*Why* do we use proof of work to determine which set of ordered transactions is valid, instead of just trusting other participants (and their checkpoints)?
Discussion
According to the 20,000 Monero nodes that exist, our current chain is the correct chain with the checkpoints and proofs. An adversary would have to redo the entire chain and convince the 20,000 legitimate nodes that their chain is the correct one in order to overcome
Haven't answered the question.
I was actually very interested in your question, so I asked it somewhere else and got an answer. The block hashes are hard-coded into the software at each checkpoint, which means that this software will reject any block hashes that do not match. So, not only would you have to do the Proof of work, but you would also have to convince a majority of node operators to switch to your fork of the software.
So the checkpoint overrides the proof of work consensus?
for anything before, yes apparently. for anything after, no.
It's a form of proof of stake, in this case it's basically just a proof of developer reputation. It takes one line of code to add a checkpoint to bitcoin, there's a reason why we rely on proof of energy instead.
Developers override proof of work consensus.
This is necessary because Monero doesn't have a security budget large enough to defend against even a very small state actor.
This is also one of the reasons why the developers keep changing the hash algorithm.
Monero is completely dependent on trusting the core developers every step of the way.
Monero proponents errornously believe it is an alternative to bitcoin because they have failed to understand the Bitcoin security model and what problem it solves:
💯
It's a voluntary network. That's what is important. Anyone is free to join or leave at any moment. Anyone is free to swap for another crypto or fork if they don't agree and the devs cant do a damn thing to stop them. That's exactly how Monero was created to begin with. Users decided they didn't like how previous devs were doing things and left them for Monero.
Bitcoin was also at one time vulnerable to a very small state actor. Speaking of security budgets, Bitcoins is rapidly shrinking.
The only way it is sustainable is if Bitcoin price continues climbing indefinitely (what a thing to base security on), and/or transaction fees make up for it. If adoption continues and transaction fees climb with it this will price out the vast majority of the world from using Bitcoin in any sovereign manner.
ASICs also have many flaws...
-ASICs can't match the ubiquity and accessibility of CPU mining which is more conducive to decentralization. No large capital investment required.
-Ostensibly harder to attack, but if successful, much harder to deploy new ASICs to fight back since they're in such short supply
-Large concentrated mining farms are easy to co-opt and regulate for governments.
-Heat, noise, and energy draw make ASIC mining very obvious
-Two major manufacturers chokepoint
-Everyone knows what you're doing with that ASIC miner you bought
-Centralized mining pools. StratumV2 helps but isn't sufficient. Large pool operators control payout.
-Over half the total hashpower now requires KYC.
-Targeted mining censorship possible.
Bitcoiners act as if they aren't centralized in any regard, when they are in several ways, including defacto relying on core developers. Bitcoin Core is 99%+ of your node software. Even BCH is more decentralized in that regard.
Monero is not an "alternative to Bitcoin. It's not even a fork of Bitcoin. It is doing something completely different. Maybe you should start thinking of each network having unique advantages of it's own rather than this very narrow maxi mentality
"Police raid a concealed #Bitcoin mining operation, initially mistaking it for an illegal marijuana farm due to the heat signature"
https://twitter.com/BitcoinNewsCom/status/1721359382745874489
https://luke.dashjr.org/programs/bitcoin/files/charts/software.html
Does this mean that if an attack occurs just before a checkpoint It gets locked in forever?
it would appear so, but no attack has hurt monero
No, the developers can roll back a checkpoint.
Well, if that's the state of the chain, at the time, I don't see how they can avoid putting it in, because if they roll it back, they have to roll back the chain and break the trust of their users in their system. Can you ever imagine if, like, Bitcoin did this and said, oh, the last 3000 blocks are invalid. Yeah, I can't either.