It’s the age-old debate between Proof of Work and Proof of Stake, brought back to the forefront of people’s minds by Ethereum's successful merge back in September.
The critiques of both are well documented. One side will point to the fact that Bitcoin consumes energy at a significant scale. Others will highlight Ethereum’s new realities when it comes to concentration of power. Post merge, Lido plus three of the largest exchanges control over 50% of staked ETH.
Neither solves for governance, evidenced by the fact that both Bitcoin and Ethereum manage governance off-chain.
In this piece, I’ll argue that there’s a more direct solution; one that holds advantages over Proof of Work and Proof of Stake in terms of energy use and governance controls.
What’s neat is that this solution is based on the already existing, informal process that underlies both Proof of Work and Proof of Stake—and any other consensus mechanism for that matter.
That’s because consensus is something that humans do naturally and intuitively all the time. We can formalize that process and automate some of the more tedious parts. This is how we get to a foundational form of consensus without a lot of extra steps.
Decentralized, anonymous ledgers all face the same challenge. In designing a system that allows anyone to participate, you need a way to decide between equally valid ledgers to ensure that everyone stays in agreement. The obvious answer is some kind of voting mechanism. But as with any fair and equitable voting mechanism, you need to prevent any single person or entity from having more votes than they should.
One way to frame this is that the problem we’re trying to solve is a form of digital democracy.
Proof of Work’s approach requires participants to contribute computing power or hashing to the system. We can think of miners "voting" with their computing power by choosing one of the valid blockchains and attempting to extend it. After all, you can’t fake computing power. And as the value of the system grows and competition for computing power intensifies, the cost of outvoting the rest of the system goes up along with it.
That’s how we achieve consensus anonymously—Proof of Work in a nutshell.
Of course, computational power is essentially a proxy for energy consumption, and the last thing the world needs at the moment is wasted energy. We can minimize waste by using stranded or surplus energy but there is no way around the fact that any computer doing proof-of-work could always be doing useful calculations instead.
The last point I’ll make here is on governance. In the early days of Bitcoin, some protocol changes were indeed voted on and decided by miners. But that approach came to a head during the debate around block size and scalability, what Coindesk, at the time, described as a “constitutional crisis.” In some contexts, miners’ incentives aren’t aligned with the rest of the network. In the context of block size for example, miners prefer smaller blocks to force users to pay them higher fees.
Naturally, the community didn’t take that lying down and turned to extra-protocol forms of governance as a response as well as hard forks. Eventually, this put enough pressure on miners such that a compromise was reached. The point is that Bitcoin isn't governed purely by proof-of-work. Important strategic decisions are made through a political process outside of the protocol and not simply by the majority of miners.
Given these limitations, there has always been interest in potential alternatives to Proof of Work.
If we think about consensus mechanisms as forms of democracy, then Proof of Stake would be a plutocracy. You might call it Proof of Wealth.
Instead of computing power, votes in a Proof of Stake system are counted proportional to the number of tokens a person or entity stakes. Assuming tokens have been broadly distributed among many unaffiliated participants, decentralization is achieved without the energy needs of Proof of Work.
Just as you can’t fake computing power, you also can’t create tokens out of thin air. Sure, a well-capitalized organization could buy up tokens to increase their voting power but that’s by design. As a rule, Proof of Stake is a consensus mechanism typically dominated by aggregators of tokens such as exchanges or DeFi platforms.
When those staked tokens are also tied to governance of the ledger itself, it creates a feedback loop, which tends toward inequality and power concentration. The more tokens you have, the more votes you have. If you can turn that power into greater profits, you can turn those profits back into greater power. Keep doing this and you will eventually fully control the system.
This is less of an issue if the system is still in competition with other Layer 1s. We’re generally fine with corporations being governed by insiders such as shareholders or—in the case of co-ops—workers, as long as consumers still have a choice. If the company makes a bad product, you can buy a different one, and if they're an awful employer you can work someplace else. If an evil dictator takes over a corporation, it will lose customers and employees, a natural form of checks and balances.
Problems start when corporations become too entrenched and consumers lose that choice, which is when we typically see unchecked bad behavior. The same applies to a consensus system. While it still competes with other systems, those checks and balances continue to exist. But if it becomes universal, then unchecked concentration of power becomes everyone’s problem.
(It’s one reason why I’m so passionate about Interledger. With cross-blockchain interoperability, you get persistent competition between consensus systems, which serves as an additional layer of checks and balances. We’ll get into that more in a future post.)
