Vitalik’s new article: Keep On-Chain Minimalism, Don’t Overload Ethereum Consensus

Vitalik's article: Keep Ethereum Consensus Minimal

Original Title: Don’t overload Ethereum’s consensus

Original Author: Vitalik Buterin

Original Source: vitalik.ca

Translation by: Kate, MarsBit

• Amid the cryptocurrency winter, how did Worldcoin manage to secure $100 million in funding?
• Founder of GitHub’s Self-Description: 7 Pieces of Advice for Entrepreneurs
• Understanding Cascade: The First Rollup to Support IBC

Special thanks to Karl Floersch and Justin Drake for feedback and review

Ethereum’s consensus mechanism is one of the most secure cryptoeconomic systems currently in existence. Validators holding 18 million ETH (approximately $34 billion) finalize a block every 6.4 minutes, running many different protocol implementations redundantly. Furthermore, if the cryptoeconomic consensus fails, whether due to error or a deliberate 51% attack, a large community consisting of thousands of developers and many more users is watching carefully to ensure the chain recovers. Once the chain recovers, protocol rules ensure that the attacker will likely face severe penalties.

Over the years, many ideas, typically in the thought experiment phase, have been proposed for using Ethereum validators, and even Ethereum’s social consensus, for other purposes:

The Ultimate Oracle: A proposal where users can vote on which facts are true by sending ETH, using the SchellingCoin mechanism: everyone who sends ETH to vote for the majority answer proportionally receives a share of all the ETH sent to vote for the minority answer. The description continues: “So in principle this is a symmetric game. What breaks symmetry is that a) truth is a natural coordination point and more importantly b) people betting on the truth can make a credible fork of Ethereum’s thread if it goes astray.”

Re-Collateralization: A set of technologies, used by many protocols including EigenLayer, where Ethereum stakers can also deposit their stake as collateral for another protocol. In some cases, their collateral can also be slashed if they misbehave according to the rules of the other protocol. In other cases, staking is just used to vote with no rewards inside the protocol.

Recovery of L2 projects driven by L1: People have proposed on many occasions that if L2 has a bug, L1 can fork to recover it. The most recent example is the design of using an L1 soft fork to recover an L2 outage.

The purpose of this article will be to explain in detail why I believe that some subset of these technologies would pose high systemic risks to the ecosystem and should be prevented and resisted.

These proposals are usually made in good faith, so the goal is not to target individuals or projects, but rather to focus on the technology. The general rule of thumb that this article will attempt to defend is as follows: reusing validator staking for ETH is fundamentally sound, albeit with some risks, but attempting to “recruit” Ethereum’s social consensus to achieve one’s own application is impossible.

Example of the difference between reusing validators (low risk) and overloading social consensus (high risk)

— Alice creates a web3 social network where if you cryptographically prove that you control the key of an active Ethereum validator, you are automatically granted a “verified” status. Low risk.

— Bob cryptographically proves he controls the keys of 10 active Ethereum validators to prove he has enough wealth to satisfy some legal requirement. Low risk.

— Charlie claims to have disproven the Twin Prime Conjecture and claims to know the largest p such that both p and p+2 are prime. He changes his staking withdrawal address to a smart contract where anyone can submit a claimed counter-example q > p along with a proof that both q and q+2 are primes using a SNARK. If someone submits a valid claim, Bob’s validator will be forced to exit and the submitter will get Bob’s remaining ETH. Low risk.

— Dogecoin decides to switch to proof of stake (POS) and, to increase the size of its security pool, allows Ethereum stakers to “double stake” and join its validator set at the same time. To do this, Ethereum stakers must change their staking withdrawal address to a smart contract where anyone can submit a proof that they violated Dogecoin’s staking rules. If someone submits such a proof, the staker’s validator will be forced to exit and their remaining ETH will be used to buy and burn DOGE. Low risk.

— eCash follows the same approach as Dogecoin, but the project leader further announces that if a majority of Ethereum validators participating in eCash transactions collude to audit them, they expect the Ethereum community to delete these validators through a hard fork. They believe that doing so would be in Ethereum’s interest because these validators have been proven to be malicious and unreliable. High risk.

– Fred created an ETH/USD price oracle that allows Ethereum validators to participate and vote. There are no incentives. Low risk.

– George created an ETH/USD price oracle that allows ETH holders to participate and vote. To prevent laziness and secret bribes, they added an incentive mechanism in which participants whose answers are within 1% of the median answer will receive 1% of the ETH from any participant whose answer is more than 1% above the median answer. When asked “What if someone can credibly bribe all participants to start submitting wrong answers, so that the honest ones lose 10 million ETH?” George replied that Ethereum would have to distribute the money from the bad participants. High risk.

• George clearly does not answer. Medium-high risk (because the project may generate an incentive to attempt this fork, so it is expected to be attempted even without formal encouragement)

• George replied, “So the attacker wins, and we will stop using this oracle.” Medium-low risk (not very “low” because the mechanism does create a large group of participants who may be incentivized to independently advocate for a fork to protect their deposits in a 51% attack)

– Hermione created a successful Layer 2 and believes that because her Layer 2 is the largest, it is inherently the safest, because if a bug causes funds to be stolen, the losses will be so great that the community will have no choice but to fork to recover user funds. High risk .

