Staking rewards generally derive from a combination of inflationary rewards, transaction fees, and MEV. We are certain that a complete understanding of the Ethereum PBS pipeline allows validators to extract more MEV through targeted infrastructure optimizations.
While adjacent topics have been discussed in literature (e.g. Schwarz-Schilling et al., 2023), Chorus One is the first node operator to successfully test out different optimization approaches on mainnet. We find that the most impactful improvements are contingent on comprehensive internal data, and have generally not been discussed in their specificity.
The goal of this article is to share the results of a recent pilot. We will follow-up with more detail in a later, comprehensive study, which we are co-authoring with one of the most recognizable and competent teams in the MEV space.The pilot makes use of several modifications which positively impact MEV extraction. The rest of the article will discuss one straightforward, illustrative example in more detail, and present the overall results of the pilot so far.
There are two components to APR optimization. Firstly, we should maximize the payoff of the blocks we propose, and secondly, we should minimize the likelihood of missing our chance to propose (i.e. missing our slot). The first of these is more complex and can be approached in several ways, including via latency games, and other infrastructure optimizations.The latter is more accessible, and primarily hinges on running a robust infrastructure setup with appropriate redundancy. However, relay selection also plays a role. Let’s dive in!
A basic illustrative adjustment: drop underperforming relays
The goal of this section is to give an example of a straightforward MEV-adjacent infrastructure adjustment that can positively impact validator APR by minimizing the probability of a missed slot. This modification is not central to our MEV strategy in terms of impact, but it is illustrative of the Ethereum MEV supply chain.
As per conventional wisdom, a validator is best off integrating with a large number of relays, as the mev-boost auction will yield the highest bid, i.e. there is no obvious downside to soliciting a maximum number of bids.
This is only half of the story. Let’s recall how validators and relays interact in more detail. First, the validator requests a block header from a relay, which then delivers the header corresponding to the most profitable block available to the relay. In parallel, the validator also solicits bids from all other relays it is integrated with. The mev-boost auction then determines the highest bid, the validator signs the header associated with this bid, and asks all relays to deliver the payload associated with this header.
The relay that is quickest to respond (typically the relay that delivered the original bid) then broadcasts the block and returns the associated payload to the proposer. This may be done with a delay versus previous implementations (i.e. at proposer’s slot t=0), as early distribution of the payload theoretically allows an unethical proposer to build an alternative block exploiting the transactions in the block received from the relay. This vulnerability has been outlined by the “low carb crusader”, and more details can be found in this post by Flashbot’s Robert McMiller.
The upshot is that in addition to transferring bids from builders, relays also carry responsibility for propagating the final signed block to the network. This is more pronounced now than previously, as the time available for this step has been decreased. Therefore, validators should favor relays that deliver payloads rapidly, or run an idiosyncratic risk of missing their slot, for relays that underperform.In practical terms, we find that relays can diverge significantly on delivery speed, and that for one relay in particular, a routine network disturbance could lead to a missed slot if the validator depends on it to deliver a given block.
The following graph shows the cumulative probability distribution for the maximum time at which a block becomes eligible within each slot, and each line represents a relay.This is a snapshot that is relative to a subset of our nodes over a limited period, and relay performance can vary over time, i.e. should be constantly and granularly monitored. Relays are currently a costly pro-bono good, and we appreciate providers subsidizing the network in this way.
In practical terms, for this particular cluster of nodes, running the relay color-coded light blue is a negative EV decision, i.e. it should be dropped. This is due to the consistent delay it exhibits in making blocks eligible, as compared to other relays.
Our current MEV pilot: A first look at the results
Our current MEV pilot combines straightforward adjustments, like the relay selection process illustrated above, with more significant and systematic infrastructure optimizations.
The below graphs are a first look at the results, and summarize performance over approximately a quarter.
As such, getting a grip on variance requires robust statistical processing. As MEV is tail-heavy (i.e. most profit is produced by rate opportunities), results can vary significantly over time, and capital invested. We are comparing the MEV payoff distribution of the pilot with the MEV payoff realized by a set of Lido nodes. On a per-block level, we find that our pilot has improved MEV rewards significantly:
This extends to the aggregate case - over our sample, the pilot has extracted higher rewards than a “vanilla” setup with a probability approaching 100%:
The upshot is that we feel highly confident that the infrastructure optimizations implemented in our pilot study aggregate out at an APR that is consistently higher than what a non-optimized setup typically achieves.We will elaborate further on specifics in a forthcoming study. If you are interested in learning more about our approach to MEV, please reach out to us anytime at research@chorus.one.
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 45+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
Celestia is the first modular blockchain network that is optimized for ordering transaction data and making it available. It solves the scalability problem of a blockchain without sacrificing decentralization and accomplishes this by separating execution from consensus and addressing data availability challenges through a technology called data availability sampling. In this article, we explore why data availability is crucial, and how Celestia addresses this. (If you're new to Celestia, we've got you covered with a quick rundown of the network in a previous article.)
