Proof-of-stake

The third method that a blockchain might use for reaching consensus is the PoS algorithm or scheme. It is extremely similar to the PoW scheme discussed previously. The main difference between these algorithms is that with PoS, participation is restricted to the entities (individuals or organizations) that have a legitimate stake in the blockchain. An entity needs to have an asset or a smart contract (that is, a programmable asset that can execute code) saved in the blockchain. The blockchain can still be public, but the verification of new transactions and blocks is only done by these entities. The PoS algorithm replaces the calculation of the hash with a digital signature that proves the ownership of the stake. Instead of all stakeholders trying to confirm the validity of the information submitted, the blockchain's network chooses an individual to approve it. The chance of you being chosen is calculated based on your proportional stake (or wealth) in the network. So, instead of all entities in the network attempting to solve the nonce simultaneously to reach a consensus, the network itself runs a lottery to decide who will announce its conclusions—and it might just be you! All system participants with a stake in the network are automatically and exclusively entered into the lottery in proportion to their stake, or the number of lottery tickets.

In a cryptocurrency-based PoS blockchain, the term mining is replaced by the term minting, where a block is forged rather than mined. Usually, the amount of coins available is determined at the creation of the blockchain and it never changes. The entity that forges or validates the block receives transaction fees, which eventually will grow its stake (or wealth). The following diagram explains the main difference between a PoW and, PoS system:

This system of picking an entity that is already deeply involved in the network, however, can create an increasingly centralized blockchain, certainly if the participant gets an incentive for submitting his or her conclusions. Blockchains that use a PoS system have made modifications to this algorithm in order to ensure that the base of their network remains as broad and as secure as possible. One of these modifications is the prediction of the generator, or "forger," using a randomization formula. The formula looks for the lowest hash value in combination with the size of the stake. Because stakes are public, each participant can predict which account to the right will likely win in order to forge the new block. Another modification is an age-based selection system, where the transaction fees received, or wealth, will only start being part of the participants stake after x amount of days.

The older the received wealth, the greater the chance of getting picked. To control the situation whereby older wealth always has a higher probability of being picked, the age of the wealth is reduced to zero (0) once used in the verification process and it needs to age again to be part of the participant's stake. Also, when the age passes a specific number, the wealth is taken out of the equation. This process secures the network and gradually expands it without consuming significant computation power. A blockchain that uses these methods claims that it makes malicious attacks on the network more difficult because it guarantees fewer centralized pools that forge new blocks. This is the case because having a lot of wealth does not mean that the participant holds 51% of the hashing power, which could provide that power to submit malicious transactions.

In a cryptocurrency-based PoS blockchain, this means that received coins that are unspent, in 30 days, for example, begin to compete for the next block. Thus, older and larger sets of coins have a greater probability of being chosen for signing the next block. Once the coins are used to sign a block, the "coin age" is reduced to zero and needs to age for an additional 30 days to be part of the stake and used for signing another block. If the "coin age" reaches 90 days, for example, the coins are also removed from the equation to prevent very old or large collections of stakes dominating the blockchain.