Decentralized Finance (DeFi) is a profound paradigm shift, redefining how the world engages with financial services. At its center, open liquidity provisioning allows for seamless decentralized trading,lending, and more complex financial strategies. In contrast to traditional finance, centralized intermediaries are not required as liquidity providers, instead, users are empowered to bootstrap liquidity.
Automated Market Makers (AMMs) - see e.g. Uniswap - allow anyone to contribute assets to pools and thus facilitate trading. Users are compensated with a share of trading fees, and potentially,idiosyncratic incentives added by parties benefiting from liquidity (e.g. a project issuing a token). AMMs are simple - users may provide liquidity over the entire price range, or for a specific pricing interval.
DeFi composability and the absence of asset custody by intermediaries push market participants to opt for AMMs over centralized exchanges (CEXs). AMMs have the potential to outperform centralized exchanges in terms of liquidity provision (G. Liao and D. Robinson).
Conversely, Decentralized Exchanges (DEXs) driven by a Central Limit Order Book (CLOB) - see e.g. dYdX v4 - demand a substantial pool of assets and ample order book depth for smooth operation. A CLOB is adept at consolidating liquidity around the market price and has the flexibility to adjust quotes as needed.
However, the process of actively matching buy and sell orders to connect traders is complex and rewards sophistication. Market makers in CLOB-based DEXs must consistently update their positions to prevent their orders from becoming stagnant. This dynamic nature of CLOBs, while offering powerful tools for price discovery, also renders liquidity provision a more intricate endeavor. This complexity is particularly pronounced for those traders who may not have access to real-time market data, as remaining profitable in such an environment requires a deep understanding of market dynamics and order flow.
AMMs and decentralized CLOBs are the dynamic engines driving the DeFi ecosystem. For Liquidity Providers (LPs) navigating the DeFi landscape, a central challenge looms – adverse selection, as extensively explored in J. Milionis et al for AMMs and U. Natale et al for CLOBs. This article delves deep into these mechanisms, highlighting challenges and opportunities facing LPs. We’ll zoom in on Uniswap v3, the most widely used AMM, to explore the complexities and potential solutions in this dynamic landscape. In the final section, we argue that staking, specifically with a validator optimizing for MEV, is a way of recouping potential losses.
Uniswap is the leading DEX by volume with $1.5 trillion in lifetime volume since its 2018 debut (cfr. DefiLlama), and over $1 trillion alone processed by Uniswap v3 (H. Adams et al). Central to its operation is the concept of concentrated liquidity (CL), empowering LPs to offer assets within specific price ranges. LPs facilitate the smooth flow of assets and liquidity, making the success of these AMMs critically dependent on LPs participation, who provide liquidity in exchange for trading fees.
For LPs participating in AMMs, the primary challenge is adverse selection, cfr. J. Milionis et al. This issue arises because parties with access to real-time market prices can exploit price discrepancies between AMMs and other platforms. These transactions often involve arbitrage between CEXs and DEXs. To succeed in capitalizing on price disparities, individuals need not only priority access to the first few on-chain transactions in a block (T. Gupta et al) but also the ability to execute high-quality trades on CEX. This transaction flow between different venues forms the backbone of efficient AMM trading, however, it can have adverse effects on LPs via adverse selection.
In U. Natale et al, we evaluate how pricing on dYdX v4 could be impacted by the presence of another CLOB with higher liquidity, for a given asset - e.g. on a CEX. However, it's important to note that this platform is not live at the moment. This means that making an exact comparison of the profitability of professional Market Makers in a decentralized order book like dYdX v4 is currently unfeasible. Consequently, for the remainder of our analysis, our primary focus will be on Uniswap v3, where Concentrated Liquidity presents opportunities and challenges worth exploring.
Estimating the effective profit & loss (PNL) for a LP has been a subject of extensive study in literature. One widely debated estimator, frequently discussed in the context of the profitability of ETH/USDC LPs on Uniswap v3, revolves around markouts, as outlined in a series of medium articles by Ambient finance, formerly known as CrocSwap. However, it's crucial to highlight that markouts, as an estimator, may not present a holistic view of LP profitability on Uniswap v3.
This is because markouts typically overlook the genuine liquidity and the precise price range within the pool. Consequently, they may overlook changes in the value of the numéraire within the pool, focusing solely on the risky asset's fluctuations. The omission of these critical factors can significantly impact the accuracy of LP profitability assessments.
In order to avoid possible biases in the analysis, we decided to use an estimator that is dependent on the actual variation in pool value, see here for the description of the mathematical framework.
To estimate the PNL, we built a Dune Analytics dashboard, where we consider the USDC/ETH pool with 0.05% fees.
The picture above shows the final Pool’s PNL since the beginning of the year, which corresponds to a general gain of around $35M. Let’s observe that, to achieve this figure, we need to consider the total TVL as capital deployed for the strategy. At current TVL of $206.59M, this corresponds to a 16.9% gain, instead, by considering the maximum historical TVL (~$320M) the total gain since the beginning of the year is around 10% of the capital deployed.
