Professor Aggelos Kiayias is the chief scientist at IOHK and is the Chair in Cyber Security and Privacy at the University of Edinburgh. His research interests are in computer security, information security, applied cryptography and foundations of cryptography with a particular emphasis in blockchain technologies and distributed systems, e-voting and secure multiparty protocols as well as privacy and identity management. He has been behind the development of Ouroboros, the Proof-of-Stake algorithm proposed for Cardano. Ouroboros is provably secure, meaning that it offers security guarantees that have been mathematically proven.
In this recent video, Professor Kiayias gives us insight into what Proof-of-Stake is and how it compares to Proof-of-Work.
Settlement Layer & Consensus
- the Ouroboros protocol is the core of the Cardano blockchain
- it is the settlement layer, which means that users can ask this layer to see whether a transaction has been integrated and its output has been accepted by the network
- the settlement layer is one of the most critical components of a cryptocurrency
- of course, it is possible to have a single server and to implement the settlement layer as a centralized service
- this system would work and it would provide liveness (liveness means transactions will be accepted into the system)
- but this method also has a significant disadvantage in that it introduces a single point of failure in the system
- the server can be hacked or controlled by someone who wants to censor transaction and therefore, the system would be completely at the mercy of those in control and these actors would control what transactions are included or not
- this is why decentralization is extremely important for cryptocurrencies
- with decentralization, we are able to distribute the trust from a single point of failure to a set of actors that collaboratively provide the same service of the settlement layer
- this points to a classical problem in computer science that is known as consensus
- consensus in the computer science realm has been studied for over 40 years
- it refers to the problem that a set of parties face when they want to reach a common agreement to produce the same output
- and while there is a good understanding in the literature about this problem, all of the solutions that have been studied (before the arrival of the Bitcoin protocol) share the same deficiency
- this deficiency is that it makes the assumption that the set of parties that are running the protocol know each other and that there is a reliable naming infrastructure
- while this makes sense for classical systems in computer science, it is not compatible with the way the internet works and because there is no reliable name infrastructure that is globally available
Then came the Bitcoin protocol…
- in 2009, the Bitcoin protocol came, which for the first time made it feasible to think about solving consensus without assuming pre-existing names for the participants that are running the protocol
- this is very important as the execution of the protocol became public and basically all interested parties are open and free to become part of the protocol execution and contribute to the integrity of the ledger
- in this way, the integrity of the system is maximized and it is possible to create a settlement layer that is extremely hard to disrupt
- however, there was also a significant downfall of the Bitcoin protocol, which was its tremendous energy requirement
- in order to operate the protocol, it requires for the participants to solve what is known as “proof-of-work”
- this means that each one of the servers that are participating in implementing this settlement layer have to solve a hard computational problem and this requires a lot of energy
- so while it provides many of desirable decentralization qualities to the protocol, it also comes with a downside of requiring an extremely high energy expenditure
- for that reason, it was discussed early on in the Bitcoin community whether the decentralization qualities can be retained, while removing the energy waste
- many ideas were proposed during this time by a number of people
Proof-of-Stake
- out of these proposals, Proof-of-Stake (PoS) became the most prominent and most convincing way of removing this need for proof of work and its associated energy waste
- now with PoS, what the participants do to advance the protocol is refer to resources they have that already exists and is recorded in the ledger
- this referral does not require energy expenditure
- and this is what enables PoS to provide a similar type of dencetralization as in the case of Bitcoin, but without actually having the energy waste that comes with Bitcoin or other PoW-based protocols
- PoS protocols can take advantage of all these state-of-the-art, cryptographic tools that are available today and provide blockchain protocols that can actually scale and be more participatory than other protocols that are in the distributed ledger space
- and because these PoS protocols are based on cryptographic tools (such as digital signature and public key certificates), it makes it possible to use cryptographic protocols that can provide useful services and to build these protocols on top of PoS ledgers very naturally
- in this fashion, PoS ledgers can provide a type of functionality that is quite versatile and meet the requirements of many different applications including but not excluded to electronic voting, supply chain manager and many other high-value distribute ledger applications