6
Is Qubic's attack strengthening the case for Monero to migrate to hybrid PoW/PoS? (monero.town)
submitted 2 days ago by LogicallyMinded@monero.town to c/monero@monero.town
22 comments fedilink hide all child comments

Although far to be a total victory, Qubic's merge mining attack on Monero shedded light on a weakness for pure PoW blockchains. Indeed, merge mining enables an auxiliary chain to incentivize the concentration of the hashpower in exchange of extra rewards. In the case of Qubic, the flaw is more apparent as Qubic has been intentionally adversarial but the same issue would remain for other non-adversarial auxiliary chains such as Tari or DarkFi. Because of the extra rewards offered, it would be rational for economically motivated miners to direct their hashpower to those auxiliary chains, hence concentrating hashpower over time.

Maybe some smart brains will figure out a solution that would prohibit merge mine on a pure PoW blockchain but assuming this can't be done, a PoW/PoS mechanism could be an alternative solution.

It's exactly because of security concerns that some PoW blockchains have moved to a hybrid PoW/PoS model.

eCash (a fork of BCH by Amaury Sechet, the founder of BCH), has moved to a hybrid PoW/PoS (Nakamoto+Avalanche consensus) to prevent 51% attacks on the network and improve the user experience (sub 3 seconds finality). The goal of eCash is to be the best form of digital cash which requires fast finality. Still in the case of eCash, it can be debated whether or not digital cash with optional privacy can be the best form of cash (to most Monero folks, the answer would be no).

Another example is Boolberry that was relaunched as Zano with the migration from pure PoW to a hybrid PoW/PoS chain. Here again, security concerns motivated the transition. On the user experience front, Zano also benefited from the integration of PoS by offering faster transaction finality. Notably, it's likely why Aaron Day chose Zano over Monero for the launch of his point-of-sales system as long finality times aren't acceptable for in-person merchant payments. It's questionable whether Zano is secured enough with PoS as the coin distribution was heavily influenced by the Boolberry premine, but this is not an issue that Monero would have.

Due to its fair launch, focus on medium-of-exchange and lack of supply held on exchanges (thanks to the delistings) Monero is really well positioned to augment its consensus with PoS without fearing attacks related to the concentration of XMR in the hands of a few. PoS presents the advantage to lower the barrier to entry to participate in the consensus and earn a share of the coin emission. It should make the network more resilient to the attack of a small actor (let's be honest, Qubic is a small actor). Plus some PoS consensus such as Avalanche can allow for a high degree of coin concentration without risking the network of being attacked. Even with a classic PoS consensus, Monero would certainly be one of the most secure PoS chain out there.

In addition, PoS would enable faster transaction finality which is a key feature Monero lacks to be the best digital cash possible.

That said, PoW still has its importance for Monero. In pure PoS blockchains, a new validator joining the network needs to connect to a set of trusted validators to load the blockchain history. Those are usually maintain by the core teams or foundation. The real utility of PoW is to enable a new validator to bootstrap the blockchain in a trustless manner (by seeking the chain with the most work rather than trusting a given set of validator). Hence a PoW/PoS model is preferable to a pure PoS model.

It's no secret that the culture of the Monero community is generally opposed to PoS. Maybe this strong stance is slightly ideologically driven. We certainly can be proud of being one of the few respected PoW blockchain left out there but maybe this Qubic event will change the narrative. Whichever path Monero takes next, hopefully the chain will gain in resiliency.

you are viewing a single comment's thread
view the rest of the comments
[-] g2devi@feddit.nl 1 points 1 day ago* (last edited 1 day ago)

IMO, while a hybrid approach might be eventually necessary, I don't see PoS as part of the solution. But there are viable solutions (see below).

The problem with Qubic is that a few players can (temporarily) disrupt the network. The tokenomics of Qubic allow it to attack temporarily but it will ultimately fail by that same tokenomics. With PoS, the problem is that a few players (the stakers) can disrupt the network. The requirements for staking (e.g. not turning off your machine for a set period of time, etc) encourage people to stake with a service so it encourages non-custody and centralization. And since PoS gives stakers more stake, their power to disrupt can only grow.

So you're trying to fix one set of disruptors by adding a second set of disruptors. Not exactly a solution, IMO.

Of course there's slashing. If it's purely algorithmic slashing, then it can be gamed and taken advantage of by either disruptor. If it's "trusted individuals" then you're just adding another set of disruptors to the mix. With so much complexity and potential for collusion, it's almost certain that failure will eventually result.

So what's possible? There are other consensus mechanisms that greatly reduce block reorderings like GhostDag (see Kaspa) that might be used to support the current PoW. Nano also has no transaction fees and seems to keep working. Instant validation of mutually agreed upon transactions also work if both parties are online at the same time (it doesn't work otherwise). If I give you cash, and you accept the cash and give me a receipt for that cash in real life, I don't need a third party to validate it so it would be wrong for a third party to not confirm it on the blockchain as finalized. You can even add the condition of having both parties have a copy of the receipt and both parties have to sign it. That extra condition is usually a part of the transaction of big ticket items like houses for extra security. True this approach wouldn't work if one party is offline, but since I estimate for over 90% of transactions both parties are online (since NFC cards aren't common but phones and computers are), this approach would all the blockchain to keep working even if there is an attack. The other supports are there for offline transactions.

[-] LogicallyMinded@monero.town 1 points 1 day ago

It's true that some of the staking will be done on centralized services but that's no different to how mining pools centralized hashpower. I don't know GhostDag but I've heard that Nano is not really secured. Most blokchains that have experimented with DAGs at some points, have walk back to a more classical blockchain (Avalanche for instance). I'm not saying consensus based on DAGs data structure can't be an option but classical blokchain + PoS have been a lot more battle tested. DAGs are still a bit exotic as far as I understand.

[-] Electricd@lemmybefree.net 1 points 1 day ago

I've heard that Nano is not really secured

I'd like to know more on that

this post was submitted on 09 Aug 2025
6 points (87.5% liked)

Monero

2007 readers
6 users here now

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

founded 2 years ago
MODERATORS
admin@monero.town