Before diving into the importance of data availability, it might be helpful to have a little refresher on the basics of how most blockchains work.
Blockchains offer a range of fundamental functions that make them versatile for various applications. These functions are:
Execution: Handling transaction execution and state updates.
Consensus: Establishing agreement on transactions and their order.
Settlement: Resolving disputes and facilitating cross-chain connections.
Data Availability: Proving the publication of transactions on the network.
Monolithic blockchains, like Ethereum or Solana, which encompass all these functions in the same chain have been the dominant model in the blockchain space. However, the widespread adoption of these systems have raised concerns about the lack of specialization and high gas fees during peak usage, as seen with Ethereum, impacting both current and potential users. This issue underscores the need for more scalable, specialized and efficient solutions.
This is where Modular blockchains like Celestia enter.
Unlike other monolithic blockchains, Celestia decouples the data availability layer from the execution layer and focuses only on ordering transactions and their data availability, i.e, they solely work on proving that transactions are published on the network and are available for everyone to see. The execution and settlement of transactions are left to the respective rollup. (As a permissionless network, Celestia uses Proof-of-Stake to secure its own consensus. Like any other Cosmos network, users can help secure the network by delegating their TIA to a validator like Chorus One.)
When you make a transaction, it needs to be confirmed and added to the blockchain for everyone to see. Once the transaction is confirmed, it's put into a "mempool" where it waits for its turn to be added to the blockchain. The full nodes then download this new block, execute/compute every transaction included within this block (including yours), and make sure they are all valid. They check things like whether you have the money you're trying to send and that you're not doing anything sneaky. Full nodes therefore perform the important task of enforcing the blockchain’s rules on validators. This is where things get tricky.
Since full nodes check every transaction to verify they follow the rules of the blockchain, blockchains cannot process more transactions per second without increasing the hardware requirements of running a full node (better hardware = more powerful full nodes = full nodes can check more transactions = bigger blocks containing more transactions are allowed). But if the hardware requirements of running full nodes increased, there would be fewer full nodes and decentralization would suffer because not many people can afford to run them, and that's bad for the blockchain's security. See, the more full nodes we have, the safer the blockchain is because it would make the network more decentralized if the voting powers were well distributed. If there are only a few, we'd have to trust them a lot more, and that's risky because it's more centralized.
Now, here's where ‘data availability’ comes in. It's like making sure the information in the transactions is available for everyone to check. If the people adding new blocks to the blockchain don't share this info in the first place, it's a problem. Full nodes can't do their job of checking things, and we'd have to trust the block creators more. So, data availability is all about keeping things open and transparent to maintain trust and security in the blockchain. It's a key part of how blockchains work and stay safe.
Celestia's primary focus on data availability (DA) enables any rollup to utilize it to solve the data availability issue, while still maintaining its independent execution environment. Due to its modular nature, any language or virtual machine can be used to build on top of Celestia.
Celestia solves the issue by using a technology called ‘data availability sampling’ - a mechanism that allows light nodes to verify data without needing to download the entire block data. Essentially, light nodes perform multiple rounds of random sampling on small portions of block data. As they conduct more rounds of sampling, their confidence in the data's availability progressively grows until it meets a specified threshold. Once this threshold is reached, the block data is considered available and valid.
The key advantage is that as more light nodes participate in this sampling process, the network's capacity to handle data increases. This, in turn, permits the scaling of block sizes without a corresponding increase in the cost of verifying the blockchain. In essence, it's akin to having a larger number of independent verifiers cross-checking the blockchain's integrity,which makes the whole system better and faster.
As a permissionless network, Celestia uses Proof-of-Stake to secure its own consensus. Like any other Cosmos network, users can help secure the network by delegating their TIA to a validator like Chorus One. Check out our guide to stake your TIA with Chorus One using the Keplr wallet.
Key information
Celestia is a modular network that makes it easy for builders to launch their own blockchain by focusing solely on data availability. It allows developers to easily deploy blockchains on top of Celestia, as easy as deploying smart contracts. This accessibility empowers individuals to create their own unique rollups and blockchains, serving a multitude of purposes and ensuring scalability for a broader audience. Celestia keeps decentralization top of mind with their architecture, design choices and innovations. In addition, it significantly reduces the cost for builders to deploy their own blockchain while accelerating execution layer research and creativity. We’re excited to watch their ecosystem launch and grow in 2023 and beyond!
Resources:
Understand everything you need to know about Celestia in 10 questions
Check out their ecosystem
Check out Celestia’s docs to start building on Celestia
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 45+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
Celestia is the first modular blockchain network that is optimized for ordering transaction data and making it available. It solves the scalability problem of a blockchain without sacrificing decentralization, and accomplishes this by separating execution from consensus and addressing data availability challenges through a technology called data availability sampling.
