# Andrew Poelstra (2014) ###### tags: `PoS`, `security`, `long-range`, `axel` ## Summary This short paper explains what is a distributed consensus and why it is needed in cryptocurrencies, and asserts that achieving distributed consensus in proof-of-stake blockchains is impossible. There is actually an updated version of this paper, by the same author, that goes further in its analysis, and doesn’t condemn proof-of-stake with such harsh words. Therefore it is more relevant, see its summary below this one. There were relevant definitions in this one though : Proof-of-stake is a cryptographic proof of ownership and investment in a given blockchain project. The stake can be locked for a certain amount of time, or be unlocked when a condition is met. A distributed consensus is a global agreement between between mutually-distrusting, anonymous parties. In cryptocurrencies, it is necessary to achieve distributed consensus on the time-ordering of transactions, in order to prevent double-spending. In proof-of-stake blockchains, it is believed that stakeholders will be neither willing nor able to alter the history of transactions, as they are incentivized not to, and ramdomly chosen (a collusion of dishonest nodes becoming more unlikely). But there’s a major security flaw in this system, that could allow one node to change the entire history of the blockchain by acquiring the keys of former stakeholders, which makes proof-of-stake distributed consensus unreliable at best. ## Comments Basically, this paper intends to discredit proof-of-stake by pointing out the possibility of long-range attacks. But this doesn’t have to be a dealbreaker and many have since then offered solutions to prevent this particular attack. So this paper is no longer relevant, though I think it was necessary to summarize it because it’s been cited pretty often in proof-of-stake-related papers.