If we focus on the PNL from pool value variation, i.e. no fees, we can see how the overall gain is primarily driven by accrued fees. Indeed, the adversarial selection produced - at time of writing - a loss of $400k, with a maximum loss of ~$1M in May.
If we compare with the ETH price movement during the same time period, we can see that this effect is primarily driven by the movement in ETH price.
More precisely, this is an effect related to price volatility, as shown in Milionis et al. Indeed, when price volatility sharply increases, the price discrepancy between Uniswap v3 and other venues also increases, amplifying the MEV size. The two plots below show the pool value variation due to Toxic Flow and the correlation between pool value from toxic flow and spikes in volatility (24h Moving Average). Here by Toxic Flow we indicate all the transactions coming from informed traders that generate a negative PNL for the LPs. Given the nature of DEXs, informed traders aim to include their transactions in the top part of the block (we used the first 10 txs in the block) to avoid price movements due to market activity.
Before concluding this section, it's worth mentioning that, despite the PNL of $35M due to the accrued fees, being competitive and effectively implementing a strategy that generates a positive PNL is a complex undertaking. This is because there are sophisticated LPs, and the accrued fees need to be divided among all participants. Barriers to entry include access to highly performant price feeds and pricing models, as well as optimized execution. Furthermore, the previous estimator considers the PNL from the pool value, inherently assuming that the entity deploying the strategy has infinite capital that can be allocated each time the price moves. If we utilize the estimator defined in Eq. (8) of this document, we can illustrate how an LP with a fixed initial amount deployed in the liquidity provision strategy experiences a PNL of -30% (without accounting for the fees), as demonstrated below.
Additionally, by updating the positions every minute, the LP accumulates a total gas cost of $2M since the beginning of the year. It's important to note that this cost can be hedged with solutions like Alkymia, in which Chorus One has invested.
We have seen how LPs, who diligently provide liquidity, may face losses as arbitrageurs exploit price differences between centralized and decentralized platforms. Staking represents a strategic approach for LPs to recapture a portion of the extracted MEV. This is particularly advantageous when LPs choose validators that are actively working to optimize MEV yields, like Chorus One (see previous chapter). By aligning their staked assets with validators who specialize in maximizing MEV yields, LPs can amplify their returns while bolstering their resilience against the challenges of adverse selection.
This endeavor is not about exploiting MEV at the expense of the ecosystem but rather about recapturing it for the benefit of those who contribute to the DeFi landscape. Maximizing MEV yields is a way to ensure that the value generated from the MEV ultimately flows back to the stakers, aligning incentives and fostering a fairer and more rewarding DeFi ecosystem. Moreover, the staked amount can be thoughtfully hedged against price fluctuations using external sources, creating a comprehensive strategy to safeguard LPs' investments and enhance their gains.
In summary, LPs, who play a pivotal role in DeFi liquidity provision, can employ a multifaceted strategy combining liquidity provision, staking, and hedging to mitigate the impacts of adverse selection and recapture a portion of the extracted MEV. By making strategic choices in validator selection and actively managing their positions, LPs can navigate the complexities of the DeFi landscape and emerge as resilient and profitable participants.
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 45+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
Staking rewards generally derive from a combination of inflationary rewards, transaction fees, and MEV. We are certain that a complete understanding of the Ethereum PBS pipeline allows validators to extract more MEV through targeted infrastructure optimizations.
While adjacent topics have been discussed in literature (e.g. Schwarz-Schilling et al., 2023), Chorus One is the first node operator to successfully test out different optimization approaches on mainnet. We find that the most impactful improvements are contingent on comprehensive internal data, and have generally not been discussed in their specificity.
The goal of this article is to share the results of a recent pilot. We will follow-up with more detail in a later, comprehensive study, which we are co-authoring with one of the most recognizable and competent teams in the MEV space.The pilot makes use of several modifications which positively impact MEV extraction. The rest of the article will discuss one straightforward, illustrative example in more detail, and present the overall results of the pilot so far.
There are two components to APR optimization. Firstly, we should maximize the payoff of the blocks we propose, and secondly, we should minimize the likelihood of missing our chance to propose (i.e. missing our slot). The first of these is more complex and can be approached in several ways, including via latency games, and other infrastructure optimizations.The latter is more accessible, and primarily hinges on running a robust infrastructure setup with appropriate redundancy. However, relay selection also plays a role. Let’s dive in!
A basic illustrative adjustment: drop underperforming relays
The goal of this section is to give an example of a straightforward MEV-adjacent infrastructure adjustment that can positively impact validator APR by minimizing the probability of a missed slot. This modification is not central to our MEV strategy in terms of impact, but it is illustrative of the Ethereum MEV supply chain.