To simplify Celestia's purpose and the essential aspects of its modular design, our Research Expert, Kam Benbrik, delves into the topic by answering ten crucial questions. Dive in below!
In a monolithic blockchain, tasks are concentrated within a single stack, where nodes handle four core functions, including consensus, data availability, settlement and execution.
On the other hand, modular blockchains specialize by delegating tasks to separate layers, forming part of a broader "modular stack" for customized objectives. This modular approach enhances scalability and offers developers more control and sovereignty to tailor their execution environments to their project's needs.
Celestia's data availability layer introduces innovative features like data availability sampling (DAS) and Namespaced Merkle trees (NMTs). DAS allows light nodes to verify data without downloading entire blocks, reducing costs compared to monolithic chains, while NMTs enable execution and settlement layers on Celestia to download transactions that are only relevant to them. Celestia offers its data availability layer to other chains for publishing data by paying for blobspace. Backed by Tendermint Consensus and a sovereign validator set, Celestia ensures further scalability and decentralization of the network.
A significant challenge that monolithic blockchains, like Ethereum, face in terms of data availability is the high cost of publishing data. For instance, Arbitrum One pays approximately $112,000 per day to Ethereum for its data availability requirements, translating to an average cost of $0.15 per transaction. In contrast, Celestia offers a cost-effective solution for publishing data. It provides an alternative security model and economic advantage by allowing costs to scale with the number of nodes, avoiding the capacity limitations of Ethereum. This makes Celestia an appealing option for both data availability and serving as a foundational layer within an ecosystem.
Data availability sampling allows light nodes to confirm data availability without the need to download an entire block, resulting in efficient and cost-effective verification of large blocks. It works by randomly selecting portions of a block for users to download and check, ensuring that data is available with a high level of confidence. This approach not only reduces the resource requirements. However, The number of light nodes needed also depends on the block size, larger blocks require more light nodes. One important assumption is that light nodes should be connected to at least one honest full node for DAS to work effectively
Celestia ensures decentralization through its permissionless Proof-of-Stake structure using the Cosmos SDK and Tendermint consensus.. Much like other networks within the Cosmos ecosystem, Celestia allows users to actively participate in securing the network by delegating their tokens (TIA) to validators, such as Chorus One. This PoS mechanism empowers users to play a crucial role in the network's security, governance decisions and decentralization, making it a collaborative and community-driven ecosystem.
Celestia's modular design makes it easier for users to confirm that all the data in a block is available without downloading the entire block. Instead, it uses a technique called data availability sampling, where light nodes only check small, random parts of the block. This way, it's much more efficient than traditional monolithic blockchains where everyone has to download the entire block. The more nodes do this sampling, the better the network can handle data, leading to faster and more secure data verification. This approach improves scalability compared to monolithic blockchains.
Two standout applications that utilize Celestia's data availability layer include:
8. What are the complexities of modular blockchains like Celestia, and what developments or improvements can we anticipate in the near future?
Modular blockchains like Celestia come with added complexity due to the need for advanced mechanisms such as data availability sampling and fraud proofs to ensure the security of the network. These complexities are essential for maintaining the flexibility and scalability that modular blockchains offer. Additionally, the success of Celestia and similar projects depends on attracting projects and rollups to build on top of them.
9. What is the role of $TIA, Celestia’s native token?
The native token of Celestia, known as TIA, plays a multifaceted role within the ecosystem.
Staking: Firstly, TIA is used for staking, allowing users to actively participate in securing the network through delegation to validators like Chorus One. This proof-of-stake (PoS) mechanism enhances network security and decentralization, fostering a collaborative and community-driven environment.
Governance: Secondly, TIA is utilized for governance purposes, enabling users to create, engage in, and vote on proposals that shape network design and functionality.
Paying for blobspace: Lastly, Layer 1 and Layer 2 networks can use TIA to pay for Celestia blockspace, facilitating the publication of their data on Celestia's data availability layer. This comprehensive utility makes TIA a vital component of the Celestia ecosystem. (For detailed information, refer to https://docs.celestia.org/learn/tia)
10. What is the difference between sovereign roll ups and smart contract roll ups?
Sovereign rollups, such as those on Celestia, differ from smart contract rollups like Ethereum in how they handle settlement and their relationship with the underlying blockchain. Smart contract rollups post their blocks to Ethereum through an enshrined smart contract, effectively creating a bridge between the rollup and Ethereum. Ethereum acts as a 'baby chain' for the rollup, and the bridge contract interprets and processes the rollup's data. In contrast, sovereign rollups, like those on Celestia, directly submit their blocks as raw data to the chain without relying on smart contracts. The Celestia consensus and data availability layer don't interpret rollup data, and the rollup's blocks are independently managed by its nodes. This approach provides autonomy to rollup chains, and they determine their canonical chain without a bridge to the settlement layer, allowing for greater flexibility and independence.
