work of Eric Budish, Raphael Auer, Joshua Gans and Neil Gandal is obvious. A blockchain is secure only if the value to be gained by an attack is less than the cost of mounting it. These papers all assume that actors are "economically rational", driven by the immediate monetary bottom line, but this isn't always true in the real world. As I wrote when commenting on Gans and Gandal:
As we see with Bitcoin's Lightning Network, true members of the cryptocurrency cult are not concerned that the foregone interest on capital they devote to making the system work is vastly greater than the fees they receive for doing so. The reason is that, as David Gerard writes, they believe that "number go up". In other words, they are convinced that the finite supply of their favorite coin guarantees that its value will in the future "go to the moon", providing capital gains that vastly outweigh the foregone interest.
Follow me below the fold for a discussion of a recent attack on a Proof-of-Stake blockchain that wasn't motivated by the immediate monetary bottom line.

Steem was one of the efforts to decentralize the Web discussed in the MIT report: They pointed out that:
Right now, the distribution of SP across users in the system is very unequal -- more than 90% of SP tokens are held by less than 2% of account holders in the system. This immense disparity in voting power complicates Steemit’s narrative around democratized content curation -- it means that a very small number of users are extremely influential and that the vast majority of users’ votes are virtually inconsequential.
Now this has proven true. David Gerard reports that:
Distributed Proof-of-Stake leaves your blockchain open to takeover bids — such as when Justin Sun of TRON tried to take over the Steem blockchain, by enlisting exchanges such as Binance to pledge their holdings to his efforts.
Gerard links to Yulin's Cheng's Tron takeover? Steem community in uproar as crypto exchanges back reversal of blockchain governance soft fork, a detailed account of events. First:
On Feb. 14, Steemit entered into a "strategic partnership" with Tron that saw Steemit's chairman declare on social media that he had sold Steemit to [Justin Sun]," referring to Tron's founder.
The result was that:
Concerns that Tron might possess too much power over the network resulted in a move by the Steem community on Feb. 24 to implement a soft fork. The soft fork deactivated the voting power of a large number of tokens owned by TRON and Steemit.
That was soft fork 2.22. One week later, on March 2nd, Tron arranged for exchanges, including Huobi, Binance and Poloniex, to stake tokens they held on behalf of their customers in a 51% attack:
According to the list of accounts powered up on March. 2, the three exchanges collectively put in over 42 million STEEM Power (SP).

With an overwhelming amount of stake, the Steemit team was then able to unilaterally implement hard fork 22.5 to regain their stake and vote out all top 20 community witnesses – server operators responsible for block production – using account @dev365 as a proxy. In the current list of Steem witnesses, Steemit and TRON’s own witnesses took up the first 20 slots.
Although this attack didn't provide Tron with an immediate monetary reward, the long term value of retaining effective control of the blockchain was vastly greater than the cost of staking the tokens. I've been pointing out that the high Gini coefficients of cryptocurrencies means Proof-of-Stake centralizes control of the blockchain in the hands of the whales since 2017's Why Decentralize? quoted Vitalik Buterin pointing out that a realistic scenario was:
In a proof of stake blockchain, 70% of the coins at stake are held at one exchange.
Or in this case three exchanges cooperating.

Apparently, the tokens that soft fork 2.22  blocked from voting were mined before the blockchain went live and retained by Steemit:
"The stake was essentially premined and was always said to be for on-boarding and community building. The witnesses decided to freeze it in an attempt to prevent a hostile takeover of the network,” [@jeffjagoe] told The Block. "But they forgot Justin has a lot of money, and money buys buddies at the exchanges."
Vitalik Buterin commented:
"Apparently Steem DPOS got taken over by big exchanges voting with depositors' funds," he tweeted. "Seems like the first big instance of a 'de facto bribe attack' on coin voting (the bribe being exchs giving holders convenience and taking their votes."
As Buterin wrote in 2014, Proof-of-Stake turned out to be non-trivial.

No comments: