Share this page!

Jeff Coleman | Jeff.eth Profile picture
Twitter logo
21 Nov, 31 tweets, 16 min read
The #Ethereum #proofofstake #phase0 #beaconchain is getting close to launch!

So what?

Here's a thread to explain why millions of dollars of #ETH are being moved into this state of the art gadget, what makes it different from other #PoS systems, and why it was worth the wait!
First things first: even though the #beaconchain is being referred to as an #eth2 or "Ethereum 2.0" technology, it does not exist to replace the current Ethereum Virtual Machine we know and love as "Ethereum 1.0" today. If you're using the EVM, you're fine. It's not going away.
Instead, the beacon chain is a gadget that was planned even from before the launch of "Ethereum 1.0" to be swapped in for the #proofofwork system, called "Ethash", which currently secures that same EVM environment.
blog.ethereum.org/2014/10/03/sla…
Moving real ETH into the beacon chain gadget (which has been tested for months now to ensure the software and supporting tools are robust and reliable) is the first step in a phased plan to both eliminate Ethash and to upgrade Ethereum's capacity. #phase0
It is that upgrade *roadmap* for the existing EVM environment which is referred to as "Ethereum 2.0", even though "Ethereum 1.0" is coming along for the ride rather than being left behind. Confusing, I know. But there's only one Ethereum, one ETH currency, etc.
Okay, with all of that 1.0/2.0 stuff out of the way, the next obvious question is: if all of this was planned before the initial network even launched, then why did Ethereum's #proofofstake upgrade take over *six years*?
The answer is simple: until now the technology did not exist to run a secure, decentralised, and rapid #proofofstake system that was genuinely superior to #proofofwork on its technical characteristics. The beacon chain gadget differs substantially from previous generation #PoS.
The core issue is signature volume. If you want to replace computing power with digital assets as your costly commitment to a decentralised #cryptoeconomic protocol, you need a way for LOTS of participants to INDEPENDENTLY commit those assets to each protocol update they make.
If you keep the member list small, and the buy-in cost sky high, this problem is easy. You just take turns making updates, and once a high enough % of participants sign off, you get good economic guarantees (glossing all of BFT here, but it *is* 40 years old now, it's not hard).
And it's also not decentralised. But if you lower the buy-in to something even halfway accessible while still trying to keep security high, it takes forever to get the guarantees. You can take turns faster, but then your whole chain fills up with signatures. It gets bad fast.
Previous generation #PoS just gave up on trying to have more participants. They "delegated" the stake or "nominated" it or whatever. But either security was low, or getting "listed" was crazy expensive, or the chain was impossible to sync, or roles were trusted, or #alloftheabove
Random sampling can help, fraud reporting can help, but at the end of the day the #Ethereum community wasn't willing to give up security, decentralisation, *or* rapid finality. So there were always too many signatures. THAT'S why it took six years.
Fast forward to this year. The #Medalla beacon chain testnet hit almost 75,000 simultaneous validator slots, with a block every 15 seconds and *every* validator signing off on every 8 minute "epoch". That's nowhere near capacity: it was limited by total testing participation.
If the money used on #Medalla were real, faking 10 minutes / 40 confirmations would have required a budget of at least ~40M USD, and faking the ~20 minute irreversible finality guarantee would have cost ~800M USD. This blows the economic security of PoW out of the water!
So that's security and speed, but what about decentralization? Amazingly, there were over 5000 unique testnet addresses which participated in #Medalla, far higher than the number of solo miners in any #proofofwork chain today (most PoW miners use mining pools).
And how do entry costs for solo #beaconchain staking compare with solo PoW mining? If we take one block per month as the minimum viable proposition for solo mining, #ethereum #proofofwork mining rewards for 24 blocks/months amount to ~60 ETH (27,000 USD at #Medalla prices).
With 10% for electricity and 10% for profit, this means it costs ~50 ETH to become a solo #proofofwork miner on #ethereum. If you go more than 24 months between hardware refreshes, or you mine on a chain with less frequent rewards (like #bitcoin), then the entry cost is higher.
Entry costs for solo staking on the #beaconchain, meanwhile, are roughly 32 ETH plus ~1000 USD (2 ETH) in hardware and then a monthly cost of 100 USD or less for a solid internet connection. Call it ~40 ETH all in for 2 years, and we're basically in the same ballpark. Nice!
Note: this is a huge amount of $$, so the vast majority of individual #proofofwork miners are pooled miners, and similarly we can expect the vast majority of individual #proofofstake stakers to be pooled stakers. Trustless pools are crucial to maintaining financial accessibility.
(Insert shameless plug for my "Dirt Simple Withdrawal Contract" proposal which aims to bring us trustless pools as quickly and safely as possible: ) #beaconchain #teardownthe32ETHwall
But back to the #medalla #beaconchain. How was all this accomplished? How did researchers finally achieve a design that combined speed, security, and decentralization? And why wasn't this possible before now?

