From Wikipedia, the free encyclopedia
Jump to: navigation, search

Proof-of-stake is a method of achieving distributed consensus and securing a cryptocurrency network through requesting users to show ownership of a certain amount of currency. It is different from proof-of-work systems that run hashing algorithms to validate electronic transactions.[1] It is most commonly used as a supplement to proof-of-work in Peercoin,[2] BlackCoin ( the first fully PoS cryptocurrency) and a few other electronic currencies.

Usage in Peercoin[edit]

Peercoin's proof-of-stake system is based around the concept of "coin age", a number obtained from the product of the currency amount held times the amount of time it has been held for. When generating a proof-of-stake block, the user sends some money to themselves, consuming their coin age in exchange for a preset reward. This minting transaction becomes more likely to succeed over time until a valid block is found, generating a new block on the blockchain and a payout for the proving user.[2][3][4] This process secures the network and gradually produces new coins over time without consuming significant computational power.[5]

Both proof-of-work and proof-of-stake blocks are used in Peercoin, although the main blockchain is determined by the highest total consumed coin age (from proof-of-stake generation) instead of the total combined difficulty of the chain (determined by proof-of-work blocks, as in Bitcoin). Peercoin's developer claims that this makes a malicious attack on the network more difficult.[2][6]

The first 100% proof-of-stake system was BlackCoin.[citation needed]

Variants of Proof-of-stake[edit]

BlackCoin's 'Proof of Stake v2'[7] improves network security, by removing the priority given to older coins in the original proof-of-stake system. Removing coin age from the calculation prevents attackers from building coin age on less than 50% of total coins to successfully double spending.

Reddcoin's 'Proof of Stake Velocity' (PoSV)[8] claims to encourage velocity i.e. movement of money between people, rather than hoarding.


Some authors[9][10] argue that proof-of-stake is not an ideal option for a distributed consensus protocol. The main problem is what they usually call "there is nothing at stake". It means that in case of accidental chain fork (or any other kind of distributed disagreement), a person can "vote" for the both variants, because he has a stake in each branch. He doesn't need to choose one option to vote (like in proof-of-work system), and that gives him ability to try to cheat (e.g. double-spend in case of blockchain reorganization) "for free".[11]

There are different approaches to avoid this problems:

  • Peercoin uses centrally broadcast checkpoints (signed under the developer's private key). No blockchain reorganization is allowed deeper than the last known checkpoints.
  • NXT protocol only allows to reorganize last 720 blocks.[12]
  • Ethereum Slasher protocol allows users to "punish" the cheater, who mines on the top of more than one blockchain branch.[13]

See also[edit]