Wrapping Up
Celestia is a modular network that makes it easy for builders to launch their own blockchain by focusing solely on data availability and allows developers to easily deploy blockchains on top of Celestia, as easily as deploying smart contracts.
Users can get involved with TIA by securing the network through delegation to validators like Chorus One and enhancing the collaborative and community-driven environment of the network. Check out our comprehensive guide on how you can stake your TIA with Chorus One!
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 45+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
After rigorous testing and numerous iterations, dYdX is soon making its transformational shift to the Cosmos ecosystem, unveiling its fourth and latest version as a standalone blockchain known as dYdX Chain, built using the Cosmos SDK. We’re proud to be joining the network as a genesis validator, enabling staking for dYdX's token, DYDX.
Since its inception, dYdX has been instrumental in facilitating over $1 billion in daily trading volume, achieving a remarkable milestone by surpassing $1 trillion in total trading volume through smart contracts on the Ethereum blockchain. Looking ahead, the exchange will implement a unique off-chain, in-memory order book trading system that will be overseen by a network of validators.
This article delves deeper into what this entails for stakers and offers insights into the workings of dYdX v4.
dYdX stands out as the leading decentralized exchange (DEX), specializing in the trading of derivative products known as "perpetuals." Perpetuals allow users to take leveraged long or short positions on crypto assets. In contrast to Uniswap and other DEXs, dYdX distinguishes itself by not relying on an automated market maker (AMM) to facilitate trading. Instead, it employs a traditional orderbook and matching model to cater to the needs and expectations of sophisticated traders and institutions. We've explored the key distinctions between AMMs and order book trading here.
In its initial launch in 2017, dYdX was introduced as an Ethereum Layer 1 application. However, the chain's limited scalability became evident, with users facing exorbitant gas fees for even simple trades.
To enhance scalability, dYdX transitioned to an Ethereum-based Layer 2 solution employing StarkX/StarkNet technology. This shift significantly reduced gas fees, vastly improving the user experience. Yet, it led to a higher degree of centralization within dYdX.
To address this centralization concern and advance decentralization, dYdX made the strategic choice to transition to its blockchain, built using the Cosmos SDK. This imminent transition, on the verge of completion and soon to go live, represents the DEX’s fourth and latest version, known as the dYdX Chain and will feature a decentralized, off-chain order book capable of seamlessly scaling with the platform’s growth.
As part of the Cosmos ecosystem, dYdX stands to gain the full advantage of decentralization, along with an array of unique features such as extensive customizability and scalability. We’ve delved into the specific reasons behind dYdX’s choice of Cosmos in the following section.
dYdX's decision to migrate from Ethereum to Cosmos stems from a strategic choice to utilize the unique capabilities of Cosmos technology, which offers a distinct advantage in building new layer-1 blockchains. Cosmos' Tendermint proof-of-stake consensus engine provides the foundation to develop a standalone, application specific blockchain with cross-chain capabilities, and makes it possible to fully customize how the chain functions.
Unlike Ethereum, where network congestion can be a concern, Cosmos’ app-specific chains function independently, and each Cosmos chain operates with its network of validators and token. This move permits blockchains to have faster transaction processing while maintaining decentralization, thus positioning Cosmos as the ideal choice for dYdX’s requirements, which demand high throughput - roughly, 10 operations per second and 1,000 orders/cancellations per second. Currently, Cosmos can process up to 10,000 transactions per second, or TPS, compared to Ethereum's 15-25 TPS.
A recent twitter thread by dYdX succinctly described the key separators between Layer 2s/Roll ups and standalone app-chains, and reiterated their decision to choose the latter. Read it here.
While on-chain orderbook DEXs offers a high level of transparency and decentralization, it comes at the cost of potentially higher transaction fees and slower transaction speeds. With each transaction requiring on-chain validation, the underlying network’s throughput can become a bottleneck, thus affecting the overall network efficiency.
In contrast, on dYdX v4, each validator will maintain an off-chain in-memory order book. When a new order is placed, it is initially routed to a validator that is randomly chosen. Subsequently, this validator disseminates the transaction to other validators to ensure the order book remains up to date. This alleviates the pressure on the network, allowing the chain to achieve significantly higher throughput for the order book while retaining decentralization.
The transaction flow roughly looks this -
Total supply: 1,000,000,000 DYDX tokens
50% of tokens go to the dYdX community which will comprise liquidity providers, traders, stakeholders, and users who complete trading milestones. A portion of this share goes to the community treasury.
27.73% of the tokens go to investors.
15.27% of tokens are allocated to the official team members of dYdX including founders, advisors, employees, and others.