The answer (twice over!), is found in three little letters: #BLS
The Boneh-Lynn-Shacham (a.k.a. "BLS") signature scheme was invented almost 20 years ago, is fairly well studied, and relies on well understood cryptographic assumptions. It lets you easily combine (or "aggregate") multiple digital signatures into one! hovav.net/ucsd/dist/sigs…
Seeing as how the root problem in keeping #proofofstake both decentralized and fast is the amount of signatures you have to store and process, this is definitely going to help! But there's a downside: the traditional way of doing BLS had poor performance at high security levels.
BLS to the rescue again! This time it's Barreto-Lynn-Scott curves, a family of elliptic curves which were discovered shortly after BLS signatures, but didn't rise to the forefront until the performance/security tradeoffs of the more popular "BN" curves were better understood.
In 2017 #Zcash researchers from @ElectricCoinCo designed and implemented BLS12-381, a specific member of the BLS curve family, to finally make possible BLS signatures with both high security levels AND high performance. The stage was set. github.com/zcash/zcash/is…
It's at this point that #ethereum researchers actually started to play a role. Others had built all the parts but things needed to be standardised and hardened. This thread is getting super long so I'll just refer you here for the full details/backstory reddit.com/r/ethfinance/c…
The short gist is that a standard needed to be finalized; quality high performance libraries built, audited and formally verified; and quantum-secure redundancy built in to ensure that #ethereum could survive even the arrival of #quantumcomputing if it comes sooner than expected.
These processes literally finished just in time for the launch of the #beaconchain! Maybe not everyone cares about all these gritty details, but #ethereum researchers sure do, and that's how you're going to get #proofofstake that you can trust. It's #worththewait! Get psyched!
There are many more aspects of this #proofofstake design that I didn't have time to get into here, like how it combines BFT technology with the Casper FFG algorithm to provide both safety and plausible liveness under realistic network conditions, or how it supports sharding, etc.
But the main thing I want to share my excitement about is how this really is a gadget that couldn't have existed in this fashion and quality at any time before now. We're on the cutting edge and I for one am glad we took the time to do it right.
Now let's get this thing launched, and start testing it in production with real money at stake!

And also get trustless pools working kthanksbye.

#teardownthe32ethwall

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Jeff Coleman | Jeff.eth

Jeff Coleman | Jeff.eth Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @technocrypto

Jeff Coleman | Jeff.eth Profile picture
19 Nov
It is impossible for me to process the level of #facepalm I have just witnessed from @Bell's #business #fiber #internet alone, so you all have to share in this experience.

The fiber optic box for my #SMB internet service has a power supply with a built in UPS. Handy, right?
Internet is a critical service, and the entire device is under 25 watts, so building even a small UPS into the power supply will let it run for a very long time in the event of an outage! Great idea! Laptops and phones work when the power's out, so should the internet!
Wrong. The UPS is there for 911 phone service. So someone has actually gone to the trouble of designing a device that *knows* when the power has gone out, and continues powering the phones, but cuts the ~5 watts internet connection.

I don't have phone service. Just internet.
Read 13 tweets
Jeff Coleman | Jeff.eth Profile picture
23 Feb 19
@factcheckmypost @liamihorne @ETHGlobal I don't agree with you that anything is being conflated, or that we can't know things beyond simple ranges of possible values here. Formally speaking, every bit (the computer kind) of information in your experience that is more or less likely in worlds where an EF conspiracy 1/n
@factcheckmypost @liamihorne @ETHGlobal exists is evidence that tells you *something* about the real world likelihood of that conspiracy existing in fact. That is, there are parts of your experience that have mutual entropy with the part of reality that is or is not an EF conspiracy, and this means you do in fact 2/n
@factcheckmypost @liamihorne @ETHGlobal know much more than you claim about this topic. Every different way that Vitalik could respond to a tweet, every different public decision that the EF announces, every piece of data in the blockchain, all of these are things that would be impacted by the real world existence 3/n
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get email notifications when new thread is out from this Author!

Check out other threads from this Author!

Read all threads by @technocrypto