Why NXT Ought to be Taken Seriously

By Anon136 from bitcointalk.org (comments enabled)

Satoshi's discovery is often thought of as simply money over IP but the scope of his discovery is much wider than this - his legacy much greater. Sometimes, it is important in a network to be able to achieve consensus. Other times, it is important in a network to be able to avoid centralized points of weakness. Individually these problems are solved relatively easily. However computer scientists found it more challenging to describe a method for allowing both of these qualities to be realized simultaneously. This is Satoshi's true legacy, not money over IP specifically, but how to achieve a consensus in a decentralized network. The difficulty of the problem results from the fact that in a decentralized network no two distinct perspectives can ever be expected to witness the same picture of the state of the network. It's not even a question of right versus wrong, they are both correct, but different. Satoshi's solution was to use something called a block-chain to house a consensus record, and proof of work as a fair means of determining whose perspective the official record should be a reflection of.

Nxt offers a slightly different solution to this same problem. It, too, uses a blockchain to house the consensus record. However, it solves differently the problem of determining whose perspective the consensus record should be a reflection of. NXT uses proof of stake rather than proof of work. In a proof of stake scheme, one gains the right to author a block by demonstrating their administrative capacity over a particular quantity of a digital asset. Unlike its predecessor Peercoin, NXT introduces the idea of randomness in the selection of which stakeholder has the right to author a block. Think of it like the number of coins you administer being analogous to the MHash/second that you would have in a proof of work crypto. Or, another way to think of it, as each unit of currency being an entry into a lottery where the winning lottery ticket is selected at random.

The first step to understanding the advantages of proof of stake is to understand the shortcomings of proof of work. I will address two such shortcomings: First, because mining is expensive and because there is no such thing as a free lunch, this cost must be borne by someone. At present, with Bitcoin, this cost is borne mostly by the savers in the form of loss of purchasing power due to inflation. Later, when the block subsidy is diminished/eliminated, this cost will shift towards those who most actively use the currency in transactions; Second, hashing efficiency scales logarithmically with investment in infrastructure. In lay-terms, that means that a person who has invested 10 billion into mining infrastructure will be able to produce significantly more than 10 times as much hashing power as someone who has invested 1 billion. This creates mounting pressure towards centralization relative to the level of capitalization of the proof of work coin market.

Peercoin currently is the most noteworthy implementation of POS, and all the other POS schemes on the market, as I understand it, are forks of Peercoin. Peercoin is an innovative step in the right direction. It solved the above mentioned problems, but only at the cost of introducing new ones. Peercoin's security model relies on the assumption that large stake holders will remain honest, out of fear that the loss of value of their stake would outweigh the advantages of a successful double-spend. The main problem with this assumption is that different people rarely have the same idea about what constitutes self-interest. Imagine, for example, a situation where a large stake holder in Peercoin is an even larger stake holder in alternative monetary schemes and stands to benefit from the Peercoin capital exodus by being on the receiving end of that exodus in his other investments.

The natural solution to the problems outlined in Peercoin is to introduce randomness into the selection of which stakeholder wins the right to author a block. It sounds simple, but in reality, it is not as simple as it sounds. The system cannot simply hash the previous block and use the digest as the parameter for selecting the winner (the right to author the next block) because the block authors would simply contrive transactions that will cause the block to digest into a hash that gives the right to author the next block. In-fact, you cannot base it off of a digest of any part of the block that the author has free reign over, or we run into the same problem. So here is the trillion dollar question: How do you arrive at a series of unpredictable but consensus verifiable number without proof of work? This is NXT's key innovation.

In abstract, it works by having the author of the next block be selected by comparing the author's public key containing his stake to the public key of the author of the previous block. The quantity of his stake multiplies the threshold for applicable submission. In-order to prevent an attacker from simply creating a public key that will win, and loading that public key with his stake, NXT introduces the idea of effective stake. Only stake that has remained stationary for 1440 blocks (24 hours) has the right to author a block. Since forgers regularly drop on and off of the network at various times for various reasons, it will never be possible to predict who will mint each and every one of the next 1440 blocks. This stops the attacker from creating a public key that will win the 1441st block and loading that public key with his stake. In-order to prevent an attacker from creating a "trap", where if he manages to become lucky enough to author one block in the future and he has prepared a set of funded addresses which would "catch" the subsequent blocks, NXT does not only rely on the previous block author's signature alone, but instead builds an entirely separate "block chain" which is the result of hashing every public key ever used to author a block.