As per conventional wisdom, a validator is best off integrating with a large number of relays, as the mev-boost auction will yield the highest bid, i.e. there is no obvious downside to soliciting a maximum number of bids.
This is only half of the story. Let’s recall how validators and relays interact in more detail. First, the validator requests a block header from a relay, which then delivers the header corresponding to the most profitable block available to the relay. In parallel, the validator also solicits bids from all other relays it is integrated with. The mev-boost auction then determines the highest bid, the validator signs the header associated with this bid, and asks all relays to deliver the payload associated with this header.
The relay that is quickest to respond (typically the relay that delivered the original bid) then broadcasts the block and returns the associated payload to the proposer. This may be done with a delay versus previous implementations (i.e. at proposer’s slot t=0), as early distribution of the payload theoretically allows an unethical proposer to build an alternative block exploiting the transactions in the block received from the relay. This vulnerability has been outlined by the “low carb crusader”, and more details can be found in this post by Flashbot’s Robert McMiller.
The upshot is that in addition to transferring bids from builders, relays also carry responsibility for propagating the final signed block to the network. This is more pronounced now than previously, as the time available for this step has been decreased. Therefore, validators should favor relays that deliver payloads rapidly, or run an idiosyncratic risk of missing their slot, for relays that underperform.In practical terms, we find that relays can diverge significantly on delivery speed, and that for one relay in particular, a routine network disturbance could lead to a missed slot if the validator depends on it to deliver a given block.
The following graph shows the cumulative probability distribution for the maximum time at which a block becomes eligible within each slot, and each line represents a relay.This is a snapshot that is relative to a subset of our nodes over a limited period, and relay performance can vary over time, i.e. should be constantly and granularly monitored. Relays are currently a costly pro-bono good, and we appreciate providers subsidizing the network in this way.
In practical terms, for this particular cluster of nodes, running the relay color-coded light blue is a negative EV decision, i.e. it should be dropped. This is due to the consistent delay it exhibits in making blocks eligible, as compared to other relays.
Our current MEV pilot: A first look at the results
Our current MEV pilot combines straightforward adjustments, like the relay selection process illustrated above, with more significant and systematic infrastructure optimizations.
The below graphs are a first look at the results, and summarize performance over approximately a quarter.
As such, getting a grip on variance requires robust statistical processing. As MEV is tail-heavy (i.e. most profit is produced by rate opportunities), results can vary significantly over time, and capital invested. We are comparing the MEV payoff distribution of the pilot with the MEV payoff realized by a set of Lido nodes. On a per-block level, we find that our pilot has improved MEV rewards significantly:
This extends to the aggregate case - over our sample, the pilot has extracted higher rewards than a “vanilla” setup with a probability approaching 100%:
The upshot is that we feel highly confident that the infrastructure optimizations implemented in our pilot study aggregate out at an APR that is consistently higher than what a non-optimized setup typically achieves.We will elaborate further on specifics in a forthcoming study. If you are interested in learning more about our approach to MEV, please reach out to us anytime at research@chorus.one.
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 45+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
This edition of the Ecosystem Review covers NEAR, which in technical terms, is a layer one, sharded, proof-of-stake blockchain, and in practical terms, targets to become the operating system (“OS”) for an open web.
Each transaction in the NEAR blockchain costs less then $0.01 and blocks are finalized in only 2 seconds, placing the protocol in the group of fast and cheap blockchains. The decision to dive deeper into Near this quarter is based on the attention it’s getting from the announcement of Blockchain Operating System and other apparently successful initiatives for expansion of the ecosystem, which have been reflecting in increased on-chain activity (Fig 1), despite the current market scenario.
Before revealing the main actor behind the spike in network activity, this article will review the protocol’s technical architecture, the staking and economics parameters and other relevant aspects, like cross-chain composability.
For the new and old fans of NEAR, the community is meeting up in person in the upcoming NEARCON, a 4-day event to take place in Lisbon in November.
The NEAR protocol is a proof-of-stake network which means that Sybil resistance is done by staking the native token, also called NEAR or Ⓝ. The time is measured in epochs. An epoch is made of 43,200 blocks. Ideally an epoch lasts about 12 hours, but in practice it lasts longer than that, since average block time is currently around 1.11 seconds according to nearblocks.io - the official block explorer.
NEAR is a layer one blockchain. Because of its sharded architecture, a block in NEAR includes one chunk for each shard, and the chunks respectively include the transactions executed for its associated shard. In terms of network participants, the block producer is a heavy duty, since it requires participants to store the full ledger (aka full node) for all chunks. In order to scale and decentralize the set of operators, the protocol is designed to allow a lighter type of node in addition to the block proposer, called chunk-only producer, who creates blocks for single chunks.
NEAR features a runtime layer to execute code, and supports the deployment of applications, a.k.a smart contracts. Smart contracts are written in either JavaScript or Rust, and the NEAR SDK compiles the contracts into WebAssembly (WASM). The NEAR runtime uses the concept of Gas to unify the cost of execution and bandwidth. Each WASM instruction or pre-compiled function gets assigned a gas fee based on measurements on a common-denominator computer. Same goes for weighting the used bandwidth based on general unified costs.
