Arweave TX
Vitalik's recent article, “Don’t Overload Ethereum’s Consensus,” reignited discussions about restaking within the Ethereum community. In this write-up, I aim to shed light on what restaking is and particularly zoom into EigenLayer, the project at the forefront of these conversations.
Staking vs. Restaking
A majority of you are already familiar with the concept of Ethereum staking. Yet, for clarity's sake: staking was introduced to Ethereum together with its transition to a proof-of-stake consensus mechanism. In essence, the consensus mechanism enables all participants in a blockchain network to achieve an agreement on the state of the blockchain and authenticate initiated transactions.
To participate as a validator in the Ethereum network, an individual or entity must stake at least 32 ETH, which might be prohibitively expensive for some. Upon staking Ether, it gets locked, and in exchange for verifying transactions, validators earn rewards. However, falling short in validation duties or engaging in malicious activities can lead to slashing of the portion of the staked ETH.
Given the high threshold of 32 ETH, staking pools and protocols have emerged. They allow individuals to collectively stake their ETH, reach the mandatory limit, and consequently share the rewards and risks. Lido, the most prominent among these platforms, has a staggering TVL of 14 billion USD.
This brings us to restaking and its soon-to-rise prominence (and the accompanying controversies) in the Ethereum community.
Restaking protocols, in essence, enable ETH – whether in its native form or as liquid staking tokens (LST) like stETH – to be used for consensus in other apps or protocols. In practical terms, a restaking service such as EigenLayer aggregates ETH, locks it up, and then uses it to secure apps or modules needing a consensus layer but lacking their own.
Let's dive into the nuances of EigenLayer – its mechanics, possibilities, and the reasons behind its controversial status.
The inception of EigenLayer started with Sreeram Kannan. As an academician, Sreeram's research spanned across fields as varied as information theory and computational biology. Interestingly, his dive into the realm of consensus mechanics was spurred by Yuval Noah Harari's best-selling book, "Sapiens". Harari proposes that homo sapiens’ unparalleled ability to create extensive cooperation networks, even among vast groups of unrelated individuals, set them apart from other species. For humans, consensus became paramount, and this inherent trait influenced Sreeram's research.
However, despite the initial enthusiasm, Sreeram hit a roadblock in his studies. That was until a colleague introduced him to blockchains. Recognizing the potential of blockchains as a modern manifestation of consensus systems, Sreeram pivoted back to his original research, culminating in the birth of EigenLayer.
At its core, EigenLayer is a collection of smart contracts on the Ethereum blockchain. The platform is currently anchored by two primary smart contracts: the EigenPod, for native Ether stakers, and the Strategy Manager, which facilitates LST restaking. As EigenLayer evolves, it will offer a sandbox where developers can introduce their smart contract modules. These modules, while serving their primary functions like bridging or validating transactions, will integrate with EigenLayer, allowing participants to provide ETH to validate the modules’ outputs.
For context, Ethereum operates on a dual-layered system with:
Beacon Chain (consensus layer) which Underpins the network's consensus mechanism, where transaction validation happens.
Ethereum Virtual Machine (execution layer) where the smart contracts’ code gets executed.
In essence, while the Beacon Chain guarantees that validators agree on a single, unified version of the transaction history, the EVM ensures these transactions are executed.
EigenLayer, in its vision and design, aims to leverage and extend this dual-layered structure, introducing the restaking mechanism to share the security of Ethereum across its broader ecosystem.
Actively Validated Services
Within the EigenLayer framework, the modules we have discussed are referred to as Actively Validated Services (AVS). These are apps in need of consensus for their operation. As detailed in the EigenLayer whitepaper, potential instances of AVS include sidechains, data availability layers, new virtual machines, keeper networks, oracle networks, and bridges, among others. A criterion for AVS is compatibility with the EVM. If a module cannot run on the EVM, it will not be able to leverage EigenLayer's restaking.
Why might an AVS choose to use EigenLayer's services? The primary reason is to tap into the robust security of Ethereum, arguably the most secure decentralized network in the world. However, there are other benefits:
Reduced capital costs: There's no need to set up and maintain expensive hardware nodes to keep the network running.
Enhanced Security: AVS secured by their tokens can be more vulnerable to threats from bad actors. For instance, an oracle secured by its token would likely be less secure than one secured by staked ETH.
AVS offers flexibility in determining the security of their protocols. For instance, they can set criteria such as only validators staking a certain amount of ETH can provide security; or only native stakers can participate, or limiting participation to smaller stakeholders only. The conditions for restaking depend solely on what the AVS needs. As a result, it can be argued that restaked Ether might offer better security than the one Ethereum has. This would be true if certain groups of stakers were excluded from securing specific modules based on these bespoke requirements.
Restakers
Let’s take a look from another angle - what’s there for a restaker (either native, LST, or ETH LP pair holder)? Of course, there are economic incentives. Restaking will allow to use of the staked Ether and provide security to other applications without resigning from staking on Ethereum. It means, that while earning fees offered by Ethereum, one can have additional income from multiple other modules, increasing the overall rate of return on capital. The rewards from these other protocols could come in their native tokens, or other assets.
So far so good, but with staking comes a risk of slashing. In proof of stake systems, a malicious actor who validates a block with an invalid transaction can be subject to slashing. With slashing, the part of the stake owned by the actor is taken away from him.
In EigenLayer the rules of slashing will be specified in smart contracts deployed by AVS and similarly to the rules of restaking, can be set differently for each module.
Eigenlayer provides pooled security, which means that the entire restaked ETH can, in theory, be used for the security of all modules running on the protocol. In practice, the limitations will be set by restakers who would be able to choose which modules and under which circumstances to support.
