Algorand uses a pure proof-of-stake (PPoS) protocol built on Byzantine consensus. Each user’s influence on the choice of a new block is proportional to its stake (number of tokens) in the system. Users are randomly and secretly selected to propose blocks and vote on block proposals. All online users have the chance to be selected to propose and vote. The likelihood that a user will be chosen, and the weight of its proposals and votes, are directly proportional to its stake.
Algorand’s PPoS approach ties the security of the whole economy to the honesty of the majority of the economy, rather than to that of a small subset of the economy. The system is secure when most of the money is in honest hands. With other approaches (outlined below), a small subset of the economy determines the security of the whole economy, which means just a few users can prevent other users from transacting. In Algorand, it is impossible for the owners of a small fraction of the money to harm the whole system, and it would be foolish for the owners of the majority of the money to misbehave as it would diminish the currency’s purchasing power and ultimately devalue their own assets.
Proof-of-work (PoW) is an approach in which users race to solve very complex cryptographic puzzles, also known as mining. The first one to solve the puzzle has the right to append the next block to the chain and is rewarded for doing so. Bitcoin, Ethereum, and many other blockchains use this approach. PPoS has numerous advantages over PoW.
First, PoW is extremely expensive and wasteful. Mining often requires specialized hardware to be competitive and consumes an enormous amount of electricity. Only professional miners who have made the capital expenditure necessary to buy racks of hyper-specialized mining equipment can expect to make a profit. Accordingly, only they participate in (and benefit from) block generation. And since only one user solves the puzzle and generates the new block, all the efforts of other miners is wasted. By contrast, Algorand’s consensus protocol does not require participants to solve cryptographic puzzles in order to propose or validate blocks. Any user who is online and possesses stake is eligible to participate in the consensus protocol. And block generation does not require any expensive computation. Participation cost—both computational and financial—is very low and therefore not a barrier to participation.
Next, PoW leads to a concentration of power and de facto centralization as a result of miners pooling their resources. These mining pools can erase blocks or change the order of blocks if they wish or if they’re bribed to do so. Bitcoin, for example, is currently controlled by three mining pools and Ethereum is controlled by just two. Whether by design or de facto, any blockchain that is centralized is insecure. With Algorand’s PPoS, on the other hand, malicious users do not gain any advantage by splitting their stake into many accounts (i.e., pretending to be many users) or by pooling into a single one. A user can increase their influence only by increasing their stake.
In addition, in PoW systems, blocks take 10 minutes to be propagated to the network. This is the case no matter how many users try to solve the crypto puzzle. Such slowness and lack of scalability are insufficient for serving a global economy or any financial application. With Algorand’s low computation and communication overhead, however, blocks are propagated within seconds. Therefore, the protocol is able to scale to millions of users and sustain a high transaction rate.
Finally, with PoW, there is a chance that two users could solve for a valid block at the same time. When two nodes get a valid block simultaneously, the blockchain forks into two because different groups of users may see different candidates for the next block. A fork may persist for a while, and its branches may even be elongated by the addition of new blocks. But eventually, all branches but one will die (the longest), and all the blocks in the dead branches will disappear. The transactions on the dead branches are considered invalid; they basically never happened.
Forks are an unwelcome source of uncertainty and delay. If a payment made to you appears in the latest block added to the chain, you cannot immediately consider yourself paid. This is because a branch may overcome the current chain and your block may end up in a dead branch and disappear. Before considering yourself paid, you would need to wait for a sequence of blocks to be added to yours, so as to minimize the chance that the block containing your payment will end up on a dead branch.
In contrast, the Algorand blockchain never forks. Two blocks can never be propagated to the chain at once because only one block can have the required threshold of committee votes. At most, one block is certified and written to the chain in a given round. Accordingly, all transactions are final in Algorand. Once a block appears, users can rely on the transactions it contains immediately and they can be confident that the block will forever be part of the chain, which means the money they receive is safe.
Delegated proof-of-stake (DPoS) is an approach in which a fixed number of elected entities, delegates, are selected to create blocks in a round-robin order. Delegates are voted into power by the users of the network, who each get a number of votes proportional to the number of tokens they own on the network (i.e., their stake). In EOS, for example, the number of delegates is 21.
As a result of the limited number of block producers, DPoS is able to handle transaction throughput that is multiple orders of magnitude greater than PoW. However, what DPoS offers in scalability, it sacrifices in decentralization, and therefore, security. DPoS is inherently centralized. There is no guarantee that all delegates will remain honest. And even if their honesty was a certainty, they can easily be attacked. Since delegates are known, even if they were kept in power for a short amount of time, a determined adversary could bring down all the delegates by a fast denial of service (DoS) attack.
In contrast to DPoS, PPoS doesn’t put a small set of users in charge of block generation, and users do not need to delegate their voting power to the selected few. Every user may propose and vote on blocks with a probability directly proportional to their stake, and there is no special group of users for an attacker to target.
Bonded proof-of-stake (BPoS) is an approach in which any number of users set aside part of their stake (i.e., bond) in order to influence block generation. They lock up part of their stake for a certain amount of time (like a security deposit), and in return they get a chance proportional to that stake to select the next block. Their voting power in the protocol is proportional to the amount of stake they are willing to lock up. Once the deposit is in place, it cannot be removed until a specified amount of time has passed. If these users are dishonest, they forfeit their deposit along with the privilege of participating in the consensus process.
One primary drawback to BPoS is that users reduce their ability to spend their stake by participating in the consensus protocol. In contrast to BPoS, PPoS does not require users to set aside part of their stake in order to participate in the consensus protocol, and participating in the consensus protocol does not reduce a user’s ability to spend their stake. In Algorand, users are free to spend their stake at any time. No stake is ever held hostage. All stake is always where it should be—in users’ wallets ready to be spent or in the various financial instruments that the Algorand blockchain underlies.