Casper Versus Ouroboros : Hoskinson’s latest revelation

On August 18th, the Co-Founder of IOHK and the Creator of Cardano protocol, Charles Hoskinson posted a link to his latest response to Ethereum’s Co-Founder Vitalik Buterin’s rebuttal.

The altercation has been ongoing for almost a month now after Vitalik posted on Ethereum’s subreddit questioning the competency of Cardano’s Ouroboros protocol.

Hoskinson made a statement in his earlier rebuttal, to which Buterin disagreed.

Hoskinson’s comment:

“Such a protocol cannot tolerate that any single honest player suddenly experiences network delays beyond the hard-coded bound.”

Buterin’s response to the above:

“Disagree here. In any 50% fault tolerant synchronous protocol, if 20% of nodes start to experience delays, then you still have 30% fault tolerance.”

Earlier today [18th August], Hoskinson replied to the above disagreement. He said:

“sure, what I meant above was “any single honest player” assuming the adversary controls the maximum number of parties allowed by the protocol’s resiliency threshold.”

In response to Vitalik’s comment about the IOHK blog article, making a mistake in implying that the finality guarantees of Ouroboros and the Casper family are similar, Hoskinson explains three issues in hand.

Hoskinson explains that in IOHK’s blog post article, they clarified that finality is achieved by Ouroboros, within the threat model defined. He also speaks about the third issue stating that in the Ouroboros line of works, a proof is a mathematical object that is expressed within a fully specified formal model for a protocol that is explicitly described within that model.

In Vitalik’s earlier post, he cited parts of the IOHK blog stating it as an example to his above comment:

“For example this part: Ouroboros is analysed in the “partially synchronous” setting where messages are delivered to the majority of the parties executing the protocol within a time window upper bounded by a network delay Δ which is unknown to the parties. In fact, the security proof does not offer any security guarantees when Δ >= 0.693 * f.”

Hoskinson argues that similar limitations apply to the Nakamoto consensus when analyzed in a partial synchronous setting. He further states that analyzing Ouroboros was a significant step in the development of the protocol and also in showing how Proof of Stake protocols can match Proof of Work protocols. He said:

” The first version of Ouroboros is in the synchronous setting, where parties know Delta and maintain a round-based structure. As we show in Ouroboros Praos, the first version of Ouroboros cannot be secure when the majority of the nodes experience network delays longer than the original estimate; this was of course expected but what we showed is that it is true even if the estimate is exceeded by a very small amount.”

Hoskinson tells that the above was an important downside compared to Nakamoto consensus which in the partial synchronous setting which enjoyed a graceful degradation of security as the actual delay deviated from the original Delta estimate. He further said:

“With Ouroboros Praos we achieved this, showing that PoS can actually match the PoW setting in this respect. The dependency on Delta was highlighted numerous times, e.g. in p.2, Ouroboros Praos it is stated: We remark that these arguments yield graceful degradation of the analysis as a function of network delays (Delta), in the sense that the effective stake of the adversary is amplified by a function of Delta.”

In a broader sense, Hoskinson explains that the company also sees notable use cases of the Byzantine Fault Tolerance [BFT] protocol. 40 years of research in the particular field has already played a significant role in building distributed ledgers he said.

However, Hoskinson still believes that Nakamoto’s consensus has been a very significant development in the distributed systems space, and Ouroboros’ Proof of Stake [PoS] demonstrates how it is possible to achieve decentralization such as dynamic availability, bootstrapping from genesis etc. in the PoS setting, with just an honest stake majority assumption.

Moreover, Hoskinson stated that they were continuously assessing the protocol and its threat model to meaningfully address various types of threats employing results from the large body of knowledge in BFT and Secure MPC protocols.

Hoskinson defensively responded to Vitalik’s comment about calling Ouroboros  an”asynchronously observable synchronous consensus”, which sums up to:

However, Hoskinson agrees to the fact that threat models should be continuously evaluated and finely tuned to real-world threats and conditions. He concludes by saying:

“At IOHK Research we are very actively working on all these fronts and we are always open to discuss, assess and contribute new proposals; fully understanding such models and their limitations forms the basis of any good development in this space.”