Risks
The broader Ethereum community is engaged in debates regarding the potential risks introduced by restaking, both to the ecosystem at large and to Ethereum itself. In the most severe scenarios, the integrity of the blockchain could be compromised. Fortunately, Shreeram and the EigenLayer team have shown an openness in addressing these concerns.
In relation to EigenLayer, three principal risks have been identified: (1) A synchronized attack on multiple AVSs concurrently, (2) An unintended slashing event affecting a considerable volume of staked Ether, and (3) Centralization.
(1) Concurrent Attacks on AVSs
EigenLayer's model enables stakers to secure multiple AVSs. However, not all stakers will choose to secure every single AVS, leading to potential discrepancies between the value of assets locked in an AVS and the security value offered by the stakers.
Consider a scenario where five AVSs lock a combined value of USD 10 million, yet they're secured by an ETH stake worth USD 6 million. How? Each AVS, locking in USD 2 million, may theoretically be secured by a stake larger than its locked value. Given that the collective restaked ETH exceeds this figure, each AVS might appear to be secured by an ETH stake worth 6 million. However, given that this 6 million can also support other AVSs, it creates an asymmetrical avenue for stakers to collude. This could allow them to, at the expense of up to USD 6 million, compromise modules valued at USD 10 million.
Such a vulnerability seems highly concerning. So, how does EigenLayer propose to mitigate this risk? They suggest the deployment of a Dashboard, dedicated to monitoring staker activities. This platform would enable AVS operators to preemptively spot potential attack vectors. The mechanism involves comparing the Total Value Locked (TVL) in an AVS to the stake securing it, as illustrated earlier. Should a substantial number of operators be found securing a specific AVS (and concurrently backing other modules via EigenLayer), the Dashboard will alert the AVS. Specifically, it would indicate if a group of stakers, who are also backing other AVSs, has a dominant stake that could enable abuse. To counteract this, the AVS might restrict its securing stakers to only those with a minimal number of other secured modules.
Is this a foolproof solution? There remain scenarios where sidelining a set of stakers might lower the bar for a successful attack by the remaining parties. And that’s probably not the only way to exploit this vulnerability.
(2) Unintended Slashing Events
Another possibility is the unintended slashing of a group of stakers that secure a large protocol or Layer 2. Such slashing might be initiated due to a vulnerability in a contract, leading to significant losses for honest participants.
How does EigenLayer intend to counter this risk? An assumption is that when an AVS begins to engage in restaking, it's reasonable to anticipate that restakers would act cautiously, refraining from committing a sizable chunk of their ETH to secure that module. Is this a sound expectation? Probably not in crypto.
Sometimes vulnerabilities come to light well after a protocol has been operational. This suggests that particularly during the early stages when slashing contracts are getting rolled out, the risks of slashing will be higher. EigenLayer's strategy is also to ensure thorough audits of every slashing contract prior to its deployment, though the effectiveness of this measure is also dubious.
A more robust safeguard against unintended slashing is the establishment of a veto committee. This body would have the authority to review any slashing incident, determining if the operator was genuinely at fault or if the slashing was unintended and hurtful to honest participants. Comprising highly reputable figures from the Ethereum and EigenLayer communities, this committee's decisions could be implemented via a multisig. However, this introduces another issue: if a slashing event impacts a significant module within the Ethereum ecosystem, would the committee overrule the slashing, even if it was rightly executed?
Further complicating matters, community sentiment might lean towards executing a hard fork of Ethereum to revert to a pre-slashing state in such scenarios. It's not implausible that, for particularly vital protocols, there exists a temptation of moral hazard, i.e., accepting heightened risk under the belief that any missteps would simply be rectified via a community-driven hard fork. This very risk, characterized as a grave threat to Ethereum brought about by restaking, is underscored by Vitalik in his article mentioned in the beginning.
(3) Risks of Centralization
In a manner similar to the risks tied to LSTs, with Lido being a dominant player, EigenLayer too faces potential centralization challenges. Given the complexities that EigenLayer introduces relative to standard or liquid staking (risks of slashing, knowledge of different types of modules, etc.), it's likely that better-financed validators will emerge as leaders. As a result, many users might find it reassuring to delegate their ETH or LSTs to these entities for restaking. If a validator can promise better returns on top of the standard rewards distributed by Ethereum, then there's little incentive for stakers to look elsewhere. EigenLayer's structure allows this. Consequently, the most technically sophisticated validators might amass a disproportionately large portion of restaked ETH or LSTs. This concentration of resources can evolve into a single point of vulnerability, undermining the decentralized ethos of the ecosystem.
Conclusions
At its core, blockchain is about decentralized consensus, and EigenLayer is stepping up to extend this consensus using the stake of what's widely seen as the most secure blockchain network - Ethereum. The magnitude of this shift cannot be understated.
EigenLayer stands out as one of the most pioneering, exciting, and influential projects in the current crypto space. It will establish a market where apps in need of security can tap into the resources of those ready to offer security at a price. While EigenLayer's approach is highly disruptive, it does carry inherent risks, some of which could be catastrophic for Ethereum.
Given the potential consequences of things going south with EigenLayer, it's paramount for the community, Ethereum's devs, and EigenLayer's team to closely monitor the protocol's evolution. Thankfully, Shreeram with his philosophical and highly technical approach appears to be the right person heading this project. Restaking was inevitable, so it is reassuring to see that he genuinely seems to have Ethereum's well-being at heart.
The endgame for EigenLayer is to become an integral part of the Ethereum protocol. While the debate on enshrining is a topic for another article, it could potentially be a solution to the restaking conundrum. Exciting times ahead, lads.
My main source for the article was Whitepaper of Eigenlayer.