7% of the tokens are reserved for consultants and employees who will join the platform in the future.
We’ve had extensive involvement with dydX v4 since inception as well as the Cosmos ecosystem in general. We received a grant from dYdX to write an in-depth research report (available here) that examines the implications of Maximum Extractable Value (MEV) within the context of dYdX v4 from a validator's perspective. Additionally, we were on all three testnets and actively contributed through debugging and sharing validator best practices.
dYdX occupies a unique position as a decentralized solution that directly competes with centralized exchanges in terms of its order book model, trading volume, and user experience aligns with our vision for the future of decentralized finance. Furthermore, we share dYdX's philosophy of prioritizing the creation of the best possible product, making our support for their forward-looking vision a natural choice.
Chorus One has been more than just a player in the Cosmos space. With our $30M venture arm, Chorus Ventures, we have actively invested in promising projects such as Celestia, Osmosis, Agoric and more, which keeps us well-connected to the ecosystem. We're also deeply engaged with the community, publish research reports, and extensively cover Cosmos in our blog.
Chorus One is the only node operator with a dedicated in-house quant team focussing on MEV. MEV refers to the maximum value that can be extracted from block production in excess of the standard block reward and gas fees by including, excluding, and changing the order of transactions in a block.
Because of our MEV expertise, we were provided a grant by dYdX to work on a research paper that goes into the territories of cross-chain arbitrage and also explores the subject of negating MEV externalities in a fully decentralized, validator-driven order book.
The report entails comprehensive insights on MEV’s impact on the new chain and trading, cross-chain MEV opportunities, user welfare, and centralization risks, ultimately providing practical solutions for mitigating validator-driven MEV risks. Read the report here.
Chorus One is the most active node operator on Cosmos where on-chain governance is enabled.
We have published a detailed research report last year on Cosmos’ governance, which elaborates on Cosmos’ validator participation, voting trends, controversial proposals, and why Chorus One is one of the most active node operators in the Cosmos ecosystem.
In the report, we conducted a governance performance comparison against the top 5 validators by stake on 13 chains from April 2022 to November 2022, which includes Akash, Axelar, Cosmos Hub, Evmos, injective, Juno, Kava, Osmosis, Persistence, Regen, Secret, Sommelier, Stargaze.
As illustrated in the chart below, our voting activity exceeded that of the average top 5 validators by 30%. However, it's crucial to note that the top 5 validators can vary significantly on each chain.
Out of the 13 networks studied, we achieved a 100% voting record in two networks, and in one network, Kava, we surpassed the average by approximately 90%, as demonstrated in the graph below. We consistently exceeded the average participation rates of the Top 5 validators on 11 out of 13 networks
*Since DYDX inflation goes to traders, dYdX stakers, in contrast, will receive 100% of the trading fees that are paid out in USDC.
To learn more about staking DYDX with Chorus One, don’t hesitate to reach out to us at staking@chorus.one. For any support queries, visit here.
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 45+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
Ensuring the security of our customers' assets and information has always been our foremost priority at Chorus One. Today, we are excited to announce a significant milestone in our ongoing commitment to establishing world-class security measures for our customers: the attainment of the ISO 27001:2022 certification.
The ISO 27001 certification is a globally recognized standard designed to safeguard critical information assets, including employee and customer data. More precisely, ISO 27001 outlines specific requirements for the creation, maintenance, and continual improvement of an Information Security Management System (ISMS).
As a customer, when you entrust a third party like Chorus One with your data, it's imperative that they are not only certified but also compliant with the ISO 27001 standard. This certification ensures that the provider's processes and data controls undergo regular and independent audits, providing you with the highest level of assurance that your information will remain safeguarded.
Given the escalating prevalence of cybercrime and the constant emergence of new threats in the industry, managing cyber-risks can appear daunting. By prioritizing information security and business continuity, we aim to offer our users the peace of mind that their investments are secure, even in the face of adversity. With this certification, we're better prepared than ever to offer our customers the safest way to earn returns on digital assets through simplified staking.
"Attaining the ISO 27001 Certification represents a significant milestone in Chorus One's commitment to building trust with our partners. It offers the highest assurance that our staking infrastructure, operations, and systems adhere to world-class security standards. While not a mandatory requirement, we have chosen to obtain this certification as a testament to how seriously we take the security of our customers." - Brian Fabian Crain, CEO, Chorus One
To gain a more comprehensive understanding of Chorus One's security framework and practices, visit our dedicated security page.
If you'd like to learn more about how we provide the safest and easiest means to maximize yields on your assets, don't hesitate to reach out to us at staking@chorus.one.
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 45+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
Chorus One is proud to introduce our new research effort, fueled by a grant from dYdX, that examines the implications of Maximum Extractable Value (MEV) within the context of dYdX v4 from a validator's perspective. This comprehensive analysis presents the first-ever exploration of mitigating negative MEV externalities in a fully decentralized, validator-driven order book. Additionally, it delves into the uncharted territory of cross-domain arbitrage involving a fully decentralized in-validator order book and other venues.