Gas is priced dynamically for each block, and adjusted based on the consumption of the limit in the previous block. When a smart contract wants to store some data, storage cost is computed, and the appropriate amount of NEAR tokens is “locked” on the account. When data is removed, tokens are unlocked. Unlike gas, these tokens are locked in the smart contract’s account, so the user doesn’t directly pay for it. 30% of gas fees users spend on a particular application will go to the contract’s account, generating revenue for the deployer via usage.An interesting aspect of the NEAR protocol lies in the accounts system: it natively supports account abstraction, which means that instead of identifying users by their public/private key pairs, it defines accounts as first-class entities. The implications in usability, are:
A complete overview of the technicalities of the Protocol can be found in https://docs.near.org.
As stated previously, NEAR has its own runtime, which is not compatible with the Ethereum Virtual Machine. However, using a Layer-2 like approach developers can deploy Ethereum-compatible applications to NEAR, and leverage its lower cost and higher throughput platform. It is the case of the Aurora project, an Ethereum Virtual Machine (EVM) built on top of the NEAR Protocol. The most popular tools built for EVM development are also available to be used on Aurora.Also adding to interoperability, the Rainbow Bridge plays an important role as it allows transferring assets between the Ethereum Blockchain and NEAR. The Rainbow Bridge protocol is a trustless, permissionless protocol for connecting blockchains, developed in-house, by the NEAR team.
The core idea behind it is to implement an Ethereum light client in Rust as a NEAR contract, and a NEAR light client in Solidity as an Ethereum contract. Trust assumptions are minimized using this protocol, as anyone can deploy your own instance as a smart contract. This can facilitate simple (e.g. a canonical token migration) and complex interactions between NEAR and ETH, for example, allowing ETH holders holding a given token to vote in your DAO on NEAR.
In contrast to other ecosystems, the NEAR blockchain was able to keep up a relatively high level of daily transactions over the past year, despite the dramatic slow down the whole crypto space has seen. Activity metrics have spiked at a daily 1M transactions in August 2023, leaving behind previous heights of approximately 500k daily transactions (Fig 2).
Leveraging NEAR account system, and Flipside Crypto to plot the top accounts by number of transactions shown in Fig 3, the main driver of the increased activity can be spotted: the accounts and tokens related to Kai-Ching, or $KAIC, the token of KaiKai, a Singapore-based shopping app:
KaiKai is an application built by Cosmose, a nine-year-old company targeting the use of artificial intelligence to improve off-line shopping with ultra precise recommendations and advertising. Cosmose was featured in the list of the 100 world’s most promising private AI companies in 2022. With a team distributed across Warsaw, Shanghai, Hong Kong, Singapore, Tokyo and Paris, the company recently raised an undisclosed amount at a $500 million valuation, up from $100 million when it closed its $15 million Series A financing in 2020. The Near Foundation has made a strategic investment in Cosmose, announced in April '23, according to techcrunch.com.
Fig 4 illustrates the relevance of KAIKAI-related transactions in the ecosystem, in contrast with overall transaction volume.
KAIKAI uses AI to curate and personalize vendors’ offers and partnerships. In contrast with the conventional e-commerce, users shop online through the app but pick it up in person. With every purchase, users are rewarded with the $KAIC as cashback that never expires. The token is also used in the app to facilitate refunds, but at this point, it can not be traded anywhere, nor exchanged for Fiat.
This year, the Foundation also launched Near Horizon, a social platform to connect everyone involved in the ecosystem: builders, contributors and backers can create a profile to share and discuss ideas, hire members to the team, apply for funding etc. This came shortly after NEAR announced its transition to a Blockchain Operating System (BOS), an initiative to establish NEAR as the entry point into the decentralized internet - the Web3. BOS is designed to effortlessly create and distribute decentralized apps on any blockchain, not only on NEAR. BOS is focused on accessibility.
You can use javascript, the most popular programming language (according to statista.com) to create, fork and reuse components already published by other users; connect with a NEAR account to retrieve owned components; and deploy and host naturally open source apps on-chain. Not only adding value to the ecosystem, BOS seems like a good progress to the onboarding of developers to Web3.
At the time of writing, the project was valued at more than $1 Billion (source: coinmarketcap.com ) and the NEAR token was traded at $1.04, not far from its launch price in October 2020 - see Fig 5. The Proof of Stake network is run by 213 nodes and secured by 604.9M of staked NEAR, equivalent to $630M, or 60% of the total token supply. Judging by the list of nodes, most of them are managed by professional infrastructure providers, and are distributed globally. The largest validator concentrates 7.8% of voting power and the super minority is formed by only the top 8 validators.
