The risks and rewards of extending ethereum's security to other chains
Ethereum restaking has quickly taken the spotlight as the next big advancement in blockchain security and programability. But what exactly is restaking?
We sat with Sreeram Kannan, CEO and founder of EigenLayer, the Ethereum platform that is spearheading the concept of restaking. Through a series of smart contracts, EigenLayer offers ETH stakers the capability to validate and secure various other networks and services on Ethereum through the rehypothecation of staked ETH in a processes known as restaking.
The following is a summary of Blocknative’s interview with EigenLayer where we discussed:
- What is restaking and why do it
- How EigenLayer works
- How it extends Ethereum's security to other chains
- Risks and rewards
- Guard rails
- New business models
For a deeper dive, we recommend listening to whole interview on Twitter: https://twitter.com/blocknative/status/1694756608666918988
What is restaking?
Strictly speaking, “restaking” has become short hand for “permissionless programmable staking”. To fully understand restaking, we must first answer the question, “what is staking?”
Staking is essentially locking up money (in the case of Ethereum this would be ETH) and committing to validating Ethereum blocks according to rules dictated by the Ethereum protocol. If you violate the rules, you risk losing your stake through penalties.
Now, imagine that for a new service that you may want to build you need not only the core functionality offered by Ethereum but also direct access into the decentralized network. You want to use Ethereum block space (using Ethereum natively) and you want to specify what each of the N nodes in the network should be doing. You want to create and operate your own decentralized software service. So if you want to do this, you have to go find your own decentralized trust network. This is a major problem and one I've come across firsthand as an innovator trying to come up with new kinds of consensus and scaling protocols.
EigenLayer was conceived as a solution to this problem through what is often referred to as “restaking”. EigenLayeris permissionless programmable staking. It is a staking program where you're making a commitment to validate Ethereum blocks and you're also making other programmable commitments. This programability is completely permissionless, so anybody can create new covenants so that when you’re validating Ethereum blocks, you're also following other rules for other protocols that you're also helping provide services to.
This all lends to the concept of shared security. We have a decentralized trust network in Ethereum, which secures Ethereum block production—but the same network can also function to provide other services. EigenLayer enables the sharing of this decentralized trust network to provide a security network across a variety of use cases.
What is decentralized trust?
In decentralized networks, participants trust the system for secure, precise, and consistent operations without the need for a central authority. EigenLayer endeavors to establish a decentralized trust marketplace by harnessing Ethereum's inherent decentralized trust and making its components accessible to all interested parties.
Lets explore the three dimensions to decentralized trust:
- Decentralization itself
- Economic trust
- Shared security
The most obvious dimension of decentralized trust is probably decentralization itself. Suppose I have a secret and I want to spread it among N nodes. And in this example there is a recurring condition of “don't reveal it for one week, and after one week you can reveal it to anybody”. To do this, you could use standard cryptographic methods to split the data into ways that N nodes sort out and unless a majority of them collude, nobody will be able to read the whole dataset.
In this example, you’d want to have a decentralized trust network because you need N distinct parties. So this is an example where, if you want to build a new service, which has this sort of structure, you need the N parties to be distinct and decentralized.
Another aspect of decentralized trust is the economic trust. Economic trust is different from decentralization as the source of trust–with economic trust someone has to put up $1 billion collateral and make a promise that this is a valid block. Now, if that block turned out to be invalid, we know we can impose a negative penalty on this $1 billion, and maybe even compensate the victims with this $1 billion that is slashed. So economic trust is the second form of trust that is needed in a decentralized trust network.
Economic trust is invariant to decentralization. If you just save this axis, it doesn't matter whether 1 million people each put up $1,000 or one person puts up $1 billion sinceall of them lead to the same economic consequences: if this system misbehaves, you can slash $1 billion. This is the second dimension of trust: economic trust.
Most protocols use some aspects of decentralization and some aspects of economic trust. For example, in the Ethereum protocol, safety –which is the correctness of the block– comes from economic trust and liveness–which is the continued production of blocks– and censorship resistence comes from decentralization.
EigenLayer is a shared security system–we are sharing Ethereum security with other protocols. Under this permisonless programmable staking you can start modulating certain free parameters in the Ethereum protocol itself because the nodes are making original promises. For example, transaction ordering is an open dimension in the Ethereum protocol. You can order transactions whichever way you want and it's not constrained by in-protocol conditions.
Suppose somebody wants to build an adapter that says “I want to enable nodes to promise that they are producing blocks in a certain way”. Maybe they're using an encrypted mempool or some other subset of things. The block proposers make a credible promise that they are sticking to the certain rules of ordering for the Ethereum protocol and also adding on additional constraints to make credible commitments to their users that they will not deviate from. This enables us to experiment with features that can potentially be added to the Ethereum protocol on an opt-in manner and can be tried and tested before incorporation into the Ethereum protocol.
So these are the three distinct ways in which one can use EigenLayer. Typically, there are combinations of these different dimensions that are needed for different use cases.
What are partial block auctions and how do they work?
