Blog

The evolution of shared security

Chorus One
Chorus One
June 28, 2024
5 min read
June 28, 2024
5 min read

This article is extracted from the Q1 2024 Quarterly Insights. To read the full report, please visit https://chorus.one/reports-research/quarterly-network-insights-q1-2024

Authors: Michael Moser, Umberto Natale, Gabriella Sofia, Thalita Franklin, Luis Nuñez Clavijo

On PoS networks, the financial aspect of staking is equivalent to the computational power committed on PoW networks. If we were to make an analogy with PoW, shared security could be compared to “merge mining”, a mechanism that allows a miner to mine a block in one blockchain, by solving the cryptographic challenge on another chain.

As a generalization, shared security technologies imply, at least, one security provider chain and, at least, one security consumer chain. To guarantee security, the shared security solution must allow for misbehavior in either the provider or consumer chains to be penalized, and that can be even by slashing the capital used for security of the provider chains. Different approaches are being used to optimize for the specific needs of each ecosystem. We will review the approaches most advanced in terms of development, and highlight the incentives and risks associated with the adoption of those technologies.

Although one may argue that Ethereum has pioneered the concept of shared security with L2s - like Arbitrum and Optimism, other blockchains have been exploring “the appchain thesis” and experimenting with more customized solutions:

  • On Avalanche, validators of the Primary Chain need to stake AVAX and they can participate on “Subnets” - a dynamic set of validators working together to achieve consensus on the state of a set of blockchains. Each blockchain is validated by exactly one Subnet. A Subnet can validate arbitrarily many blockchains. A node may be a member of arbitrarilymany Subnets.
  • On Polkadot, validators are staked on the Relay Chain in DOT and validate for the Relay Chain. Parachain auctions are held on the Polkadot Relay Chain to determine which blockchain will connect to the parachain slot. Parachains connected to the Polkadot Relay Chain all share in the security of the Relay Chain.
  • On Cosmos, the Interchain Security stack allows for new L1 chains to rent security from the Cosmos Hub as a way to lower the barrier to economic security. This is accomplished by the validator set of the Cosmos Hub running the consumer chain's nodes as well, and being subject to penalties (“slashing”) of the stake deposited on the Hub.

The motivation behind shared security is twofold:

  • It reduces the complexity for launching new chains, repurposing battle-tested security from well-established chains and decreasing or even removing the need for building a validator set from scratch, and;
  • It improves capital efficiency, allowing individuals to participate and be rewarded in multiple PoS chains, without the need to deploy additional capital.

Rollups

Rollups solutions are the main contenders for Layer 2 (“L2”) scalability in the Ethereum (the “L1”) path to modularity. This strategy allows the execution, in terms of computation and memory, to be processed “off the main chain”. The settlement properties of the state are kept on the L1 chain, which pools the security of the ecosystem through its validator base, and “rolled” from the L2 in batches (thus the name “rollup”).

This aggregation of transactions helps to minimize execution costs for each individual transaction. To maintain an ordered control of the state and upcoming transactions, rollups can make use of different architectures: historically we’ve seen a growing trend of optimistic (e.g. Arbitrum, OP, Base) or zero-knowledge (“ZK”, e.g. Starknet, Scroll) rollups, both of which have achieved limited levels of maturity in their proving mechanisms.

New architectures or upgraded versions of past ideas have also taken flight in the past months. Validiums have been brought backto the spotlight with new developments such as X Layer, and a particular flavor deemed “Optimium” (that uses the OP stack) now powers contenders such as Mantle, Mode Network, Metis, etc. The innovation, however, continues to thrive. The idea of “Based rollups” was first introduced in March by lead EF researcher Justin Drake,a simple design that allows L2 sequencing to be defined by L1 validators in their proposed blocks, thus deepening the shared security model between the layers.

It is safe to say that the rollup ecosystem continues to be the leading product in the shared security environment, with a TVL of $45.49  billion (counting canonically bridged, externally bridged, and natively minted tokens). In the last 180 days, transactions per second on the rollups have dwarfed activity on Ethereum mainnet, and the number of active users (considering distinct wallets) has risen meteorically in comparison to the L1.

EigenLayer

The idea behind shared security has captured extraordinary attention with EigenLayer, the restaking protocol built on Ethereum that has become a leading narrative within the network’s large staking  community.  In fact, restaking might as well become a larger sector than even the entire industry of single-asset staking. Driven by growing demand from stakers (seeking increased returns on their investments) and developers (sourcing security), the industry is witnessing an unprecedented shake up with capital flowing to secure multiple chains in aggregate. Concretely, EigenLayer’s TVL has managed to reach the 5 million ETH milestone at the time of writing.

Since we first identified restaking as a fundamental trend in our Q1 2023 edition, we’ve discussed EigenLayer at length and become deeply invested in the future success of the protocol: our research has focused on finding optimal risk-reward baskets for AVSs - total risk is not simply a combination of linear risks, but needs to take correlations into account.

As a result of our experience on the Holesky testnet and as mainnet operators for several AVSs, we publicized our approach to AVS selection. The thesis is straightforward: to identify and onboard the AVSs that have chances of being break-out winners, while filtering out the long tail of AVSs that merely introduce complexity and risk.

Much of what’s left to flesh out has to do with reward mechanisms and slashing conditions in these restaking protocols. As EigenLayer and other shared security models evolve and reach maturity, more information surfaces. Most recently, the Eigen Labs team presented their solution for the slashing dilemma (at least partially): $EIGEN. Current staking tokens have limitations in a model such as the AVS standard, due to the attributable nature of the slashing conditionson Ethereum. In other words, ETH can only secure work thatis provable on-chain. And since AVSs are by definition exogenous to the protocol, they are not attributable to capital on Ethereum.