The annual inflation rate is 5% and the staking APR is 7% according to Staking Rewards. The inflation is distributed to stakers every epoch in the form of block rewards. The protocol supports staking delegation, which means that token holders can natively and securely stake their tokens with node operators they trust. During each epoch, validators’ voting power in the network remains constant. Changes to stake amounts are processed at the beginning of the next epochs, e.g. it takes a maximum of 12 hours to start participating in rewards after delegating NEAR. The unbonding period is also comparatively short: upon unstaking, users receive their tokens after 3 full epochs (36-48 hours). Follow the full staking guide in this link to learn how to create and fund a NEAR account, stake your tokens and withdraw rewards.
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 45+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
Who is this guide for: Users who already have DYDX tokens in the Cosmos ecosystem and now want to stake them with Chorus One
If you wish to bridge your DYDX from Ethereum to Cosmos, check out our detailed guide here.
Step 1: Log into Keplr and connect your account
Step 2: Search for the dYdX Chain and look for the Chorus One Validator
Step 3: Click on Chorus One validator and enter the amount you would like to Stake
Step 4: Click on ‘Stake’ and follow the staking flow
Step 5: Approve Transaction. You have now staked DYDX with Chorus One!
dYdX v4 is the latest iteration of dYdX, one of the most prominent decentralized exchanges and premier trading platform for cryptocurrency. The DEX initially launched as an Ethereum-based Layer 2 solution and has now made a significant move by transitioning to its dedicated blockchain, known as the dYdX Chain (or dYdX v4), built using the Cosmos SDK. We've compiled all the essential information about the chain, complete with an in-depth exploration of their move to Cosmos and Chorus One's ongoing involvement with dYdX since the very outset in a comprehensive guide. Check it out here.
There are various utilities of the dYdX v4 token, DYDX, and amongst the most popular use cases are to engage in governance proposals and participate in staking.
To use and stake DYDX, the dYdX Chain needs to onboard users from various platforms, including rollups, Ethereum L1, other app-chains, and centralized exchanges, to its Cosmos version. To simplify the process and make staking on Cosmos a breeze for our customers, we have developed a novel solution that enables you to move your DYDX tokens from Ethereum to Cosmos and stake them with Chorus One in a swift, seamless transaction. If you wish to bridge your DYDX from Ethereum to Cosmos, check out our detailed guide here.
However, if you already have DYDX in the Cosmos ecosystem, you can directly stake them with Chorus One using your Keplr wallet. Let’s proceed to how you can do this with a step-by-step walkthrough.
*Since DYDX inflation goes to traders, dYdX stakers, in contrast, will receive 100% of the trading fees that are paid out in USDC.
5. Then, click on ‘Approve transaction’.
6. You will be redirected to the staking UX, which will show that your stake transaction is processing.
7. After a few minutes, your stake transaction will be complete! You can confirm that your transaction has processes by checking the block explorer here, as shown below.
8. Once you have confirmed your transaction, you have successfully staked DYDX with Chorus One!
We’re happy to answer any questions you may have! For any support queries, please visit here. Alternatively, if you’d like to learn more about staking with Chorus One, get started with staking, or anything else, reach out to us at staking@chorus.one
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 45+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
As we approach September, the eminent crypto conference of Asia, Token2049, is set to take place in sunny Singapore!
With pioneers from various crypto and blockchain domains converging on the Red Dot nation, the week promises Token2049's flagship conference on September 13th and 14th, surrounded by an array of side events (including two of our own!). The Chorus One team is brimming with excitement as we gear up to attend.
Join us at Booth M90, where a number of our team members, including Xavier Meegan, Yannick Socolov, Michael Moser, Umberto Natale, Luis Nuñez Clavijo, Hariharan Iyer, Alex Bentley, Rishi Sidhu, Chakravarthi Muppalla, and Keerthi Narendra, will be waiting to connect.
Apart from engaging in conversations about the latest in staking, make sure to swing by our booth for an assortment of fresh swag and the chance to win intriguing mystery gifts!
Kick-start your morning with us!
To participate in our breakfast side event, kindly register here.
Chorus One x Alkimiya Networking
As the vibrant introductions wind down after two days, join us at our co-hosted evening side event with Alkimiya. Register here to attend.
Lastly, what's a conference without a Chorus One twist? Following the much-loved appearance of Lefty the Alpaca at EthCC, we're conjuring yet another surprise for Token2049. Hint: Keep your eyes peeled, or you might just miss it. 🪄Lefty the Alpaca at EthCC, we're conjuring yet another surprise for Token2049. Hint: Keep your eyes peeled, or you might just miss it. 🪄
If you're attending and wish to arrange a meeting with our team, please reach out to us at info@chorus.one, and we'll get in touch. See you there!
