What is Ouroboros Proof of Stake and how does it Work?
Introduction :
To understand ouroboros we need to travel back in time to understand the underlying problems that make the Ouroboros proof of stake protocol relevant. Have you ever tried to send money to someone at any point in time? Of course, you have and you were able to do that through a third party like your bank, an app or a payment merchant. The role of the intermediary is to ensure that all actors or participants (i.e in this case, users) on the network are not malicious (meaning that they do not engage in fraudulent acts or any kind of activity that undermines the integrity of the network and the funds of those using it).
So many things may go wrong in this setup. First, you are entrusting your data to a third party, and no one knows how it will be utilized. However, the thir party’s system or network is not attack-proof, and no one can guarantee that you would not wake up the next day with your bank account drained of funds; that would be a nightmare. On the other hand, we still have issues with regulators and policies that can affect our money in the bank. The blockchain network was created in response to the fact that our whole financial system is based on a centralized structure; a decentralized distributed peer-to-peer system that allows for the use of digital assets, including money (now called cryptocurrencies).
The Major Problem with Decentralized Systems
How do you ensure that a decentralized system, with no middleman or centralized agency, is impervious to harmful attacks and reaches a consensus on what is the right information on the ledger? Early developers in the industry attempted to overcome this problem with cryptography and advanced computational approaches. The “Double Spending Problem” and the “Byzantine Generals Problem” are two other issues with decentralized distributed networks. The dilemma of the Byzantine generals is how people or participants in a network can communicate and reach a consensus on truth regardless of the chance that the message will be hacked or tampered by a malicious participant or actor in the network.
What then is double-spending? Imagine a situation where James has $40 in his account and sends $50 to Lovelace, he should not be able to send the same $50 to Dave. The system should be able to detect and manage the balances without allowing people to spend the same money or financial instrument twice. The double-spend issue was a huge problem in the early days of cryptocurrency research in decentralized systems, and even when the system is decentralized with democratic control by all users, how can one verify that bad actors don’t collaborate to rip off the network? The bitcoin cryptocurrency was launched in 2009 in an attempt to tackle this problem by proposing a proof of work mechanism to eliminate the “double-spend” problem and ensure that a consensus of truth is always obtained.
The proof of work mechanism has been highly successful, howbeit wrecked with a lot of issues. One is that it is slow and cannot be scaled to handle millions of transactions per second and it is extremely energy-intensive too. The bitcoin blockchain is said to consume more energy than over 200 million homes. That is humungous!!! So what other solution could be valid? This question led experts to begin to look for better alternatives for reaching consensus on decentralized networks and birthed the proof of stake (PoS) mechanism to reaching a consensus.
The Proof of Stake Mechanism appears in the Picture
Currently, generating a block on the bitcoin blockchain requires over 2 raised to the power of 60 hash operations, which is energy demanding than ever. Proof of Stake redefines everything by providing a unique way for obtaining network consensus with less energy cost and allowing the network to scale to meet an increasing number of transactions. View proof of stake as a system where you vote leaders to represent your interest, these leaders need to behave appropriately and if they misbehave they lose their place as stakeholders and also lose all their financial stake in the system.
In the proof of stake consensus mechanism instead of investing computational resources like in proof of work, leaders are selected randomly based on the stake they possess on the blockchain ledger. In effect, this yields discipline in the participant called stake pools. Maintaining the blockchain relies on the stake pools (and stake delegation) and assigns rewards as well as work to them based on the amount of stake they possess in the ledger. So new leaders make the system decentralized. In some way, the entire proof of stake protocol sounds ideal but it has some underlying challenges which make it easier to attack compared to an equivalent proof of work consensus mechanism. That is where ouroboros comes in, as an improvement on the proof of stake protocol.
Design Challenges with Proof of Stake
A major problem of PoS-based blockchain protocol is the process of simulating leader elections. Entropy, or simply “chaos or randomness,” must be injected into the system to ensure a fair randomized election of stakeholders, and the mechanism that makes this happen may be vulnerable to manipulation by the adversary. A malevolent adversary in control of a group of stakeholders, for example, can try to emulate protocol execution by experimenting with various and varied participants until it discovers a sequence or protocol continuation that favors it. This leads to a so-called “grinding” vulnerability, where adversarial parties may use computational resources to bias the leader election.
Another challenge with the basic proof of stake system is something called “Nothing-at-Stake attack” since it costs you nothing to create a block you may as well create blocks wherever you can. If attackers can effectively employ this power, they can break persistence by bribing/encouraging others to do so or by placing blocks on the competitive chain. If the chain grows long enough, it will surpass the main chain, altering history in the process.