Right now block proposers give up the entire right to make the block to block builders, selling the block space in a whole block auction to the highest bidder. Even if the block proposal network is highly decentralized, proposers don't have any agency to interpret transactions because they are going to block auctions to get the most economic value.
To fix this, we could do something like a partial block auction. Suppose the block proposal only wants to sell the first 70% of the block to the highest bidder and retain the right to fill up the rest of the block themself. More complex partial block auctions could involve selling portions of the block to many different builders, with different objectives.
If you want to make a promise like partial block auctions, you need the block proposer to be able to make a credible commitment. If it tells builder one that it is going to incorporate its transactions in the first portion of the block it must happen. But what if the block proposer gets the partial block from the builder and violates the covenant that it made? You need some mechanism to then be able to slash a block proposer. EigenLayer provides this by enabling additional slashing conditions into the protocol.
How does EigenLayer enable encrypted mempools?
There have been a lot of discussions in the Ethereum community over whether encrypted mempools are a good idea or not. But, instead of trying to create encrypted mempools enmasse, where everybody needs to be operating in a single encrypted mempool, EigenLayer enables a situation where a bunch of block proposers could come up and say “hey, we are operating a subset of the block space that we're dedicating to this encrypted mempool”.
Off-chain, the block proposer may sign off on the encrypted transactions going on in the mempool. And when they're signing off on it, they will say, “we'll include it in this block”, and they are obliged to include it in that block. If they don't, then they'll get slashed.
How else can EigenLayer enable programmability on Ethereum?
Another popular example use case for EigenLayer is event driven actions. For example, if the price of “X” asset falls below a certain value, then you can trigger some given action based on that event like a swap. Or, a block builder makes a promise a priori that whenever a specified event happens, they will ensure that it triggers a particular transaction to go on-chain as a result.
What role do relays have in the context of restaking?
One of the problems people raise when I talk about proposer commitments is that proposers are making many complex kinds of commitments, whether that is event driven actions, partial block auctions, or something else, and all these commitments require additional work on the proposer’s side. But the problem is they don't have enough computational power to actually verify if all these different conditions have been met. So, in this case, we just need communication semantics that can explain to the block builder that these commitments have been made by the proposer. Then, it's up to the builder when they're building a block to comply to them. This is essentially an expansion of the MEV-boost architecture.
The block builder will know who the proposer is and what commitments they have made. For the block to be accepted by the block proposer it must comply with these commitments. Relays can be used to verify that the builder has kept the commitments before forwarding the block to the proposer. This reduces the burdens that are on the proposer, enabling them to make credible commitments.
How will restaking and EigenLayer affect the MEV landscape?
We see a lot of experimentation with more modular MEV management. For example, it's possible to build a modular MEV solution where a portion of a block is kept for some specified action, another portion is sold on an auction, another is kept for threshold encryption, another is kept for proposer censorship resistance, and so on and so forth. You can actually divide the block into various lanes and then have a market mechanism, which EigenLayer would mediate between, based on how much demand there is for all these different types of commitments.
One of the ways we are already seeing EigenLayer used in the MEV landscape is through the Ethereum Foundation's research called PEPC.
What is PEPC on Ethereum?
Protocol-enforced proposer commitments or PEPC—pronounced “Pepsi”—is a framework that builds upon EigenLayer’s approach to enabling Ethereum validators to make external commitments without requiring changes to the existing consensus algorithm.
A limitation on proposer commitments on EigenLayer is that the commitments follow optimistic enforcement: meaning proposers are slashed if they don’t follow through with their commitments. That's the economic liability that's on the line. PEPC, on the other hand, follows a pessimistic enforcement approach, where a block that violates a commitment will be considered an invalid block by the network.
This becomes super interesting because if a proposer makes a commitment and does not keep it then that block will be considered invalid. This is a very interesting addition to the core structure of the protocol. For example, if a proposer says it's going to include an encrypted transaction and doesn't do it then it is invalidated. If the proposer doesn't hold to the commitment, it's not even going to be able to make a valid block, whereas in the EigenLayer case you can only say that there is the potential for a 32 ETH penalty if a proposer dosn’t uphold its commitment.
What’s in the future for EigenLayer now that you’ve launched on Mainnet?
EigenLayer is a multi-sided coordination marketplace where stakers, operators, and services come together. We are launching the system in a phased approach. The first phase we have stakers participate in the protocol. The second phase we will have node operators where stakers can either be node operators or they can delegate their stake to a node operator. In this second phase node operators will be running a service. And then in the third phase general services will be able to launch on EigenLayer.
We are on Mainnet for the first phase of staking. We are taking a careful approach so that we remain as secure as possible so that we have very strong TVL cap that we're slowly raising as we develop more confidence and security measures that have been built with a protocol. An alpha version of EigenLayer will also launch for the next phase which we expect to be on testnet in a couple of months.
Continue the conversation
If you have any questions on EigenLayer or restaking, join the conversation on Twitter.
Master the Mempool today.
Blocknative's proven & powerful enterprise-grade infrastructure makes it easy for builders and traders to work with mempool data.Start for free