Recent upgrades to Ethereum, such as The Merge and Shapella, were as transformative to the underlying technical algorithms of Ethereum, as they were for the underpinning economy. Previously, hardware enthusiasts and enterprises worked to provide security for the network and were generously rewarded in the process, while today the main driving force that makes Ethereum work securely is their validator community. While there are some similarities between miners and validators -- they both secure the chain via some technological process -- there are many striking differences between the two, particularly in the technology involved.
This article will focus on the technical aspects of being part of a validator community, risks associated with this role, and Chorus One’s measures to mitigate staking risks in our products.
Before 2022, Ethereum's main network used a Proof-of-Work (PoW) system called ETHash to create new blocks and handle transactions. Miners using this system had to solve complex puzzles using powerful computers to create blocks of transactions. These blocks were verified with a code unique to the miner, commonly referred to as a (ECDSA) cryptographic key. The EVM then transferred the transaction fees and additional inflation rewards into an account identified by a public key of that miner key pair. This cryptographic key pair that the miner received was known as a coinbase address, and was configured directly in software the miner used.
Now, things are different. Ethereum no longer requires complex puzzle to create blocks anymore. Instead of miners, a specific type of software called Validator Client creates new blocks. Running validators involves locking some funds on-chain, and then producing blocks when that validator is chosen as the next block producer by the randomness of the consensus algorithm. Since there is no hardware-intensive puzzle solving involved, and the randomness consensus algorithm is very lightweight and has allowed the network to reduce the hardware involved and energy spent within Ethereum blockchain. On the economic side, however, this also had profound changes.
First, they changed how rewards are distributed. Instead of the reward going to one address, it is now split into two parts: consensus and execution, which can be specified in separate accounts/addresses. It is split in this manner:
Execution rewards: fees collected for transactions in a block. These are sent to a special address set in the Ethereum software as the "fee recipient address."
Consensus Rewards: These are based on inflation and given to validators who make blocks and also to those who vote on blocks made by other validators. This consensus reward goes to an address set when a new validator is added. It can't be changed later and is called the "withdrawal address."
Second, the very algorithm used to sign the blocks was changed to involve a BLS algorithm instead of the previous ECDSA (however, the individual transaction signatures still utilize ECDSA for convenience and compatibility reasons). Next we will explain why this matters.
Now, there are two addresses involved in the reward process instead of just one cryptographic key pair. This means each validator has two key pairs. One of these key pairs is called BLS, and it's always used by the Ethereum client software to sign block information. This helps verify the address where fees should go, which is included in the block's data.
The block production process itself does not require the holder to also keep the ECDSA keys to the fee recipient address, so potentially every Ethereum address can be specified in the Validator Client to receive execution rewards. The withdrawal (ECDSA) key pair, however, is never loaded into a client, and is immutably bound to every Ethereum validator during the validator creating process.
For validators, this means that there exists a non-custodial process which allows them to lock their Ethereum coins in the blockchain while still having control over those funds and any future consensus rewards, while the actual Validator Clients can be run by a separate entity. Such an entity would only hold validator BLS signing keys and not the withdrawal ECDSA keys.
The Validator BLS key pair, which is important for confirming and creating new blocks, is traditionally generated from random information using a secure method that keeps the private keys unpredictable. Chorus One has its own in-house tool that makes generating keys fast and secure, which you can read more about here.
After creating the keys, the on-chain verification and loading of the deposit transaction data both kick off in parallel, in a process known as ‘Voting period’, and usually takes around 16 hours. During this time, Ethereum nodes from across the globe will read the deposit transaction log, and vote on whether the signature included in the transaction is correct. When enough votes for correctness are collected, the voting period elapses. However, the validator does not immediately start to fulfill its duty of securing the chain, but due to a limitation in the amount of validators that can become active per block, some additional time is spent in an activation queue. More information on this process can be found here.
Once the activation queue period has passed, the validator clients where the keys have been loaded will start fulfilling Ethereum blockchain duties. Only after this point is that specific duties can be assigned and the keys will start being used to produce signatures and blocks.
This process is visualized on the following image:
The biggest danger for validator key holders is if those keys are stolen, because attacker in possession of the victim validator keys can produce messages infringing to security of a blockchain, which will lead to slashing the validator that incurs a large penalty (more than 1Eth per validator).Currently, it is not possible for a perpetrator in this scenario to profit from such operation, however the possibility to vandalize the ledger still exists and is the most significant risk when operating the validator keys. Thus, participation in staking usually involves consistent and well-thought security practices that prevent unauthorized access to the validator key seed. It is also important to understand that a single seed can be used to generate multiple validators; the more validators were created from a single seed, the bigger the potential impact from leaking the keys.
Besides this, other risks arise from the operation of running validators.
Client software risks
The Ethereum community often discusses the risks associated with client software diversity, which refers to having different types of software implementations. Ethereum offers various open-source validator options, and users can even create their own software. However, most users prefer established open-source options. Validator software is complex and can have bugs that lead to penalties. To minimize risk, stakers should use different validator software types to avoid simultaneous problems that could result in increased penalties for everyone, known as an "inactivity leak."
