Cryptocurrencies aren't going away. Which means that if your primary motivation to not work on cryptocurrency is that it wastes energy, then there's a whole lot of room for you to be making it better, and that is a stupid motivation. I'm not saying that they are obligated to work on it because it wastes energy. But the comment I was responding to implied that distributed systems engineers didn't want to work on blockchains because they are wasteful - which is clearly illogical. That'd be like Elon Musk not working on electric cars because they're inefficient. Or Solar cells. Etc, etc..

In some cases you can forget bad input, though, can't you? It's a rather wasteful example, but if (like you say, having established trust beforehand) every element of a grow-only set is a signed message, you can reject any messages that don't validate against their signature when merging. On one hand, this breaks idempotence. On the other, if we regard that set as a subset of the set of validly signed messages, it could not have been there in the first place, so to speak, so I wouldn't immediately think it breaks any guarantees. As far as I can tell, any properly functioning machine will only ever see correct state this way, unless it receives some state and doesn't merge it with anything, for example when initially starting to participate. However, that's easily fixed by always having some state, for example by starting with the empty set in this case.

Tezos will use Proof of Stake. They have a development version working now and there is good reason to expect a production version within a year.

The Ethereum team is serious about proof of stake.

That's a bit of a mistake. It doesn't rely on inefficiency it relies on economic costs. At the moment, hashing is a form of economic sunk cost. If you invest in hashpower, you can't split it without reducing your probability of success. It's an unforgable economic burden. Proof of stake architectures attempt to do the same thing with the currency of the network itself. There are lots of arguments about whether or not this is truly secure - but anyone on here telling you they know it's not is pretty much an idiot. There are tons of proof of stake coins operating successfully right now. There are no known attacks on these coins that allow you to do anything untoward (if there were, they'd be exploited on one of the many existing PoS coins).

That correct and why PoS probably will not be secure anytime soon.

No serious blockchain relies on proof-of-work. Bitcoin (being forked now) doesn't and ethereum (already forked twice) definitely doesn't.

Blockchains are a social construct and what ultimately protects them are the participants. Exactly like actual currencies they are subject to market forces; people either believe in and want the currency or they don't. It's this confidence that gives the currency strength.

More simply:

"On medium to long time scales, humans are quite good at consensus. Even if an adversary had access to unlimited hashing power, and came out with a 51% attack of any major blockchain that reverted even the last month of history, convincing the community that this chain is legitimate is much harder than just outrunning the main chain’s hashpower. They would need to subvert block explorers, every trusted member in the community, the New York Times, archive.org, and many other sources on the internet; all in all, convincing the world that the new attack chain is the one that came first in the information technology-dense 21st century is about as hard as convincing the world that the US moon landings never happened. These social considerations are what ultimately protect any blockchain in the long term, regardless of whether or not the blockchain’s community admits it (note that Bitcoin Core does admit this primacy of the social layer)." [1]

[1] https://medium.com/@VitalikButerin/a-proof-of-stake-design-p...

The subtlety here is making the distinction between confidence and resistance to attack. They're not the same thing at all. And what's interesting here is that, going off the model of real currencies, one could assume market forces will prevail here. Developed nations let their currencies float precisely because on the whole they're confident that the market will ultimately punish any malicious attacker who attempts to destroy the currency by selling large amounts of it.

I think that's exactly what it means. If you want to help the environment right now, what field should you be in? Energy generation, storage, or consumption.