[Vitalik asked 7 questions.](https://www.reddit.com/r/ethereum/comments/8yjhxd/ethereum_cofounder_vitalik_buterin_comes_up_with/) Here's my answers.


## 1. Bitmain and affiliated pools now have ~53% of all bitcoin hashpower. Isn't this a really big problem?

For those who are steeped in 51% thinking, it is a breach.  But for those who are more thoughtful, the number was always just a number.  Miners always are encouraged by the cash flow they need to buy the energy.  So just having "more hashrate" doesn't change the fact that you need to keep paying your bills, and given the size of these operations, the bills will keep coming for a while.

What 51% means is that you can technically put in a dodgy transaction.  Fine, but you still face several barriers, the primary of which is - everyone will know.  As soon as it is known that there are dodgy transactions, the price will drop.  Or the chain forks.  See, bills, above, and now the clanger is that Bitmain needs a transaction that increases its cash flow overall, over time, so the price has to go up.  What dodgy transaction is going to cause the price to go up?

So, there is little danger here - for BTC.  Where there is danger is if there is a more complicated system, such as BTC having the same mining rigs as BCH.  But that's a post for another day.

## 2. Why aren't there any useful large-scale applications yet?

I've been [presenting](https://www.youtube.com/watch?v=qS5a_yS5NXo) and [writing](http://iang.org/papers/the_governed_blockchain.html) on this for over 6 months.  The answer is this - businesses are scared to deploy their capital because of 3-Security and 7-Governance, below.

## 3. Why are there not yet good solutions to account security? When will the problem of account hacks and thefts be solved?

The problem is that security is best seen as a holistic approach.  It effects all elements of the technical system.  This is a hard lesson for security people to learn, some never learn it, but the basic flaw in infosec thinking is this:

_Infosec people think that security needs a technical solution, delivered to humans - but no:  Security is of the humans, and security needs a human solution, with technical elements._

In particular, blockchain security thinking is blinkered.  It thinks blockchain is secure because the chain is secure, and the chain is secure because e.g., 1-Hashpower above.  But actually that's nonsense, because the only security result that matters is, does the human have the value at the end?  And the answer is no - we're looking at something like a 30% loss rate over all for blockchain, which is worse than mattresses.  It's also worse than banks, unless you include bailouts and QE stealth bailouts.

Another conclusion of this is that because of the holistic and human-led nature of security, it is far better to do this as a vertical not an economy:  Apple, Steemit/Bitshares, Corda and other permissioned products have a much easier time because [security begins at the application and ends at the mind](http://iang.org/ssl/h5_security_begins_at_the_application_and_ends_at_the_mind.html).  EOS was the first open entry chain that had a chance to break this, but see 7-Governance, below.  Ethereum and Bitcoin never stood a chance, again, because of 7-Governance.

## 4. How can decentralized apps work well even with 5-10 second blockchain latency?

Risk Management.  Also called zero-conf in bitcoin world.  But basically this is a solvable problem with good design.

What is apparently not an easy thing to solve is reliable interfacing, and in particular the price of access.  All major chains have shown that there are artificial and natural bottlenecks that make access a hit & miss affair because the value needed to launch the transaction cannot be reliably predicted.

Interestingly, EOS has introduced RAM pricing as a one-sided market which has caused leveraged speculation and blocked access due to high prices.  In much the same way as gas or full mempool has afflicted the other main chains.

Under these circumstances, big decentralised apps will not fly on chains with speculator-driven pricing models.

## 5. PoW is burning billions of dollars per year, even more than all scams and thefts combined," Ethereum's co-founder asked, "Isn't this a big tragedy?

What people are really miffed about is that in times of global warming, we shouldn't be burning fossil fuels on yet another white boy's toy.

But it needs to be seen in context - as miners shift to (northern) hydro power and (equatorial) solar, it's less of an issue.  If I buy a square kilometer of solar cells and put it on an equatorial spare patch of land, the externalities or sideeffects of this are economically nil.  Or at least, efficient.

Whatever you think the problem is here, it isn't a tragedy.

Then, inefficiency.  Last figures I saw were that Ethereum was consuming 11% per annum and Bitcoin 4% per annum.  That's pretty expensive for a payment system, but it isn't so bad compared to credit card (2% per tx) or Paypal (4.2% per tx).  [DPOS](https://steemit.com/eos/@iang/seeking-consensus-on-consensus-dpos-or-delegated-proof-of-stake-and-the-two-generals-problem) promises to be much cheaper, if we can get the governance safely working and past the RAM pricing variability.

## 6. What are the centralization risks in proof of stake?

It's simple.  If one person has too much stake, they can push things around.  And they will.  Curiously, this isn't a problem with PoW.

## 7. Given how EOS governance has turned into an epic fail, doesn't this mean that all on-chain governance including DAOs is fundamentally flawed? How can any DAO deal with bribe attacks, plutocrats and other risks?

This is tough to understand because Vitalik is looking at it from the perspective of a non-community.  Let me explain from the point of view of Elinor Ostrom.

![Elinor-Ostrom.jpg](https://cdn.steemitimages.com/DQmexYHTCFM2L6hifEYwKbX4oCuLkYUhAoCqkXWbCP5Dxv6/Elinor-Ostrom.jpg)

Governance is of the people.  So when there are problems with the governance of EOS - and admittedly there are - the problems are _of the people_.  Hence, if EOS governance has failed, and that's not a foregone conclusion although titilating to those on other chains, it will be primarily because of intervention, see 6-Centralisation above, and collapse of support - actions by the people.

This is a fundamental limitation with the system of governance.  Because it is of the people, it can only move forward and operate with support from the people.  If there are detractors, they can undermine it.  If they undermine it, it becomes "choice" for some and not for others.  Then it fails, because criminals claim the choice side.

Governance is the choice of a community that define themselves on their choice of governance.

Then, if the governance is failing, it is because the community isn't - it is not a community.  That's by definition, because a community is defined only loosely by how we handle ourselves in the positive.  A community is defined primarily by how we handle ourselves, and how we all agree to handle ourselves in the negative - in dispute, in difficulties, at war, in disaster.  Refer to [Ostrom](https://steemit.com/governance/@iang/elinor-ostrom-s-8-principles-for-managing-a-commmons) for more here.

Ethereum doesn't have a community, as seen with the DAO, with the scams, with the desperation of many to follow the leader (which to his credit, Vitalik recognises).  If people are not agreed on the negative, then ... they're not a community, they are a set of self-interested persons with some overlap of interest that makes everyone money in the short term.  But that's not a community.

And Ethereum can never be a community because the people that access the chain will never agree to lose their sovereignty over their own particular patch of interests.  It goes further than that, as Ethereum and Bitcoin champion the process of win-lose, but more on that in [The Governed Blockchain](http://iang.org/papers/the_governed_blockchain.html).

So Vitalik's question is really, can we build a community on blockchain?  And the answer is, start with [the principles of community](https://steemit.com/governance/@iang/elinor-ostrom-s-8-principles-for-managing-a-commmons), and support your community.  If EOS governance fails, which it hasn't yet, it will be because the principles were breached and the community wasn't supported.

_Endnote, yes the title got munged with another post.  Sorry 'bout dat!_