| How about this rotation mechanism -- - Use the block index as the random seed. (Yes, the resulting random sequence is predictable, but that's okay...) - Randomly select N UTXOs weighted by their output sizes. (This could be done efficiently by storing UTXO hashes in a sort of trie structure, with larger UTXOs higher in the trie, and descending the trie based on the random value until we get to the deepest node with at least N UTXOs beneath it.) - Only the owners of those N UTXOs may participate in the current burn contest. - If none of those owners are active or choose to participate, an empty block is added to the chain. As for the value of N, for maximum security we would want N=1, which makes this equivalent to proof of stake. Then it's impractical for attackers to generate more than a few blocks in a row, since they would need to target single owners who might not be selling. Higher N values might have some performance advantages (fewer empty blocks), and more even rewards (everyone gets a tiny reward as coins are burnt), but worse security. We would probably want to use N=1 for every, say, 10th block, so that if someone needs a particularly strong guarantee that their branch will prevail, they can wait for ~5 * 10 = 50 blocks. I think proof of stake is better overall -- it's simpler and there's not much downside -- but both approaches seem viable. |