It's better for stakers to run multiple types of validators to reduce risk. Currently, Ethereum has good diversity at the consensus layer, but there's an issue with one software type dominating the execution layer. Bugs often appear in specific software versions, but Ethereum runs multiple versions simultaneously to reduce risks. Those using a service to stake Ethereum should make sure the service uses diverse software types for both main agreement and action parts of Ethereum.
Withdrawal risks
Withdrawal risks arise from possible issues with the withdrawal keys, like if they are accidentally revealed or if access to the wallet's private key (ECDSA) is lost. As of now, Ethereum lacks mechanisms to regain access to validator withdrawal once the wallet is lost. This underscores the significance of using a trustworthy wallet, maintaining backups, or relying on a reputable custody provider to safeguard the withdrawal seed. It's essential to ensure the correct wallet public key is used when setting up the validator.
At Chorus One, we operate over 8000 validators on the Ethereum Mainnet for various customers, drawing from years of experience without encountering any slashable offense. In the following sections, we'll delve into the techniques we've developed to oversee validator operations, along with the software and infrastructure controls we've implemented. These measures are aimed at minimizing risks for our customers.
Validator key security is at heart of our operation. We ensure that validator keys are never stored on disk without encryption. We utilize cloud-based Vault software, implementing zero-trust access controls, to securely store and provide validator keys to validator clients throughout their lifecycle and operation.
We employ Vault access control policies to ensure that only software clients have access to validator key content. We also segment access for different processes, ensuring that each validator client process can access only a specific set of keys. These keys are guaranteed to be unique across all processes. While generating each validator's private BLS key, we use a strong source of randomness to minimize the possibility of collisions. Furthermore, an SQL database with a unique constraint on the validator's public key field is used to ensure that generated validator keys are never reused for new validators, even if a validator is exited later.
To maintain transparency, we maintain an append-only log of all operations on the Vault storage, and we routinely review it for any anomalies. When it comes to data transfers involving validator keys, they exclusively occur through TLS encrypted channels. Additionally, backups of validator key storage are encrypted with multiple keys, requiring the authorization of multiple individuals to restore from the backup. Each mnemonic used for a validator's BLS private key is unique and exclusively assigned to that specific validator. This approach further minimizes the risk of key leakage.
For each validator client, we maintain a local slashing protection database. Additionally, we utilize the Web3Signer signing service, which employs a centralized slashing protection database. This dual-layer approach offers enhanced security. In the event of potential glitches or bugs in our cloud platform that might result in two instances of the same process running with the same local slashing protection database, the centralized Web3Signer database acts as a safeguard against double signing by our validators.
The Web3Signer centralized database is replicated across multiple data centers, ensuring redundancy and availability. An automated fail-over mechanism is also in place to address any downtime in a data center. The protective measures employed by Web3Signer to prevent double signing are depicted in the illustration below.
At the core of our infrastructure lies a network of public Ethereum nodes that actively engage in the Ethereum consensus and execution process. These nodes establish dependable infrastructure pathways that support the seamless functioning of the Ethereum network. These public nodes are strategically positioned across various geographical data centers, ensuring redundancy and reliability.
Within our validator clients, we've implemented load-balancing mechanisms. This ensures that if one of the data centers experiences an outage, our validator clients seamlessly transition to utilizing Ethereum nodes from other operational data centers.
Alongside the usual health checks for Ethereum APIs, our load-balancing strategy incorporates personalized health assessments for Ethereum nodes. For instance, if an Ethereum node's connected peers experience a sudden drop, our load balancer redirects validator traffic away from that node. This action prevents any potential issues with attestation or block propagation.
At Chorus One, we adopt a safeguard by running various implementations for both the consensus and execution layers in parallel. This approach ensures that any bugs in a single client implementation won't impact all of our nodes. The visual depiction of the infrastructure alignment between public nodes and validators is illustrated in the diagram below.
Our validator client software connects to the public Ethereum nodes, which are hosted on lightweight cloud appliances situated in proximity to the public node hosts. We maintain distinct validator client processes for different customers, ensuring that validators from separate customers don't share the same process memory.
We employ cloud automation software to facilitate automated upgrades for the client process. This includes an instant rollback feature triggered by automated health checks if any misconfiguration is detected that could potentially result in penalties.
Our infrastructure platform, Kubernetes, operates on top of public cloud providers, ensuring that only a single instance of each validator client process is active at any given time. This is achieved through the utilization of StatefulSet resources, which terminate old processes before launching new ones during restarts.
Our automated validator client updates undergo thorough testing before implementation. Updates are applied exclusively to Ethereum mainnet validators that have been rigorously evaluated and proven effective in privatenet and public testnet environments prior to deployment. The process of automated upgrades and rollbacks is visually depicted in the diagram below.