Ethereum solves for this by taking governance off-chain, including, as they describe, both “social and technical processes.” But when power transitions from votes and well-defined rules within the system to more informal processes outside the system, it's difficult to guarantee transparency and fair representation.
Just like Proof of Work, Proof of Stake defers the issue of governance.
Beyond questions around governance, a more common criticism highlights the circular logic inherent in any Proof of Stake system:
In order to know how many tokens each person has, you need to know the status of the current ledger.
In order to know the status of the current ledger, you need to know how the majority of the staked tokens has voted.
Any Proof of Stake system has this problem. Anyone who has access to the keys of previous validators could create an alternative ledger history that’s completely and equally valid. There are workarounds, such as creating regular ledger checkpoints, but this raises further questions—e.g. what is the next checkpoint, how are checkpoints determined, etc. An already nebulous off-chain governance system now must make even more arbitrary decisions.
Consequently, Proof of Stake requires myriad features that account for flaws and potential attack vectors that are inherent in its design. (Lyn Alden has a great writeup on this subject.)
There are potential regulatory hurdles as well. Hours after the Merge, SEC chief Gary Gensler told reporters that he thought Proof of Stake tokens looked like securities due to staking rewards.
So where does that leave us?
Proof of Work is simple, relatively reliable, and expends a ton of energy.
Proof of Stake is complex, logically awkward, and plutocratic.
Neither solves the question of governance.
Surely, there’s a better way.
In fact, there is—one that’s already working in the real world—but first, let’s take a step back and take a look at how we choose a consensus mechanism in the first place.
Think of it this way: Most people don’t consider the consensus mechanism itself when deciding who they want to be in consensus with. Maybe you heard about a cool gaming NFT project that you want to support. It happens to be on the Ethereum ledger, which is Proof of Stake.
Or maybe you’re looking for alternative assets as part of a diversified investment portfolio. You choose Bitcoin, which is Proof of Work. Or maybe you chose it because it’s the most popular and longest running.
In deciding what chain to participate in, you’ve made the decision based on your particular use case, needs, or target community.
In other words, the first choice you make isn’t about the consensus mechanism itself. Instead, it’s: Who do you want to be in consensus with?
Now that we’ve established this central choice that any participant needs to make, let’s take another step back.
What is consensus, anyway?
Here’s my definition: Consensus is a process of voluntary agreement.
In society, consensus establishes the ground rules for cooperation, enabling us to efficiently interact and transact with one another.
For example, I’m able to go to the grocery store to buy food and supplies because of consensus. There’s consensus on things like the monetary system, the legal system, languages, and certain social norms. If we can’t agree on how to make payment, how to settle disputes, or how to communicate, it’s going to be a tough time at the supermarket. Most likely, I won’t be able to buy my groceries and my grocer won’t be able to sell their products.
You and I might have different opinions on how our country should be run. We might be on the opposite sides of a political issue. But if my side loses the vote, I’ll still voluntarily agree to follow your rule so that we can collectively move forward. Despite our disagreements, we find a way to reach consensus such that progress can be made and peace maintained.
Part of it is because not coming to consensus comes with huge costs. Ideally, we’d like to avoid a revolution or civil war. Or in blockchain parlance, a fork.
The key point, again, is that consensus is voluntary. You can claim that you’re actually Napoleon—no one can stop you. But you won’t be in consensus with the rest of society, which will create friction and increase your social and economic interaction costs. Because of this, it’s rare in practice to run into someone who strays too far from the norms of social consensus. The benefits of consensus outweigh the cost of not being Napoleon for most people most of the time.
The same holds true for blockchains. We want to agree on transactions that have occurred. We might disagree on the exact order of when those transactions came in—this could be simply due to being located at different distances on the globe from where a transaction originated. But we seek agreement anyway because any order—as long as it is universally accepted—allows us to transact.
Here’s what we’ve established so far:
First, Proof of Work, Proof of Stake, and so on are consensus systems designed to achieve voluntary agreement.
Second, before we even get to the "how" of consensus, we first need to choose who we want to be in consensus with, which, in turn, is based on who we want to interact and transact with.
Third, consensus is voluntary—people reach consensus because it serves as a foundation for transacting with each other.
Given that, what if I could just describe who I want to be in consensus with and have an algorithm that keeps me in sync with the people I’ve selected?
Spoiler alert: You can—which brings us to the concept behind Proof of Association.
