Or you can just buy / steal the private keys to coins that have already been spent, and then simulate alternate histories.
The trouble with these schemes is that it is quite easy to make them more difficult to review, without actually adding any security. In both cases I saw earlly versions that were criticized for being entirely insecure, then there were some iterations that added no security, until it got complex and the people involved learned to not provide free consulting, which I won’t do here either: the objections to proof of stake schemes are general. It can be shown that any proof of stake scheme must be broken by simulation. It’s just a matter of showing what the necessary procedure is for a given scheme, which can be made arbitrary difficult to review. One of the guys I work with quiped that this “cryptographic security against review.” That shouldn’t be mistake for actual security.
There are general results showing that the security being advertised is not possible, the perpetual motion sense. It’s a waste of time for credible people to spend their time disproving perpetual motions machines, particularly when their proponents can make them arbitrarily difficult to review. Do not mistake a lack of review for an indication of security.
Or you can just buy / steal the private keys to coins that have already been spent, and then simulate alternate histories.
The trouble with these schemes is that it is quite easy to make them more difficult to review, without actually adding any security. In both cases I saw earlly versions that were criticized for being entirely insecure, then there were some iterations that added no security, until it got complex and the people involved learned to not provide free consulting, which I won’t do here either: the objections to proof of stake schemes are general. It can be shown that any proof of stake scheme must be broken by simulation. It’s just a matter of showing what the necessary procedure is for a given scheme, which can be made arbitrary difficult to review. One of the guys I work with quiped that this “cryptographic security against review.” That shouldn’t be mistake for actual security.
There are general results showing that the security being advertised is not possible, the perpetual motion sense. It’s a waste of time for credible people to spend their time disproving perpetual motions machines, particularly when their proponents can make them arbitrarily difficult to review. Do not mistake a lack of review for an indication of security.