This paper, marking a significant milestone in exploring MEV dynamics, identifies factors that influence undesirable MEV extraction, and proposes concrete strategies to level the playing field in derivative trading by counteracting such behavior.
dYdX v4 signifies a transformative phase in the evolution of the dYdX protocol. It embraces a fully decentralized derivatives exchange built on a central limit order book (CLOB). Unlike previous iterations, which combined smart contracts with centralized services, v4 employs a decentralized off-chain order book and a high-performance matching engine. This architecture, powered by the CometBFT consensus and Cosmos SDK, strives to achieve scalability alongside decentralization while allowing community-driven protocol development.
This transition signifies a substantial shift, as v4 introduces the industry's first truly decentralized perpetual futures exchange. Validators will manage the order books, with meticulous steps taken to ensure fair and trustless trading through effective negative MEV mitigation.
Set against the backdrop of this pivotal upgrade, our paper serves a crucial purpose by shedding light on the complexities of mitigating bad MEV on dYdX v4, thus equipping the community with the resources needed to navigate the upcoming transition. By providing comprehensive insights, our analysis aids in anticipating the impact of MEV on the new chain and trading experience, as well as the wider Cosmos ecosystem, ultimately fostering informed decision-making.
Our analysis uncovers pivotal insights that reverberate across the ecosystem:
Finally, our research extends beyond insights to practical solutions for mitigating validator-driven MEV risks. We propose that such MEV might manifest through partnerships between trading firms and market makers, favoring those with established advantages. We underscore the risks associated with harmful MEV, including asymmetric risk for delegators. Even in optimistic scenarios, potential revenue from partnerships may not fully offset these risks. To address this, we suggest a combination of measures including potential penalties and flexible unbonding periods for re-delegation to ethical actors, aiming to effectively manage validator-driven MEV risks.
At Chorus One, we leverage a sophisticated and ethical set of MEV strategies to optimize our validators' performance and continuously monitor progress. Backed by in-house experts and extensive research, we deploy various infrastructural solutions such as relay optimization, latency games, and investing in robust machines to improve our MEV performance. Learn more about Chorus One's winning MEV strategies by reading our recent blog.
For a comprehensive exploration of our research on MEV implications within dYdX v4, we invite you to read the full research paper here.
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 40+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
Recent upgrades to Ethereum, such as The Merge and Shapella, were as transformative to the underlying technical algorithms of Ethereum, as they were for the underpinning economy. Previously, hardware enthusiasts and enterprises worked to provide security for the network and were generously rewarded in the process, while today the main driving force that makes Ethereum work securely is their validator community. While there are some similarities between miners and validators -- they both secure the chain via some technological process -- there are many striking differences between the two, particularly in the technology involved.
This article will focus on the technical aspects of being part of a validator community, risks associated with this role, and Chorus One’s measures to mitigate staking risks in our products.
Before 2022, Ethereum's main network used a Proof-of-Work (PoW) system called ETHash to create new blocks and handle transactions. Miners using this system had to solve complex puzzles using powerful computers to create blocks of transactions. These blocks were verified with a code unique to the miner, commonly referred to as a (ECDSA) cryptographic key. The EVM then transferred the transaction fees and additional inflation rewards into an account identified by a public key of that miner key pair. This cryptographic key pair that the miner received was known as a coinbase address, and was configured directly in software the miner used.
Now, things are different. Ethereum no longer requires complex puzzle to create blocks anymore. Instead of miners, a specific type of software called Validator Client creates new blocks. Running validators involves locking some funds on-chain, and then producing blocks when that validator is chosen as the next block producer by the randomness of the consensus algorithm. Since there is no hardware-intensive puzzle solving involved, and the randomness consensus algorithm is very lightweight and has allowed the network to reduce the hardware involved and energy spent within Ethereum blockchain. On the economic side, however, this also had profound changes.
First, they changed how rewards are distributed. Instead of the reward going to one address, it is now split into two parts: consensus and execution, which can be specified in separate accounts/addresses. It is split in this manner:
Execution rewards: fees collected for transactions in a block. These are sent to a special address set in the Ethereum software as the "fee recipient address."
Consensus Rewards: These are based on inflation and given to validators who make blocks and also to those who vote on blocks made by other validators. This consensus reward goes to an address set when a new validator is added. It can't be changed later and is called the "withdrawal address."
Second, the very algorithm used to sign the blocks was changed to involve a BLS algorithm instead of the previous ECDSA (however, the individual transaction signatures still utilize ECDSA for convenience and compatibility reasons). Next we will explain why this matters.
Now, there are two addresses involved in the reward process instead of just one cryptographic key pair. This means each validator has two key pairs. One of these key pairs is called BLS, and it's always used by the Ethereum client software to sign block information. This helps verify the address where fees should go, which is included in the block's data.
The block production process itself does not require the holder to also keep the ECDSA keys to the fee recipient address, so potentially every Ethereum address can be specified in the Validator Client to receive execution rewards. The withdrawal (ECDSA) key pair, however, is never loaded into a client, and is immutably bound to every Ethereum validator during the validator creating process.
For validators, this means that there exists a non-custodial process which allows them to lock their Ethereum coins in the blockchain while still having control over those funds and any future consensus rewards, while the actual Validator Clients can be run by a separate entity. Such an entity would only hold validator BLS signing keys and not the withdrawal ECDSA keys.
The Validator BLS key pair, which is important for confirming and creating new blocks, is traditionally generated from random information using a secure method that keeps the private keys unpredictable. Chorus One has its own in-house tool that makes generating keys fast and secure, which you can read more about here.
After creating the keys, the on-chain verification and loading of the deposit transaction data both kick off in parallel, in a process known as ‘Voting period’, and usually takes around 16 hours. During this time, Ethereum nodes from across the globe will read the deposit transaction log, and vote on whether the signature included in the transaction is correct. When enough votes for correctness are collected, the voting period elapses. However, the validator does not immediately start to fulfill its duty of securing the chain, but due to a limitation in the amount of validators that can become active per block, some additional time is spent in an activation queue. More information on this process can be found here.
Once the activation queue period has passed, the validator clients where the keys have been loaded will start fulfilling Ethereum blockchain duties. Only after this point is that specific duties can be assigned and the keys will start being used to produce signatures and blocks.
This process is visualized on the following image:
The biggest danger for validator key holders is if those keys are stolen, because attacker in possession of the victim validator keys can produce messages infringing to security of a blockchain, which will lead to slashing the validator that incurs a large penalty (more than 1Eth per validator).Currently, it is not possible for a perpetrator in this scenario to profit from such operation, however the possibility to vandalize the ledger still exists and is the most significant risk when operating the validator keys. Thus, participation in staking usually involves consistent and well-thought security practices that prevent unauthorized access to the validator key seed. It is also important to understand that a single seed can be used to generate multiple validators; the more validators were created from a single seed, the bigger the potential impact from leaking the keys.
Besides this, other risks arise from the operation of running validators.
Client software risks
The Ethereum community often discusses the risks associated with client software diversity, which refers to having different types of software implementations. Ethereum offers various open-source validator options, and users can even create their own software. However, most users prefer established open-source options. Validator software is complex and can have bugs that lead to penalties. To minimize risk, stakers should use different validator software types to avoid simultaneous problems that could result in increased penalties for everyone, known as an "inactivity leak."
It's better for stakers to run multiple types of validators to reduce risk. Currently, Ethereum has good diversity at the consensus layer, but there's an issue with one software type dominating the execution layer. Bugs often appear in specific software versions, but Ethereum runs multiple versions simultaneously to reduce risks. Those using a service to stake Ethereum should make sure the service uses diverse software types for both main agreement and action parts of Ethereum.
Withdrawal risks
Withdrawal risks arise from possible issues with the withdrawal keys, like if they are accidentally revealed or if access to the wallet's private key (ECDSA) is lost. As of now, Ethereum lacks mechanisms to regain access to validator withdrawal once the wallet is lost. This underscores the significance of using a trustworthy wallet, maintaining backups, or relying on a reputable custody provider to safeguard the withdrawal seed. It's essential to ensure the correct wallet public key is used when setting up the validator.
At Chorus One, we operate over 8000 validators on the Ethereum Mainnet for various customers, drawing from years of experience without encountering any slashable offense. In the following sections, we'll delve into the techniques we've developed to oversee validator operations, along with the software and infrastructure controls we've implemented. These measures are aimed at minimizing risks for our customers.
Validator key security is at heart of our operation. We ensure that validator keys are never stored on disk without encryption. We utilize cloud-based Vault software, implementing zero-trust access controls, to securely store and provide validator keys to validator clients throughout their lifecycle and operation.
We employ Vault access control policies to ensure that only software clients have access to validator key content. We also segment access for different processes, ensuring that each validator client process can access only a specific set of keys. These keys are guaranteed to be unique across all processes. While generating each validator's private BLS key, we use a strong source of randomness to minimize the possibility of collisions. Furthermore, an SQL database with a unique constraint on the validator's public key field is used to ensure that generated validator keys are never reused for new validators, even if a validator is exited later.
To maintain transparency, we maintain an append-only log of all operations on the Vault storage, and we routinely review it for any anomalies. When it comes to data transfers involving validator keys, they exclusively occur through TLS encrypted channels. Additionally, backups of validator key storage are encrypted with multiple keys, requiring the authorization of multiple individuals to restore from the backup. Each mnemonic used for a validator's BLS private key is unique and exclusively assigned to that specific validator. This approach further minimizes the risk of key leakage.
