Exclusive: Proof-of-Stake May “Inhibit Distribution,” Says Zcoin COO

In a conversation with Reuben Yap, we gained some insight into how proof-of-stake might not be the answer that some are hoping would unshackle us from the messy world of proof-of-work.

Although the vast majority of large cryptocurrencies on the market currently use proof-of-work models to ensure the security of their networks, there’s been a significant rise of coins that make use of another way of doing things.

Just recently, Ripple’s CEO made a point about more than half of Bitcoin’s hashrate being controlled by firms in China, demonstrating that proof-of-work could fall victim to centralization. We ran our own investigation into this issue and found, in fact, that this number is actually closer to 80% than 50%.

However, Reuben Yap, Zcoin’s COO, told us that we should also be cautious about proof-of-stake models during a conversation we had with him in Telegram.

“I’m not against PoS, but maybe against pure PoS systems or arguing just as a way for people to get interested. It’s why people say ASIC resistance shouldn’t be pursued, but I beg to differ. We need commodity hardware to do mining. As for PoS, my main issue for it as a currency is that it inhibits distribution. I’m all for it in smart contract systems, though,” he said.

When coins start out with proof-of-stake, the biggest problem is perhaps distribution because of the fact that the largest “hodlers” and earliest investors reap the most rewards from the system. Reuben Yap emphasized the importance of initial distribution during our talk when we asked him how PoS systems inhibit this.

“It’s because there is no mechanism of distribution that is separate from owning it or buying it. So, initial distribution is super important, which is a difficult issue. Most PoS systems allocate their entire supply at the outset or have a proof of work period, then a PoS period. Also, rewarding PoS holders with additional staking rewards is equivalent to not having any rewards since everyone gets more rewards proportionately,” Yap added.

He also said that “if people are just looking for PoS just for scalability,” then it’s not worth it. However, having a hybrid PoW and PoS node may be a promising prospect, according to Yap.

“Decred’s hybrid is interesting and is more a matter of reaching consensus and having another layer of protection for double-spend attacks, since technically the ticket holders can vote to reject a block. But it still doesn’t take away most of the issues of PoW, which is the energy cost. There’s also some debate about whether Decred’s approach also solves the nothing-at-stake issue at all, since there is nothing to prevent someone from double-signing,” he said.

Zcoin has an interesting system called “Znodes,” where holders of at least 1,000 coins can put them up as collateral to host a “reliable and powerful node” that supports the network.

It sounds like a quasi-PoS system, but the difference here is that although the nodes validate transactions just like any other node, they don’t really do much more for the security and integrity of Zcoin’s blockchain.

“Znodes don’t do proof of stake. It’s more like proof of service. They don’t provide security. They provide a service and only indirectly provide security, but not in the same way as PoS. Even DASH master nodes don’t do PoS. They don’t do any ‘work’ or help with consensus. They don’t have any right to determine which transaction gets included,” Yap told us.

This doesn’t mean that Znodes can’t play a bigger role in the coin’s blockchain. As a privacy coin, Zcoin allows users to mint and burn coins in a manner that masks their activities on the blockchain in a manner somewhat unique to the Zerocoin protocol.

Since this essentially amounts to a zero-knowledge protocol, it needs proofs. Otherwise, people who send coins cannot prove to their recipients that a transaction came from them or that it even exists.

Naturally, such a thing requires a certain amount of resources from the network. However, Yap has an idea on how this system could be improved with Znodes.

“One of the things we were thinking of with our next-gen privacy system is an interesting application of Znodes. So, usually, when you do a zero-knowledge proof that you burnt a coin, you have to do it for each burn. But there are ways to aggregate proof. So, I can generate a proof of roughly the same size, but prove a couple of burns in that one proof. To have the Znodes act as a pool where people can aggregate their proofs with others is an excellent scaling mechanism. Instead of 20 proofs for 20 burns, which take 1.3 kilobytes or so, you can have one proof for maybe 2 kilobytes that proves 20 burns and have that one proof on the blockchain,” he said.

Proof of stake has a long march forward, but for it to work, developers and the community around cryptocurrencies alike have to understand the possible pitfalls of the system and not disregard proof of work entirely.