The controls and mechanisms mentioned above are sophisticated and prioritize security and safety over maintaining uptime. For instance, our validator client software integrates slashing protection to prevent signing attestation in scenarios where true double signing could occur, or if there's an issue with the centralized slashing protection database service.
Another example pertains to the potential downtime of the Vault service, which could lead to validator clients being unable to load signing keys and thus unable to sign on time. To address this, we implement continuous monitoring for all validators and the underlying infrastructure, generating automated alerts if any issues arise. To ensure comprehensive oversight, even in cases where our internal monitoring might falter, we employ a separate process of on-chain monitoring. This process involves scraping Ethereum blockchain APIs from an isolated set of public Ethereum nodes. It raises alerts if any penalties are detected with Ethereum validators.
Our team of rotating on-call engineers is available round the clock to respond to these alerts promptly and troubleshoot any potential problems with validator clients.
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 40+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.
We take a look at expected times to participate in Ethereum staking.
Ethereum protocol times are measured in epochs, with 1 epoch being 384 seconds or around 6 and a half minutes. For ease of understanding, times based on these measurements have been translated roughly into minutes, hours and days.
88,885 / 25
Source: https://beaconcha.in/
Conclusion: Staking takes at least 8 hours, but it is very likely to take a lot longer as the demand to stake grows and more validators are added to the queue (the queue at the time of writing is 88,885 validators waiting). The waiting time right now is about a month and a half.
88,885 / 25
Source: https://beaconcha.in/
Conclusion: Unstaking takes at least 25 minutes, but can vary depending on the withdrawal queue with a similar model as staking (the queue right now is 25 validators waiting and is expected to clear quite quickly). You also have a 1 day delay to access funds. So, all in all the waiting time right now is about 1 day.
* This number corresponds to the churn rate applied to the staking and withdrawal queues. For every 65,536 additional validators that are active on the Ethereum network, the number of new validators that can be activated per epoch increases by one, and the number of validator exits that can be processed per epoch also increases by one. Right now, the churn rate is 9.
Blockchain has revolutionized various industries by offering decentralized, secure, and transparent systems. However, challenges such as privacy and scalability have emerged as significant concerns. This article explores how Zero-Knowledge Proofs (ZKPs) can address these challenges and shape the future of Web3 technology.
What are zk-Proofs?
Zero-Knowledge Proofs are cryptographic protocols that allow a party to prove knowledge of a certain fact without revealing any information about it. In other words, they enable verification of the truthfulness of a statement without disclosing the underlying data. ZKPs were introduced by Shafi Goldwasser, Silvio Micali, and Charles Rackoff in the 1980s. However, it wasn’t until the development of the ZK-SNARK protocol in 2014 by a team of researchers led by Eli Ben-Sasson, that ZKPs gained significant attention for their potential applications in various fields, including the crypto space.
There are different types of Zero-Knowledge Proofs, each serving specific purposes:
Enhancing Privacy and Scalability
Zk- proofs have a profound impact on privacy. By using ZKPs, users can prove the validity of their transactions or data without revealing the sender, recipient, or the transaction amount. This feature enhances anonymity and confidentiality, making blockchain systems more appealing for applications where privacy is crucial, such as financial transactions, healthcare records, identity management, and secure voting systems..
ZKPs also enable scalability improvements by reducing the amount of data that needs to be processed and stored by blockchain nodes. This is achieved through a process called ‘batching’, where multiple transactions are combined into a single proof, reducing the computational load on the network. For example, ZKSync Era, a trustless Layer-2 protocol, is a zk rollup that scales Ethereum by using cryptographic validity proofs to provide scalable and low-cost transactions. In zkSync, computation is performed off-chain and most data is stored off-chain as well. However, all the transactions are still verified and validated on the Ethereum mainchain, ensuring that users have the same level of security as they would with regular Ethereum transactions.
The Challenges
Despite their potential, zk-Proofs face several challenges:
The Future Outlook of ZKPs
Looking ahead, we can expect advancements in zk technology that address the current challenges Some potential developments include:
ZKP’s offer a promising solution to the privacy and scalability challenges faced by current Web3 technologies. By enabling secure, private transactions, they pave the way for a future where decentralized applications can thrive while protecting user data. While challenges exist, ongoing research continues to enhance the efficiency, scalability, and usability of ZK technology, shaping the future of blockchain and its potential impact on other industries.
Our 2023 Q1 Quarterly Insights dives deeper into the different applications of zk-Proofs, presenting an introduction to the problems being tackled in the frontier. It also focuses on specific use cases, shedding light on notable teams building innovative projects that take advantage of zero-knowledge. Check it out here.
About Chorus One
Chorus One is one of the biggest institutional staking providers globally operating infrastructure for 40+ Proof-of-Stake networks including Ethereum, Cosmos, Solana, Avalanche, and Near amongst others. Since 2018, we have been at the forefront of the PoS industry and now offer easy enterprise-grade staking solutions, industry-leading research, and also invest in some of the most cutting-edge protocols through Chorus Ventures.