Thoughts on EOS DPoS Explanation
For reference here are the posts to which I'm referring:
https://steemit.com/eos/@eosgo/eos-explanation-of-dpos-bft-w-daniel-larimer-part-1-of-2
https://steemit.com/eos/@eosgo/4izmr903
Up front, I posted the basic content of this post as a comment to the second video but I thought it was worth surfacing as its own post also. I also want to reiterate from that comment that I'm so appreciative of the communicativeness and engagement with the community from the EOS folks. This is meant to stimulate conversation, not as a hit-job.
A few things stood out to me that need more clarification or context.
It was asserted that the major stakeholders would be known entities (governments, large firms) with known locations, reputations, etc.
This feels more like something half-way between a private ledger and a public one. It also seems susceptible to cartels pooling enough stake to usurp one of the known entities as a block producer or otherwise contaminate the voting pool.
Large entities do bad things all the time
Wells Fargo? Small governments a la Zimbabwe or Venezuela? BP? Just because an entity is well known and has a reputation does not mean they are bound to uphold that reputation or have any accountability in a real sense. They could screw a lot of people before getting voted out of the system.
Addressing the above, the response seems to me to be, punish after the fact
This is just another way of saying the market will sort it out. We know that's not true in the real world because of consolidation. One of the criticisms Dan leveled at the Cardano project was the natural consolidation of stake in the system would lead to imbalanced stake pools that their protocol doesn't account for. This will obviously lead to Too Big to Fail or an oligarchy of stakeholders. How does EOS cope with that should one of those large stakeholders turn bad actor? What does it mean to seize a stakeholder's bond? How does this lead to anything but more consolidation and in fact incentivizing cartels among large stakeholders to either attack each other or defend against financial attacks?
There also seem to be some odd features of the protocol to me - for reference I work on large, distributed systems in my day job as a software developer.
Finalization is synchronous
This obviously gives a performance improvement for irreversibility but makes the system vulnerable to network hiccups doesn't it? That's the benign case of course - what about deliberate interference by governments, ISPs, botnets, etc.?
Dan said two things that I can't reconcile: the system can continue as long as there is 1 honest participant still minting blocks and it's invalid to reconcile beyond the last finalized block
How can those both be true? Assume a non-malicious network partition. There is some shared history between the cohorts of honest participants A <- B <- C. C is the last finalized block they share. When the network rights itself, you have 2 histories that likely contain multiple finalized blocks that have been confirmed by 2/3 of the participants in each partition. Now that the nodes can all see each other again, what happens? It seems there is no way all those finalized blocks survive or they aren't truly finalized or something. Perhaps you could construct a single chain out of them but it's possible that that a person has transactions in both chains that are irreconcilable (double spend). What happens here? This is essentially a violation of the CAP theorem.
Any thoughts, responses, or additional context I may be missing are welcome!
Congratulations @archon3d! You have received a personal award!
Click on the badge to view your Board of Honor.
Do not miss the last post from @steemitboard: