31 – Miketout explains Verus solution for PoS

A post on /r/cryptocurrency where Mike Toutonghi announced the Verus solution to Nothing-at-Stake and Weak Subjectivity for PoS has been deleted for an unfounded allegation of vote manipulation. So I saved a the few extracts with miketout answers


OK. I’m the lead dev, and while we might have community members here who upvoted (I know of none directly), I know of nothing more than that and organic upvoting.

Forget about the upvoting for a minute. Isn’t this also exciting? Our new POS algorithm uses a new kind of blockchain contract on a chain transaction that when run and passes, uses Sapling or Sprout zero knowledge proofs as the recipient of a shielded coinbase. Verus has no ASICs yet, in fact is both cpu and GPU mineable, stakeable, and we are just about to release a version with the first simple solution we know of to both nothing at stake and reducing weak subjectivity over POW. OK, I’m rightfully biased, but whatever is happening here seems pretty organic, as it is a better response than we’ve seen before in announcing something new.


What are the weaknesses of your approach?

That’s a great question. First, let me explain how it works. The nice thing about the solution is that it’s simple, similar to the Bitcoin protocol. There are no locked funds or voting pools. The premise is this:

The nothing at stake problem asserts that it is more profitable to sign all forks, as doing so, although bad for the network, can raise the chances of the validator earning the block.

If you make it always a statistically losing proposition to try to cheat by signing multiple forks, the nothing at stake problem goes away.

This is in contrast to the approaches to date, which generally want you to commit more stake in a way that can be slashed. Instead, it works like this… any transaction can win, and if so, it becomes the source of your staking transaction. Your wallet creates the staking transaction, which includes some information binding it to the specific block you are staking on, signs it to be able to spend its source, and puts it and the coinbase transaction in the block with certain matching information.

The coinbase reward transaction is the Stake Guard contract and will validate a spend for one of the following cases:

The spend is signed by the originally intended recipient of the coinbase transaction.

The spend is signed by the Stake Guard contract and contains a stake transaction spending the same source transaction and bound to another block of a fork.

That means that if someone cheats, the cryptographic proof of them cheating spends any reward they would have made to someone else, likely the miner of the block at which that coinbase matures. Meaning that there is something at stake if you cheat. You will make less, meaning most people won’t try it, and those who do will make money for everyone else.

I’m pretty hard pressed to come up with any fundamental weaknesses in the model, but for the implementation, one could argue that the rule that a cheat proof must be a transaction targeting the same or higher block height might let a few cheats go by. I’d still say that statistically, it will always be the wrong thing to do to cheat, and that I’d rather err on the side of false negative than false positive when dealing with people’s rewards.


I guess I understand why you might feel that way. Thanks for your response.

Some people do know about Verus. There’s a good sized (over 1000) Discord community that’s pretty active. Network mining hash rates have been in the multiple terahashes for a while now, even before GPU mining. I did an AMA on Reddit recently about the new Sapling release and being part of the Komodo ecosystem.
Verus has only been trading on digitalprice.io , and DP hasn’t gotten a CMC API in place, which is why VRSC isn’t on CMC. We have recently started the listing process with Cryptopia, have paid the listing fee through donations from the foundation and community, and expect to be there shortly after the next release, which should also bring CMC listing, I would think.

Like I said, there could be some people from our community here, but I’m pretty sure the 1.5 thousand + views on this are organic, and I guess some people like the fact that a fundamental blockchain proof of stake problem has been solved in an elegant, simple, and fully decentralized way with very similar principles to the original Bitcoin protocol. I mined the coin during its fair launch, zero pre-mine like everyone else, and I am excited that we have been able to do as much as we have. There’s still a lot to do for the full vision of public blockchains as a service with an on-chain economy, and these new contract-based transactions are a huge step towards the full vision. Right now, we’re also the only project to combine Sapling (meaning light weight) zero knowledge transaction compatibility with on-chain contracts to solve a fundamental consensus security challenge on October 28th. There’s a lot of material to read, including a 29 page white paper. Here are a few links if you’re interested:

pocket guide to Verus:

this new solution to nothing at stake and weak subjectivity:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s