A proof-of-stake algorithm is somewhat analogous to a boardroom in a corporation where the corporation’s directors and major shareholders vote on, say, publishing an annual report – as stakeholder, they have a vested interest in increasing the value of their holdings, however, if they are caught with an untruthful report to public shareholder, this would have a negative impact on their holdings. The dominant strategy is therefore to produce an accurate report.
Similarly, the security of a proof-of-stake algorithm for creating blocks in a Blockchain depends on the valuators’ having a common stake in the outcome. There are many complex ways to estimate probability (see quantitative analysis), but for the simplest demonstration, we provide the following:
Example: Suppose that the odds of a vested stakeholder – with skin in the game – accidentally voting against their best interest is known to be about 1 in 10.
P(1) = .10
The probability of a decentralized voting majority of a 20 person board voting against their best interest could be expressed as:
P(.10)^n where n = 11 in a simple majority.
The probability of failure comes out to = 1 in 10^22
This is an incredibly small likelihood of failure, in fact, the odds of winning the Powerball lottery is only about 2 x 10^8
The likelihood of corrupting a centralized board is much higher as opportunities for collusion, asymmetric information, short term vs long term gains, personalities, and politics, and other such social counter-incentives may substantially increase the odds of influencing a vote (see qualitative analysis).
If a malicious actor could infiltrate a decentralized vote and set up a network of bribes, the total cost of corrupting a board would increase exponentially to the number of voters needed to win a majority.
This cost could be further increased by scrambling the identities of the stakeholders such that an assailant would need to crack the algorithm that determined which number n of a total of N validators would be participating in a vote, and then corrupt all of the stakeholders within the period of time that the vote is occurring, etc. Barring perhaps the most egregious attacks, such a strategy would not be feasible.
The Intercept: The assailant could incorporate an electronic system that intercepts the electronic votes of the stakeholders and changing their values in transit. The cryptographer’s response to this situation would be to incorporate multi signature cryptography to the transmission of information packets.
The Counter-intercept: Multi signature cryptography involves the use of a public and private key held by each stakeholder the input signal would be sealed using the public key of the stakeholder and the private key of the source. The package would be unsealed using the public key of the source and the private key of the stakeholder. In this manner the input signal cannot be tampered and the sender and receiver are assured.
The Spoof: The assailant could intercept the spoof the sender or the receiver to send a corrupted packet that contains the malicious information. The receiver may think that the packet is being sent from a reliable source, which has in fact been spoofed. This type of attack can be countered by a Byzantine proof.
The Counter-spoof: The Byzantine proof is a simple technique where each stakeholder states his or her vote. The vote is then returned to them and the stakeholder then vote on their vote. If the second vote is not unquestionably unanimous, the default position is to reject the block.
In fact, the combination of decentralized stakeholders, Multi-signature cryptography, and byzantine proof that make the proof-of-stake algorithm both efficient and all but impossible to corrupt.
The QUANT algorithm provides the above security features within a network of QUANT stakeholders. The security scheme relies on a decentralized body of stakeholder that are individually validated for their stake in the system and isolated from each other by quasi-anonymous identities. The QUANT’s individual transaction record provides a quantification and qualification of stake as well as a private key to open and close contracts. The Q-BOK provides the public key that prepares the contract for transport and retrieval. In order to set the public key, the sender must know the contents of the packet. In order to open the packet, the receiver must have pre-validated stake in the packet, the contents of which they could not know prior to receiving it.
Due to the relatively small value of the individual packets, it would be uneconomical for an assailant to corrupt sufficient packets in order to spoof a transaction record needed to execute a malicious act. Since Transaction records are developed over a long period of time, the network would easily identify unlikely transaction records with nebulous validators (i.e., bots), long in advance of an attack. The assailant would be neutralized long before holding a private key of any consequence.