If you are designing a protocol where even if everything completely collapses, the losses are contained to validators and users who choose to participate and use your protocol, this is low risk. On the other hand, if you plan to seek social consensus in the broader Ethereum ecosystem to solve your problems through forks or reorganizations, this is high risk, and I think we should strongly resist all attempts to create such expectations.

One intermediate area is where participants start in the low-risk category, but are provided with incentives to slide into the high-risk category; SchellingCoin-style technology, particularly with heavy penalties for deviating from the majority, is a prime example.

So, what are the problems with extending Ethereum’s consensus?

It is now 2025. Frustrated with existing choices, a group decides to make a new ETH/USD price oracle that works by allowing validators to vote on the price every hour. If you vote, you unconditionally receive a portion of the fee as a reward from the system. But soon participants become lazy: they connect to centralized APIs and either drop out or start reporting erroneous values when those APIs are under attack. To solve this problem, an incentive mechanism is introduced: the oracle also retroactively votes on the price from a week ago, and if your (real-time or retroactive) vote deviates by more than 1% from the median of the retroactive votes, you are severely punished, with the punished party being those who voted “correctly”.

Within a year, over 90% of validators are participating. Someone asks: what if Lido and a few other large stakers band together to mount a 51% attack on the vote, forcing through a false ETH/USD price that heavily penalizes everyone who didn’t participate in the attack? Backers of the oracle, who have invested heavily in the scheme, answer: well, if that happens, Ethereum will definitely fork and kick out the bad guys.

Initially, the scheme is limited to ETH/USD, and it appears to be flexible and stable. But over time, other indexes are added: ETH/EUR, ETH/CNY, and finally exchange rates for all the countries in the G20.

But in 2034, things start to go wrong. Brazil experiences an unexpected and severe political crisis that leads to a controversial election. One party ends up controlling the capital and 75% of the country, but another party ends up controlling some northern regions. Western mainstream media concludes that the northern party was obviously the legitimate winner because its behavior was legal, while the southern party’s behavior was illegal (incidentally, they were fascists). Indian and Chinese official sources, as well as Elon Musk, believe that the southern party actually controlled most of the country and that the international community should not try to be the world’s policeman, but should accept the result.

At this point, Brazil has a CBDC that forks into two: (north) BRL-N, and (south) BRL-S. When voting on a oracle, 60% of Ethereum stakers provide the ratio for ETH/BRL-S. Major community leaders and enterprises condemn the crazy submission of the stakers to fascism, and propose forking the chain to only include the “good stakers” who provide the ETH/BRL-N ratio and drain the balance of other stakers to near zero. In their social media bubble, they think they will obviously win. However, once forked, the BRL-S side is proved to be unexpectedly strong. Their expected overwhelming victory is instead proved to be fifty-fifty for the community.

At this point, both sides are in their own two universes, with their own two chains, and there is no practical way to get back together. Ethereum, the global permissionless platform, partly created to evade national and geopolitical problems, is ultimately split in half by an unexpected severe internal problem from any one of the 20 G20 members.

Your story is great. It could even be made into a good movie. But what can we really learn from it?

The “purity” of the blockchain, that it is a pure mathematical structure that only attempts to reach consensus on pure mathematical things, is a huge advantage. Once the blockchain tries to “hook up” with the outside world, the conflicts of the outside world will also begin to affect the blockchain. Consider a sufficiently extreme political event – in fact, not even that extreme a political event, considering that the above story is basically a collage of events that actually happened in major (>25 million population) countries over the past decade – even benign events like a currency oracle can tear the community apart.

Here are some possible scenarios:

– One of the currencies tracked by the oracle (possibly even the US dollar) simply becomes overinflated, the market crashes, and there is no clear specific market price at some points in time.

– If Ethereum adds a price oracle for another cryptocurrency, then a controversial split like the one in the above story is not a hypothetical: it has already happened, including in the histories of Bitcoin and Ethereum themselves.

Conclusion

The social consensus of the blockchain community is a fragile thing. It is necessary – because upgrades happen, bugs happen, 51% attacks are always possible – but because it has a high risk of causing chain splits, it should be used with caution in mature communities. There is a natural impulse to try to expand the core of the blockchain with more and more functionality, because the core of the blockchain has the greatest economic weight and the largest community watching it, but each such expansion makes the core itself more fragile.

We should be wary of application-layer projects that adopt strategies that may expand the “scope” of blockchain consensus beyond verifying Ethereum core protocol rules. It is natural for application-layer projects to try such strategies, and in fact such ideas are often conceived simply without awareness of the risks, but their results can easily become very inconsistent with the goals of the entire community. Such a process has no limiting principle and can easily lead to the blockchain community having more and more “tasks” over time, pushing it into a disturbing choice between high-risk splits every year or some kind of de facto formal bureaucratic chain of ultimate control.

Instead, we should preserve minimalist on-chainism, support the use of re-pointing that does not act like an extension of Ethereum consensus, and help developers find alternative strategies to achieve their security goals.

Note: Blocking all articles only represents the author’s point of view and does not constitute investment advice

Original link: https://www.bitpush.news/articles/4422668

We will continue to update Blocking; if you have any questions or suggestions, please contact us!