Proof-of-Work is the only solution to Byzantine Generals' problem

There&#x27;s been a lot of FUD against PoW and some of it is warranted. The problem is saying &quot;PoW is a bad solution to the problem&quot; doesn&#x27;t provide any path forward. PoS is not a solution, and neither is so called dPoS where block producers are nominated by or purchased from the development team. Lots of smart people are working on better PoW algorithms, more resistant to centralization and hopefully at least one succeeds. Otherwise a new model for trustless p2p exchange of money will need to be developed.<p>It seems to me a lot of so called &quot;decentralized currencies&quot; are moving away from the model that brought billions of dollars into the market, in favour of recreating shitty versions of what already exists. To do this they dance around terms and attempt to claim they&#x27;re actually MORE decentralized for reasons blah blah blah. I have a feeling the anti-PoW is orchestrated FUD from teams building decentralized-in-name-only platforms like EOS and NEO. Yelling about electricity costs and how &quot;trust is needed!&quot; is getting old. People like the trustless idea, even if so far it hasn&#x27;t turned out well. A platform that lets you run &quot;unstoppable dApps&quot; when stopping them only requires shutting down 21 known nodes isn&#x27;t unstoppable at all and is frankly worthless.

&quot;Nothing is Cheaper than proof of work&quot;[1]. The best that can be said about Proof of Stake is that you get marginally better security while sacrificing liveliness &#x2F; allowing the consensus layer to be captured by regulators [2]. PoW forces the machine to advance, if you refuse (or are forced to ignore) a block, the business dies but the network moves forward. If PoS was new and research was underfunded, you might have a plausible claim that it might turn into a workable solution. The fact of the matter is, it&#x27;s been 6 years since PoS&#x27; proposal and millions of dollars in R&amp;D funds have been pumped into trying to unsuccessfully obviate PoW.<p>[1] <a href="http:&#x2F;&#x2F;www.truthcoin.info&#x2F;blog&#x2F;pow-cheapest&#x2F;" rel="nofollow">http:&#x2F;&#x2F;www.truthcoin.info&#x2F;blog&#x2F;pow-cheapest&#x2F;</a> [2] <a href="https:&#x2F;&#x2F;twitter.com&#x2F;NickSzabo4&#x2F;status&#x2F;956461360161935361" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;NickSzabo4&#x2F;status&#x2F;956461360161935361</a> &quot;Conjectured governance under proof-of-stake seems to involve programmers &amp; other amateurs making legal &amp; accounting decisions. Bitcoin governance does not. Even when lawyers &amp; accountants properly take over PoS governance, PoW governance will likely be far more socially scalable.&quot;

Boy, the logic in this article is bad.<p>PoW is not the <i>only</i> solution to the BFT. PBFT PoS, DPoS, etc are all &quot;solutions&quot;, in that they represent a series of tradeoffs to achieve consensus in the presence of faults, just as PoW does.<p>Further, PoW itself as implemented in large part today is vulnerable to attack via selfish mining.<p>Finally, purely empirically speaking, PoW in most systems like Bitcoin today is highly centralized and far from trustless. Consensus authority has accumulated in the hands of large mining operations. Many people foresaw this outcome. In the author&#x27;s analogy, you are not provided any certainty of consensus on your bunker, rather, massively resourced authorities controlled by a handful of people are dictating state to you and you have nowhere near enough resources to change that.

&gt; Imagine you are sitting in a bunker. You have no idea what people are out there and what are their intentions. You only receive some incoming messages from strangers that may contain anything. They can be just random garbage or deliberately crafted messages to confuse you or lie to you. [...] When two propositions arrive into your bunker, &quot;X&quot; and &quot;Y&quot;, we have no trusted reference point to figure out which one is supported by the majority of other people. We only have &quot;data in itself&quot; to judge which one we should choose as the main one.<p>What if the true answer is &quot;neither&quot;, and both have been forged by an attacker? If he&#x27;s sitting in a bunker with no contact to the outside, and an attacker can intercept and manipulate his every communication, how can he &quot;estimate how expensive it is to produce an alternative&quot;? Was the difficulty too low because it&#x27;s a forgery, or because everybody&#x27;s abandoned that PoW chain?<p>IIRC, Bitcoin&#x27;s answer to that situation is that somehow word of the correct chain will get to him (perhaps smuggled by a carrier pigeon), instantly invalidating all of the attacker&#x27;s work. That makes sense in real life, but not in imagined scenarios where there are no alternative communication channels.

not only is this not a proof, but also implicitly sweeps many issues with the implementation of the current system under-the-rug, which is the more insidious part of this argument.<p>&gt; Proof that Proof-of-Work is the only solution to Byzantine Generals&#x27; problem<p>this is an argument for PoW&#x27;s validity as a solution, for starters. in no way is this a proof, let alone one of uniqueness.<p>&gt; In case of Bitcoin mining farms, such an alternative would require a very expensive and complex production chain, requring either outcompeting other firms that use chip foundries or building single use datacenters in the most cost-effective locations on the plane<p>that is exactly what we have right now! SHA256 has become so optimised in these chips that the whole issue of &quot;consensus&quot; has been almost diluted to &quot;consensus between a <i>very</i> small number of people&quot;.<p>it might appear as though i&#x27;m identifying a 51% attack, and whilst that is entirely un-addressed in this &quot;proof&quot;, that&#x27;s not what i mean.<p>bitcoin was created to decentralise money. there are so few actors in the mining business now as to negate the benefit of requiring trust in a small number of centralised entities. which, by the way, happen to be well-known, non-anonymous, and culpable when mistakes are made&#x2F;crimes are committed.<p>sure, the majority of the resources must be used to create a &quot;message&quot;, but it certainly does not necessarily represent the consensus.<p>bitcoin, in its current implementation, has failed. that largely stems from the fact that SHA256 PoW as a means of proof, has failed.

This does not at all seem like a rigorous proof

My conclusion about cryptocurrncies is: they can never take over traditional payments. People want payment methods to be:<p>- secure<p>- fast<p>- cheap<p>While traditional payments do relatively well on all three accounts Bitcoin cannot. Yes, we might argue that it’s (in theory) more secure, but it’s also slow and expensive. What’s worse, as the article just proves Bitcoin cannot fix those flaws because its security relies on mining (and therefore transaction processing) being slow and expensive - that’s the very concept of PoW.

PoW is not a solution and they are not even discussing the problem.<p>Author is mixing Byzantine Generals&#x27; problem to completely different set of trust and consensus problems.

If every participant is online and all messages are public, then only a majority vote is necessary, as time itself becomes exclusive (only earlier votes matter). There&#x27;s no need for PoW here.<p>For participants that join later both PoW and PoS are probabilistic, but PoS can be much better: if everyone has to vote the maximum possible classical security is 1-of-n, ie. one eternally honest party exists in all past blocks, so no attacker can obtain 100%, ever. This model can stall but it can&#x27;t lie.<p>The 100% model is not practical and by itself requires everyone to be online, but for some m in m-of-n, it is. Another variable is how long do the honest assumption must hold: it&#x27;s relatively easy to construct a scheme that makes honesty for eg. four months nearly certain.<p>Combined with the fact that money is inherently a social thing, it works. It&#x27;s not an abstract consensus for people in bunkers, but people that want to interact. So if you return after a long time, it&#x27;s enough to check in several places that accept a specific cryptocurrency what chain is wanted by them.

That was a nice article which may or may not be true. How does that solve the Byzantine General&#x27;s Problem [1]?<p>[1] <a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Byzantine_fault_tolerance#Byzantine_Generals%27_Problem" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Byzantine_fault_tolerance#Byza...</a>