Enter $EIGEN, the nominal “universal intersubjective work token” that intends to address agreed faults that are not internally provable. The slashing agreements under this classification should not be handled through the ETH restaked pool (as they necessitate a governance mechanism to determine their validity) but this second token, thus fulfilling the dual staking promise that the team had previously outlined. Currently, EigenDA is in its first phase of implementing this dual-quorum solution, and users can restake and delegate both ETH and EIGEN to the EigenDA operators.

ICS: replicated and mesh security

Replicated security went live on the Cosmos Hub in March 2023as the initial version of the Interchain Security protocol (“ICS”). Through this system, other Cosmos chains can apply to get the entire security of the Cosmos Hub validator set. This is accomplished by the validator set of the Cosmos Hub running the consumer chain's nodes as well, and being subject to slashing for downtime or double signing. Inter-Blockchain Communication (“IBC”) is utilized to relay updates of validator stake from the provider to the consumer chain so that the consumer chain knows which validators can produce blocks.

Currently, all Cosmos Hub validators secure the consumer chains. Under discussion is the “opt-in security” or ICS v2, an evolution of the above, that allows validators to choose to secure specific consumer chains or not. Another long-awaited feature is the ability for a consumer chain to get security from multiple provider chains. Both, however, introduce security and scaling issues. For example, the validator set of a consumer chain secured by multiple providers can have poor performance, since it will grow too large.

Solving most of the concerns around Replicated Security, Mesh Security was presented by Sunny Agarwal, the co-founder of Osmosis, in September 2022. The main insight is that instead of using the validator set of a provider chain to secure a consumer chain, delegators on one blockchain can be allowed to restake their staked assets to secure another Cosmos chain, and vice versa...

With Mesh Security, operators can choose whether to run a Cosmos chain and enable features to accept staked assets from another Cosmos chain, thereby increasing the economic security of the first one. This approach allows one chain to provide and consume security simultaneously.

BabylonChain

BabylonChain uses Bitcoin’s economic value to secure PoS chains. Specifically, Bitcoin has several properties that make it particularly for economic security purposes, prominently its large market cap, and beyond this, the fact that it is unencumbered, less volatile, and generally idle and fairly distributed.

Staking is not a native feature of the Bitcoin blockchain. Babylon implements a remote staking mechanism on top of Bitcoin’s UTXO model, which allows the recipient of a transaction to spend a specific amount of coins specified by the sender. In this way, a staking contract can be generated that allows for four operations: staking, slashing, unbonding, and claiming coins after they have been unbonded. 


Blocks are processed natively on the PoS chain using BabylonChain for security first, and then in a second round, validators provide finality by signing again using so-called extractable one-time signatures (EOTS). The central feature of this key type is that whena signer signs two messages using the same private key, it is leaked.

Therefore, if a validator signs two conflicting blocks at the same time, the corresponding private key is leaked, allowing anybody to exit the staked BTC through a burn transaction.  

Separately, BabylonChain protects against so-called long-range attacks by timestamping, where the PoS chain’s block hashes are committed to the Bitcoin chain. Such an attacked would occur when a staker unbonds but is still able to vote on blocks, i.e. could attack a chain costlessly. Through timestamping, the set of stakers on Bitcoin is synchronized with the blocks of the PoS chain, precluding a long-range attack.

No one-size-fits all approach

When exploring the evolution of different solutions to shared security, it becomes clear that it improves one of the dimensions of security in PoS chains - the financial commitment behind a network, resulting in a higher cost of corruption, or the minimum cost incurred by any adversary for successfully executing a safety or liveness attack on the protocols. As a natural challenge to modularity, some networks are born with optimized solutions to how different projects would be able to leverage a validator set. That is the case for Avalanche and Polkadot, for example. On the other side, there are solutions being built as an additional layer on top of existing networks, like EigenLayer and Babylon. And there is the Cosmos ICS, which leverages IBC, and is modular enough to not form part of either of the previous two groups.

In the set of analyzed projects, two categories emerged: restaking and checkpointing. The former aims to unlock liquidity in the ecosystems, while the latter works as an additional layer of security to a protocol, without directly changing the dynamics for stakers nor node operators. In the end, those projects also have secondary effects on the networks. For example, restaking reduces the need for scaling the validator set in the Cosmos, while checkpointing has the potential to minimize the unbonding period for stakers.

Shared security can also change the economic incentives to operate a network. Particularly related to restaking, the final rewards for validating multiple networks are expected to be higher than validating only one. However, as always, return scales with risk. Shared security can compromise on the decentralization dimension of security, opening the doors to higher levels of contagiousness during stress scenarios, and it also adds new implementation and smart contract risk.
In the context of decentralized networks, shared security is the idea of increasing the economic security of a blockchain through the use of resources from another - one or multiple - networks.

Shared security can also change the economic incentives to operate a network. Particularly related to restaking, the final rewards for validating multiple networks are expected to be higher than validating only one. However, as always, return scales with risk. Shared security can compromise on the decentralization dimension of security, opening the doors to higher levels of contagiousness during stress scenarios, and it also adds new implementation and smart contract risk.

About Chorus One

Chorus One is one of the biggest institutional staking providers globally, operating infrastructure for 50+ Proof-of-Stake networks, including Ethereum, Cosmos, Solana, Avalanche, and Near, amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures. We are a team of over 50 passionate individuals spread throughout the globe who believe in the transformative power of blockchain technology.

 Join our mailing list to receive our latest updates, research reports, and industry news.
Thanks for subscribing. Watch out for us in your inbox.
Oops! Something went wrong while submitting the form.