Introductory lecture [slides]

What is Proof of Stake and why it matters08/13 ― Vitalik article describing the concept of proof of stake as a cost-saving method for spam prevention and security in decentralized systems. ― 13 minute read

On Stake07/14 ― Comprehensive introduction to proof of stake, its strengths and weaknesses, strategies to overcome the nothing at stake problem and long range attacks, as well as introductions to various PoS solutions such as TaPoS and Proof of Activity ― 25 minute read ― If you want to explore the variants more deeply, check out:

Transactions as Proof of Stake  ― 11/13 ― Original paper introducing “a new approach to Proof-of-Stake that utilizes coin-days destroyed by every transaction as a substitute for the vast majority of the security currently provided by Proof-of-Work” ― 16 minute read

Proof of Activity2014 ― Original paper. Hybrid between proof of work and proof of stake; blocks are produced via PoW, but every block randomly assigns three stakeholders that need to sign it. ― 50 minute read


Slasher01/14 ― Vitalik presents Slasher, which can be summed up as security deposit-based “proof-of-stake-2000-blocks-ago instead of proof-of-stake now”, referencing the fact that in Slasher, the block signing privilege is based on the block two thousand blocks ago in order to solve the “nothing at stake” problem. ― 10 minute read

Slasher Ghost and other developments10/14 ― Discussion of the weaknesses of PoS and the resulting compensatory mechanisms of Slasher; a semi-formal specification for the Slasher (or an ideal PoS) system, including an explanation of the various ideologies of trust, Slasher Ghost, exponential subjective scoring, etc ― 28 minute read ― To read more on Slasher ESS and other consequences, see:

Weak Subjectivity ― 11/14 ― Re-introduction to PoS, nothing at stake, and short and long range attacks; claim that weak subjectivity (Slasher’s exponential subjective scoring) is necessary and sufficient to sidestep attacks ― 18 minute read

Light clients and Proof of Stake ― 01/15 ― Introductory discussion of how Slasher can achieve the same complexity-theoretic properties as PoW in order to be light-client friendly ― 15 minute read

Peercoin, Nxt, Bitshares, and Tezos PoS

Peercoin Whitepaper08/12 ― Short design explanation of the first known implementation of a hybrid PoW/PoS cryptocurrency. Peercoin (a.k.a. PPCoin) uses coin age consumed by a transaction as proof of stake as well as centrally broadcasted “checkpoints” ― 10 minute read

Nxt Whitepaper (Sections 2.1 & 4.1) ― 07/14 ― Summary of Nxt’s proof of stake mechanism, difference from Peercoin, and defenses against common attacks. Nxt uses an account’s effective balance, not coin age, as part of its block creation algorithm ― 8 minute read

Bitshares Delegated Proof of Stake ― circa 2015 ― A “technological democracy”, in which stakeholders vote (via transactions) on trusted delegates to sign blocks― 8 minute read

Tezos Position Paper (Section 3) ― 08/14 ― Short background and introduction to Tezos’s PoS; comparison to Slasher ― 5 minute read

Tezos Whitepaper (Section 3.2) ― 09/14 ― Semi-detailed technical explanation of Tezos’s PoS algorithm, which is “a mix of several ideas, including Slasher, chain-of-activity, and proof-of-burn” ― 8 minute read

We interrupt this programming to bring you the following message

Nakamoto Consensus is not game theoretically secure from 34% control by a malicious actor due to a process called selfish mining.  You can see proof of this in this paper by Emin Gün Sirer and Ittay Eyal.  Given this knowledge, we should proceed with the assumption that any Nakamoto consensus-based system (whether it is PoW or PoS) is only secure up until a 34% attack, not the 51% figure normally cited.

Byzantine Fault Tolerance Video10/16 ― Simple and precise explanation of the byzantine generals problem. How many byzantine node failures can a system survive, and how can you build such a system? ― 26 minutes

CAP Theorem Video ― 07/10 ― Consistency Availability Partition tolerance (CAP) Theorem proof; this theorem states that only two of these three promises of distributed systems can be satisfied at once ― 5 minutes

Tendermint Consensus ― 2014 ― Original paper describing the mostly asynchronous, BFT consensus protocol with voting power denominated in validator stake (note: protocol slightly outdated, see revisions) ― 16 minute read


Introducing Casper ― 08/15 ― Introduction to Casper “the friendly GHOST” (in reference to it borrowing properties of Greedy Heaviest Observed Sub-Tree protocol), the proof of stake protocol to be implemented in Ethereum’s Serenity release ― 12 minute read

Vlad Zamfir’s History of Casper Series [Part 1] [Part 2] [Part 3] [Part 4] [Part 5] ― 12/16 ― “the Casper tech story, given as a chronological history of the evolution of the key technology, ideas and language that are involved in Casper research” ― 7-10 minutes each

A Proof of Stake Design Philosophy ― 12/16 ― Vitalik’s core proof of stake principles that Casper is based on, including the cypherpunk spirit, and a balance of social and economic consensus ― 7 minute read

Proof of Stake FAQ ― Guided FAQ, best read in order; superb explanation of CAP, FLP, Nakamoto vs BFT PoS, common attacks, Casper and other variants ― 42 minute read

Minimal Slashing Conditions ― 03/17 ― Explanation of slashing conditions (i.e. set of unbreakable rules) that allow Casper to achieve economic finality ― 14 minute read

Casper, as I understand It ― 04/16 ― Third party analysis  of Casper compared to Tendermint consensus  ― 5 minute read

Understanding Casper  ― 12/16 ― Explanation of Casper PoS Economics ― 20 minute read


Algorand Whitepaper ― 05/17 ― (Neither Nakamoto nor BFT-based) novel proof of stake ― long

Ouroboros Whitepaper ― 06/17 ― “a provably secure proof-of-stake blockchain protocol” in which is presented “a novel reward mechanism for incentivizing Proof of Stake protocols and we prove that, given this mechanism, honest behavior is an approximate Nash equilibrium, thus neutralizing attacks such as selfish mining” ― long

Ending slides

Casper & Smart Contract Consensus (Collin and Pranav)
Tendermint (QJ and Carlo)