The more astute among my readers may notice a bit of a chicken and egg problem here. How does the network protect itself against an attacker on block two if there is no way for that author to have had his stake remain stationary for 1440 blocks? The answer is that the dev(s) never really did describe a proper solution to this problem, as an attacker could have exploited the chain on block 2, but they didn't. And now, at this point, it's a bit like a ball rolling down a hill, it has gained the necessary momentum to sustain itself indefinitely.

In addition to solving some of the previously mentioned problems with proof of work, NXT also offers a number of potential advantages. While it is not possible to predict who will author the block 1440 blocks from now, it may be possible to predict, one, two or maybe even ten blocks into the future. What this means is that, if a merchant trusts the next six forgers in line to author the next 6 blocks (perhaps because they have a long standing reputation for honesty), then it is equivalent to the merchant as if this transaction has 6 instantaneous confirmations. What we are talking about here is the possibility of a decentralized crypto with instant transactions. No more waiting around for confirmations, as with Bitcoin. This is the first Holy Grail of NXT. Furthermore, you could, in theory, rather than broadcasting your transactions to the whole network, send them directly to the next block author. He could, in theory, clear your transactions with other market actors before recording them in the blockchain. So as an example, imagine that a shopper is paying Walmart 10 dollars and Walmart is paying a contractor 10 dollars during the same 1 minute period. Instead of recording both transactions in the blockchain, the block author could simply record it as the shopper having paid the contractor directly. If that contractor wants to then spend 10 dollars on a new pair of shoes in the same block, then the Walmart shopper’s 10 dollars could be paid directly to the shoe salesman. This could potentially allow NXT to match or even surpass Visa’s transaction load. This is the second Holy Grail.

Thus far, it surely seems as if I have been deifying NXT, so in the interest of fairness I should take this opportunity to separate some of the real innovations from conjectural innovations, the real innovations from the non-innovations that are sometimes touted as innovations, and point out some of the risks involved in investing in this technology.

First, and most importantly, is NXT a pre-mined scam coin? Well, maybe, as of the time of writing we have not really seen compilable open source code. If you are concerned about this then I advise waiting for open source code that you can compile and run yourself before getting involved. However, if at the time of reading this there is compilable open source code then we can safely say, no, it is not a scam coin. One of the requisite characteristics of a scam is an element of secrecy. Such an accusation would be false here, for the same reason that Bitcoin bugs have used to rebut the same criticism against Bitcoin a thousand times. Open source software cannot be a scam because scams require secrecy and there are no secrets in open source code.

Perhaps the question that ought to be asked instead is whether the implementation of this amazing idea is flawed. I wish that I could provide a simple “no” here but, like in the last paragraph, the answer is more complicated than that. Aside from the obvious caveat that there could be as of yet uncovered critical mistakes in the software, there are stakeholders out there who presently own more than 50 million out of the total 1 billion coins issued. This means there are multiple individuals who individually own more than 5% of the total stake each. To put it bluntly, this is unacceptable. This is not the level of decentralization we have come to expect from a decentralized crypto. For NXT to be successful this must change. Fortunately, there is one good reason to expect that it will change. That reason is that, even for the dragons themselves who sit atop vast hordes, it is not in their own interest to horde their own NXT. With a little luck these individuals will realize that if they continue to horde their NXT, then someone else will simply copy the code/idea and release “Even-NXT-er” with fairer distribution, and they will be left out in the cold, lords of the world’s metaphorically largest pile of worthless abstraction. To any dragons who may be reading this, I want ask you rhetorical question that I hope will take very seriously. Is it better to be 1/20th owner of all the shit in the world, or 1/100th owner of all the gold? If these early investors wish to avoid killing their golden goose then they must strike the proper balance between the reward that they rightfully deserve, for the risk they have legitimately taken, and the necessity for a certain level of decentralization in a decentralized network. For me, the amount that would make me personally feel comfortable would be no single individual owning more than 1% of the total currency supply. That would amount to a max of 10 million coins per single individual. Furthermore this is not a problem that can be put off for later, if it is not addressed soon, then there will be no later for NXT.

Often NXT is touted as the future of decentralized exchange. This very may well be true, in fact I think it probably is true. However the ability to implement this feature is not in any way unique to this platform. Any other crypto-currency could be used for exactly the same thing. All we are talking about here is a promise from the developers to include in their platform, a feature, that any other crypto-coin developer could have also promised to include in his had he chosen to make such a promise. Decentralized Alias System, Decentralized DNS, Arbitrary Messaging, Distributed Storage, Voting System, Reputation System and Smart Contracts are all further examples that fall into this same category.

I am not prepared to give investment advice; however, I am prepared to tell you that if you ignore the ideas behind NXT, then you do so at risk. Even if this particular implementation of these great ideas fails, the ideas themselves are here to stay, and they are going to fundamentally alter the crypto-currency landscape forever.