12:51:46 Yes they could 12:59:23 Damn a lot of hate towards POS, but I would think a hybrid would make sense for monero. However I am a idiot 13:28:15 The Qubic attack is agnostic to the underlying consensus protocol. The type of POW or even POS. If Qubic can pivot from CPUs (Monero) to ASICS (Dogecoin) they can jump also to POS. The Qubic attack is based upon the centralization of pools not the underlying consensus protocol. 13:32:56 We must keep in mind that "useful work" is simply by its very nature centralized and can be defined to be anything. This includes staking / validation in POS not just CPU vs ASICS in POW 13:35:50 Drastic consensus changes are not the answer. We need to focus instead on the decentralization of the pools. 13:38:16 Monero has a very strong social consensus for POW. Keeping this consensus is not hate for other consensus protocols. 13:40:18 https://github.com/monero-project/research-lab/issues/140 13:42:51 ^ this is similar to how we look at what qubic is mining at the moment or their delay 13:45:19 in monero's case the prev id, it is inside the "block header" blob. however you cannot fully verify which transactions they are mining as it's a merkle root 13:46:57 so, they might have mined those txs already. or be totally bogus 13:47:18 so your new child would need to have zero transactions (and coinbase) to make sure you can place it on top 13:53:03 I mean I get that, but I think a lot of people in the community will just disregard any benefit POS might provide, because they simply want monero to only be POS and provide non answers like monero price or incentive to mine doesn’t matter and utility only matters. The problem is most miners care about money and a lot of moneros miners did jump towards Qubic simply because their mining is simply more profitable. 13:53:23 I mean I get that, but I think a lot of people in the community will just disregard any benefit POS might provide, because they simply want monero to only be POW and provide non answers like monero price or incentive to mine doesn’t matter and utility only matters. The problem is most miners care about money and a lot of moneros miners did jump towards Qubic simply because their mining is simply more profitable. 14:55:21

switching a coin to pos after the main distribution has been done is probably more egalitarian than anything else including pow. 14:55:34 https://github.com/monero-project/research-lab/issues/140 15:06:36 aillia already posted above and a reply to it from DataHoarder 15:07:20 Also posted in lounge with a reply from someone else, also negative 15:07:41 How exactly are you suggesting that someone with hashrate would "jump" to PoS ArticMine? A social attack like "give me your real XMR in an uncollateralized loan and I'll pay you interest in the form of a new token I made"? Even in that case, the risk for the loan issuer is substantially more than offering hashrate. A miner gives up their opportunity cost of mining normally and the 15:07:41 ir electricity cost, the latter of which is the largest component in an efficient market with RandomX. For PoS, the entire value of the loaned XMR would need to be placed at risk 15:40:01 I suppose unless delegating one's stake is possible. Some configurations allow that 15:41:14 It is not about hashrate. It is about incentives to miners or validators from a centralised source. Proof of useful work is innately centralized and the incentive is the attacking token itself. 15:41:15 Qubic does not have a hashrate. What Qubic has is a centralised token that can be used to influence the behavior of miners or validators 15:44:21 One of the greatest myths regarding POS is that the cost of an attack is the value of the stake. 15:44:21 The actual cost is an attack on POS is the cost to borrow the state plus any losses due to slashing 15:45:49 stake 15:48:08 My point is that borrowing costs for uncollateralized loans are way higher due to counterparty risk. 15:48:09 For PoW, they're paying $2 (in real or perceived/fake value) to borrow $1 of electricity (in effect). 15:48:11 For PoS, they're paying $X a year to borrow $Y value in XMR. 15:49:41 The attacker simply puts another asset as collateral. Such as a POW coun 15:49:54 Coin 15:50:42 Or the attacker is simply running a fractional reserve on the POS coin. Cost is zero 15:52:17 Fractional reserve banking as it was practiced with gold in the US during the 19th century can be used to attack POS coins 15:52:35 If 50% of Monero's supply was actively staking, that's 18.4 million * 50% * 33% = 3 million XMR = over $700 million. That's not "simple" collateral to provide. If they had access to that cash, they could decimate the PoW market continuously 15:54:04 again, you talk about a specific design (max stake = max vote). Here the physical distribution is relevant, aka trust (yes, its centralized). "Borrow" means paper, usually, that is irrelevant. Can't stake paper to get votes. Got it? 15:54:05 What percentage of ETH is staked by the beneficial owners of the ETH? 15:54:07 Nominee staking does not count. 15:56:53 You borrow the actual coin. The paper is part of the collateral 15:57:11 You mean one cannot borrow ETH? 15:57:58 delegation, you mean? Thats a can of worms. 33% IIRC 15:58:15 Let's make it simpl 15:58:26 Simple 15:58:58 ... I am not interested in discussing jargon 15:59:20 shure, where do you borrow 50% of XMR? KuCoin? 16:00:29 None of the POS promoters have answered my question regarding ETH 16:00:52 I'm saying it's way more expensive to borrow assets with an uncollateralized loan than borrowing hashrate. Borrowing hashrate for a commodity algo like RandomX trends to 0 cost (not actually 0 in practice). I'm not giving up custody of $100 in XMR (and lose the full $100) for $1 in interest a year. 16:01:51 *risk losing the full $100 16:02:07 Who is actually staking ETH? What percentage of the staker are nominees? What percentage of ETH is actually staked? 16:03:04 Lido is the largest individual staker with ~25% market share, afaict https://dune.com/hildobby/eth2-staking 16:03:05 These are very simple questions. 16:03:51 Are they a nominee or beneficiary ? 16:05:04 Impossible to say. Exchanges could also stake their assets with Lido 16:05:26 I rest my case 16:06:33 I agree, delegation in ETH leads to centralization. Delegation is hard to get right. You won /s 16:31:41 in a PoS scenario, are entities with legal obligations (exchanges) going to find themselves in conflict if their act of staking means they are willful participants? like if some protocol upgrade is required in the future to counter xyz privacy concerns blah blah blah 16:32:29 Yes. 16:33:27 This is a huge issue since nominees are subject to AML/CFT laws 16:35:39 Anti Money laundering/ counter terrorism financing laws 16:36:16 These nominees are obligated entities 16:37:35 Custodial exchanges are already obligated entities 18:42:38 the stronger argument for PoW over PoS is that long range attacks are easier to reason about in PoW. on cost of attack PoS wins (in case the failure is not too complex and consensus can be reached on what the "true" chain is before confidence completely erodes) 18:47:03 a lot of this long range issue comes from rewarding stakers. That means there is an incentive for attackers to make up an alternative chain where they capture most of the rewards. If that reward is eliminated it becomes a lot easier. 19:02:59 so with PoS, if the chain is attacked, and then people decide to kick them off, can the attacker just get more funds and do it again? 21:21:07 I want to have an organized meeting tomorrow. If you want a specific idea discussed about combating mining pool centralization & general blockchain consensus hardening, please post it as a comment on the agenda issue: https://github.com/monero-project/meta/issues/1256 or here in this room. If possible, link any resources about the issue such as GitHub issues and research papers. Try to specify if it is a short-, medium-, or long-term fix and if it would require a hard fork. 23:28:07 I think the consensus hardening discussion should include be separated between long-term solutions such as finality layers and solutions that we can do very rapidly (in weeks or days) if we face an attack now. Some community members have gotten it into their heads that we are only considering long term and not doing enough to respond to the Qubic attacks. Addressing both as separa 23:28:07 te topics might help to alleviate those fears.