The third challenge is something called the “circularity argument”. How can one avoid circularity in the security argument if new randomness is injected via the blockchain? This means that the system’s randomness is determined by the blockchain, and the blockchain’s security is determined by the system’s randomness. How can we make both work without relying on each other explicitly? Because tampering with the degree of randomness tampers with the entire blockchain, and vice versa. The challenges are enormous with other possible attacks that can affect the network. The paper, “Ouroboros: A provably secure proof of stake protocol” opens more insight and lists over 6 possible attacks that exist in the PoS mechanism.
Ouroboros to the Rescue
Ouroboros is a system that improves on the already existing PoS system to create a consensus mechanism that is more scalable by solving some key issues in the previously existing proof of stake system. In the paper “Ouroboros: A provably secure Proof of Stake Protocol” — Aggelos Kiayias, Chief Scientist at IOHK and his colleagues, clearly defined how ouroboros works and the entire concept has been adapted to power the Cardano blockchain. This has made Cardano not just secure but possibly one of the most efficient blockchain networks in the decentralized ecosystem. But how does ouroboros work?
How Ouroboros Works
So far, Ouroboros exists in two forms — Ouroboros and Ouroboros Praos. The main difference between the two is that:
In Ouroboros the slot leaders are known publicly ahead of time and each slot always has a leader per time. Meanwhile, in Ouroboros Praos each stakeholder knows ahead of time which slots they lead. Others only find out after they have published a block. There can be multiple slot leaders for a slot or none at all. Cardano started with just Ouroboros, but over time the network has transitioned to run on the Ouroboros Praos Proof of Stake mechanism for achieving consensus and staying ahead of bad actors.
Ouroboros constitutes four design stages to offer solutions that improve the previously stated challenges with the proof of stake system:
Stage 1: Static Stake.
Stage 2: Dynamic stake with a beacon, adversarial look-ahead E, epoch period of R slots, and delay.
Stage 3: Dynamic stake without a beacon, epoch period of R slots, and delay.
Stage 4: Input endorsers, stakeholder delegates, anonymous communication.
All these can be technical to unravel so I am going to outline what all these stages entail in summary. In Ouroboros, the main encryption scheme used in the random generation process is Publicly Verified Secret Sharing (PVSS). In the secret sharing scheme, a “party” divides a secret into multiple “shares”. Only when one party has access to a certain percentage of shares (here> 50%) can the original secret be reconstructed. In a publicly verifiable secret sharing scheme, participants publicly release evidence that their behaviour is valid.
Using PVSS, stakeholders play a game of tossing the coin on the blockchain. The random results of the toss generate leaders of the slot for the next era. To play the game, each participant posts a secret random number on the blockchain. At the time, these random numbers are revealed. Finally, they are combined to generate a final deterministic public random number that all participants use to determine the leaders of the slot for the next epoch. The process of block creation on the blockchain is divided into Epochs and slots. Each epoch consists of several slots where a leader can be delegated to create the next block.
The minimum staking limit is not very good. This means that you need to develop a delegation plan for people whose number of participants is below the limit. Mandatory delegation is basically a social system, just like voting. If a malicious party uses social manipulation to persuade enough people to vote for them, they can get a voter turnout of more than 50%, thus violating the assumptions in the security model.
In Ouroboros Praos, slightly improved routes are taken. Praos uses Verifiable Random Function (VRF) as its main randomness generation scheme. Given a private key and an entry, the VRF scheme generates a pseudo-random number and a test. Anyone with your public key and test can verify that the number was generated using the given input, but it cannot be generated before then. In Praos, each epoch has an agreed nonce or random number, which all participants must use as input to the VRF. For each space, each participant uses their VRF and nonce to generate a random number. If the number is less than the threshold proportional to your stake, then it is the leader of the space. Since these random numbers are generated independently by each participant, a position may have multiple leaders or none at all. The nonce of the next epoch is generated by the VRF value embedded in the block header of the previous epoch.
Either Ouroboros and Ouroboros Praos is good improvements to the PoS mechanism, but Ouroboros Praos adds features that make Ouroboros even better and that is why it has been used by IOHK as a protocol for reaching consensus on the Cardano Blockchain.
The image above depicts the origin of the word Ouroboros, an idea of a snake or serpent swallowing itself. Ouroboros is simply an iteration of principles meant to ensure the continued efficiency and performance of Proof of Stake (PoS), by iterating through design features that solve possible problems that might occur in the basic proof of stake system thus enabling a more secure blockchain.
Conclusion
The Cardano blockchain is a prime example of how the Ouroboros Praos improvement is being used. Even though the mathematics behind the underpinnings of the entire protocol is very complex, this article aimed at introducing the idea of consensus in decentralized networks and how Ouroboros works to improve the Proof of Stake (PoS) consensus mechanism. It seeks to provide mechanisms to make the possibility of an attacker tampering with the blockchain ledger extremely difficult. For more understanding about how the blockchain, consensus mechanisms etc work check other articles on this platform.
References :
https://medium.com/unraveling-the-ouroboros/introduction-to-ouroboros-1c2324912193
