[ad_1]
By Anthony Georgiades, co-founder of Pastel Network
Ethereum has been deemed one of the most popular blockchains in the world, housing over 3,000 decentralized applications and welcoming over 400k daily active users. The recent Ethereum Merge proved to be one of the most pivotal moments for the blockchain since its fork in 2016. For this reason, and because it will help onboard more users to Web3 and blockchain, its transition from a Proof-of-Work (PoW) consensus mechanism to Proof-of-Stake (PoS) was widely anticipated and generated endless speculation.
A prominent topic of conversation among experts was how the Merge would impact Ethereum’s security given that PoW has proven to be more secure and decentralized in practice (see: Bitcoin), which requires real world energy input from miners (in the form of hashes). However, Ethereum developers’ thoughtful design and tenacity in providing a secure transition meant that the network succeeded in shifting to a new model without compromising network safety. To be sure, the Ethereum Foundation has iterated over multiple PoS since 2018. Unfortunately, the rise of third-party staking protocols in response to the very requirements that were meant to safeguard the system threaten its decentralization.
Ethereum’s PoS model does not offer delegated staking, unlike many other PoS-based chains.
Delegated proof of stake (“DPoS”) has become a widely used evolution of the traditional PoS consensus mechanism in many popular layer-1 networks such as Solana and Avalanche. In DPoS networks, users are able to ‘bond’ their stake to existing validator nodes. These delegated nodes effectively validate and produce blocks, and are responsible for maintaining the integrity and security of the overall blockchain. In return, the validator nodes and their respective delegates earn a yield (i.e., the block reward) on their stake for each block they produce. DPoS has made it easier for consumers and retail investors to participate in network consensus, with ‘delegation’ occurring with as much ease as clicking a button.
However, DPoS has resulted in the formation of ‘cartels’ that have pseudo network control, engendering concerns around network centralization and censorship. Given that large institutions have more access to resources, such as capital and hardware, they are able to gain a massive amount of network delegation meaning staking providers, third-party centralized exchanges, and various funds end up with a skewed share of network control.
For example, in Solana the top 30 validators control nearly 34% of all delegated stake on the network, giving them a large share of network control.
Ethereum’s consensus requirements combat DPoS security concerns.
Ethereum’s PoS requires that users deploy their own validator node directly and self-stake exactly 32 ETH per validator node. This limit should, in theory, result in a much larger pool of diversified, decentralized validators across the network.
Rather than, say, 30 validators running 30 large servers and aggregating delegation as in DPoS models, there should in essence be thousands or millions of validators each offering their own isolated and dedicated computational resources to the network. A greater number of validators translates into greater decentralization and therefore, greater security.
In order to exploit the network, hackers would need to both acquire a majority (51%) of all staked ETH (which is over $17bn as of writing) and stake it across an exorbitant number of individual validators. Given the 32 ETH self-stake, there cannot be any single or small group of validor nodes who collectively control a majority of the network at one time. Furthermore, stakers are kept honest through a concept known as slashing, where hostile validators see their ether get destroyed. The aforementioned points, through both economic and technical limitations, render 51% attacks almost impossible—in theory.
Major questions remain around Ethereum’s security post-Merge.
32 ETH is quite expensive for most retail investors, and technical requirements of running a Validator are significant barriers to entry. In order to allow users to participate in block validation and earn rewards, liquid staking solutions such as Lido and off-chain providers like Coinbase have emerged that allow investors to stake smaller amounts of ETH. Users can essentially stake any amount of ETH, which is pooled together in batches of 32 ETH and deployed across validators operated by these third-party providers.
However, the growth in popularity of staking pools poses an existential threat to the network’s decentralization. For example, popular staking provider Lido now accounts for roughly 30% of all ETH deposits and over 134K validators, giving it the lion’s share of staking dominance. This raises the risk of excessive influence over network governance which can lead to the threat of exceeding critical consensus thresholds (e.g., 33% or 50%), coordinated MEV extraction, block-production manipulation, and overall censorship. In other words, centralization is creeping back in.
The once theoretical and potentially economically unfeasible 51% and sybil attacks in Ethereum’s PoS model are now very real. Today, over 52% of staked ETH resides across the top three services providers–Lido, Coinbase, and Kraken-each of which are directly or indirectly under U.S. jurisdiction. The risk is that external pressure from U.S. authorities or corporations towards these centralized service providers can result in censorship at the protocol level (recall that this is now made possible in PoS, since such providers operate the validators who are responsible for block production).
In theory, there is a way to discourage such attacks on the network and combat this security vulnerability. Slashing by consensus is a process in which a validator loses a portion of its staked tokens and anyone who was nominating that validator when the slash occurred would also lose their tokens. Basically, if a validator were to show malicious behavior or censor transactions, a certain percentage of their tokens would get slashed, forcing them to reevaluate their bad actions and rendering their attack economically unachievable over the long-term.
However, in actuality today consensus exists across a smaller number of large centralized groups and not with the majority of Ethereum users. Validators controlled by centralized providers would rather run the risk of being slashed than fighting against government entities, while conversely users who have staked their ETH with such providers would not want to risk slashing their own assets in the name of censorship resistance. Lastly, ETH users and nodes that do wish to uphold the integrity of the network are able to initiate a user-activated soft fork (“UASF”). However, this would come at the expense of losing nearly all of the dApp level activity and DeFi infrastructure that is being built on Ethereum, making the new forked chain worthless.
Is there a true solution to combating such attacks, vulnerabilities, and censorship at the protocol level? Is a pure PoS model the future of decentralized blockchains, or did recent engineering decisions made by the community set the Ethereum network up for inevitable capture?
About the author:
Anthony Georgiades is co-founder of Pastel Network, a fully decentralized, developer-friendly layer-1 blockchain serving as the preeminent protocol standard for non-fungible tokens (“NFTs”) and Web3 technology. While performing his duties as President, Anthony is also a General Partner at Innovating Capital, a technology fund focused on disruptive companies and digital assets that has incubated Pastel Network since day one. Anthony previously spent time on the investment team at First Round Capital and on the operations teams of various startups. He studied finance, management, and computer science at the University of Pennsylvania’s Wharton and engineering schools.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.
[ad_2]
Source link