Instinctively, if we knew who we want to be in consensus with, all we would need to do is look at their ledger and make sure that ours is the same. If it is, we’re in sync; we’re in consensus. It is a little bit more complicated in practice, but not much.
The first step is to write down a list of those people or entities you’d like to be in consensus with.
Once you write down that list, you hand it over to a software program that will scan the network and listen for people on your list. When enough of those people vote for a particular ledger—a quorum—consensus is achieved. (Honest nodes commit to never changing their vote.)
Since you’re writing your own list, you don’t need to worry about voting spam. If someone joins the ledger with 10,000 nodes that nobody cares about, they'll simply be ignored.
And because everyone participating—voluntarily, of course—is incentivized to maintain and improve consensus, the system will naturally evolve toward a more robust and decentralized structure. That could mean:
As a result, such a system will naturally iterate to create ever more trustworthy states. Just like our real-life interactions, trust is developed and strengthened over time. Someone might have a lot of influence over the network because they are included in a lot of other people's lists, but if, for any reason, they break bad and lose the trust of other participants, they can be quickly dropped by the rest of the network in a way that isn't typically possible with Proof of Work or Proof of Stake.
Here, the age-old adage applies—it takes a lifetime to build a good reputation, but it can be lost in an instant. In that sense, the power of even the most important node is always limited. Just as a media outlet which consistently offers unreliable information might lose subscribers, so too will a bad validator. In a system based on voluntary association, there is always a choice.
What's more, if a validator has too much influence, others may proactively diversify their list even if that validator is perfectly honest and reliable. Over time, there is an incentive toward greater and greater decentralization. Or, more precisely, the level of decentralization that most participants think of as optimal.
It's important to note that we're only talking about a single consensus system so long as there is enough overlap between different lists. The overlap doesn't need to be perfect—in fact, the slight differences are what allows for improvements over time. Generally, participants don't want the network to split so everyone is incentivized to try to keep their lists relatively in sync through communication and discourse. If there are irreconcilable differences between groups, their overlap might decrease and they might eventually split into separate networks. This sounds bad, but is actually just a reflection of the preferences of the members of both groups choosing to separate from each other. Consensus is voluntary and can only be maintained as long as people want it to be.
In general, the network and community will ultimately determine for itself the best inclusions for their lists, which will continuously optimize over time—a form of fluid, iterative democracy. You have your chosen representatives in your list. If the times change, you can vote for new ones at any time. Others who transact with you may notice your choice and change their selection in turn.
Writing lists doesn’t use a lot of energy nor does it concentrate power.
And this isn’t just theory. A consensus system based on this process has been operating for the last 10 years—the XRP Ledger.
What’s cool is that over those 10 years, the network has evolved precisely in the ways I just described. Natural incentives mean that the XRP Ledger is consistently becoming more robust and decentralized.
Today, most participants follow 35 validators spanning geographies around the world, including individual participants, exchanges, universities, and companies building on the network, like my own company, Coil. No entity controls more than two validators, or 5.7% of the vote.
.png)
Unlike Bitcoin and Ethereum, the governance process is formal and voting happens in-protocol using the same consensus process that is used to confirm transactions.
Over the years, validators have successfully passed 45 amendments to improve the system, including new features such as multisign, escrow, and most recently, NFT support. New amendments are constantly being voted on.
But this is not just about XRP Ledger. If blockchains are to serve important functions in our society, advocates must have better answers to questions around energy usage and governance. Such were the weight of those questions when Ethereum made the bold step of actually switching their consensus system.
I hope that, ultimately, this will lead more people toward Proof of Association. It would not only solve the problems of energy consumption and concentration of power, but also serve as a simpler, more robust, and transparent method of governance for blockchains.
What started as a first principles observation of the consensus process becomes the mechanism itself. The beauty here is that in making the principles of consensus explicit, the consensus mechanism becomes obvious.
Disclosure: I am a long-term investor in Bitcoin and XRP. I contributed to Bitcoin as a volunteer developer and to XRP Ledger as Chief Technology Officer at Ripple. I'm the Founder and CEO of Coil, which received funding from Ripple. My thoughts about consensus described above are my own and do not necessarily reflect the views of Coil, Ripple, or anyone else.
Special thanks to Alec Liu for his editorial contributions to this piece.
Proof of Work is simple and relatively reliable, but it expends a ton of energy. Proof of Stake is complex, logically awkward, and plutocratic. Neither solves the question of governance. But what if there's a better way? Enter: Proof of Association.
Read the full articleWatch the video