For each validator client, we maintain a local slashing protection database. Additionally, we utilize the Web3Signer signing service, which employs a centralized slashing protection database. This dual-layer approach offers enhanced security. In the event of potential glitches or bugs in our cloud platform that might result in two instances of the same process running with the same local slashing protection database, the centralized Web3Signer database acts as a safeguard against double signing by our validators.
The Web3Signer centralized database is replicated across multiple data centers, ensuring redundancy and availability. An automated fail-over mechanism is also in place to address any downtime in a data center. The protective measures employed by Web3Signer to prevent double signing are depicted in the illustration below.
At the core of our infrastructure lies a network of public Ethereum nodes that actively engage in the Ethereum consensus and execution process. These nodes establish dependable infrastructure pathways that support the seamless functioning of the Ethereum network. These public nodes are strategically positioned across various geographical data centers, ensuring redundancy and reliability.
Within our validator clients, we've implemented load-balancing mechanisms. This ensures that if one of the data centers experiences an outage, our validator clients seamlessly transition to utilizing Ethereum nodes from other operational data centers.
Alongside the usual health checks for Ethereum APIs, our load-balancing strategy incorporates personalized health assessments for Ethereum nodes. For instance, if an Ethereum node's connected peers experience a sudden drop, our load balancer redirects validator traffic away from that node. This action prevents any potential issues with attestation or block propagation.
At Chorus One, we adopt a safeguard by running various implementations for both the consensus and execution layers in parallel. This approach ensures that any bugs in a single client implementation won't impact all of our nodes. The visual depiction of the infrastructure alignment between public nodes and validators is illustrated in the diagram below.
Our validator client software connects to the public Ethereum nodes, which are hosted on lightweight cloud appliances situated in proximity to the public node hosts. We maintain distinct validator client processes for different customers, ensuring that validators from separate customers don't share the same process memory.
We employ cloud automation software to facilitate automated upgrades for the client process. This includes an instant rollback feature triggered by automated health checks if any misconfiguration is detected that could potentially result in penalties.
Our infrastructure platform, Kubernetes, operates on top of public cloud providers, ensuring that only a single instance of each validator client process is active at any given time. This is achieved through the utilization of StatefulSet resources, which terminate old processes before launching new ones during restarts.
Our automated validator client updates undergo thorough testing before implementation. Updates are applied exclusively to Ethereum mainnet validators that have been rigorously evaluated and proven effective in privatenet and public testnet environments prior to deployment. The process of automated upgrades and rollbacks is visually depicted in the diagram below.
The controls and mechanisms mentioned above are sophisticated and prioritize security and safety over maintaining uptime. For instance, our validator client software integrates slashing protection to prevent signing attestation in scenarios where true double signing could occur, or if there's an issue with the centralized slashing protection database service.
Another example pertains to the potential downtime of the Vault service, which could lead to validator clients being unable to load signing keys and thus unable to sign on time. To address this, we implement continuous monitoring for all validators and the underlying infrastructure, generating automated alerts if any issues arise. To ensure comprehensive oversight, even in cases where our internal monitoring might falter, we employ a separate process of on-chain monitoring. This process involves scraping Ethereum blockchain APIs from an isolated set of public Ethereum nodes. It raises alerts if any penalties are detected with Ethereum validators.
Our team of rotating on-call engineers is available round the clock to respond to these alerts promptly and troubleshoot any potential problems with validator clients.
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 40+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
We had an enriching and productive time at EthCC 6, a week-long event in Paris that brought together industry professionals and experts from across the globe. Here's a recap of Chorus One's highlights from the event:
Our Research Analyst and Ethereum expert, Gabriella Sofia, delivered an insightful presentation on the staking ecosystem. She covered everything from the history of staking to the latest developments in liquid staking and MEV.
Our CEO and Founder, Brian Crain, took the EthCC main stage to explore the Urbit ecosystem. His talk delved into Urbit's history, use cases, and future outlook. If you're new to the ecosystem, we highly recommend watching his presentation to get up to speed.
On the final day, Jennifer, our Engineering Team Lead, presented Chorus One's key generation tool, ETH-staking-smith. Her technical yet concise explanation shed light on the optimized, open-source Ethereum validator key generation tool we developed to streamline key and deposit data generation.
Brian returned on stage for his second talk on the staking economy, where he explored the depths of the staking ecosystem, from its history to where it stands today (1:05:52 - 1:26:23)
Throughout the event, we absorbed a wealth of knowledge and returned with a renewed sense of hope and motivation. The community's energy was infectious, inspiring us to continue building better technologies, products, and solutions in the second half of the year.
See you next time!
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 40+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
