By Danny Huang, IOSG Ventures

 

On June 3, Solana founder Anatoly and Ethereum Foundation researcher Justin mentioned the issue of economic security in a debate organized by Bankless. Toly believed that economic security was a meme, which triggered subsequent discussions among many bilateral KOLs.

The overall discussion is rather fragmented, so we will simply organize and analyze it from Toly's point of view.

1. Toly’s Logic

  • Due to the existence of centralized staking services, the cost of acquiring 33% of nodes for attack is much less than the actual staking value.

  • The POS chain with a very small pledge economy has never been attacked, which means that the security of the POS network is guaranteed by the operating mechanism of the distributed network.

  • Even if an attack occurs, it can be quickly recovered through the network social layer, preventing the attacker from gaining value higher than the cost.

  • The social layer recovery may cause a temporary loss of network activity, but this effect is insignificant

Therefore, he concluded that economic security is a meme for POS networks, and Ethereum's security comes from excellent engineering design, node distribution, and client diversity.

Subsequently, KOLs from both communities expressed their opinions on economic security, but it was difficult to reach a conclusion. Let us try to clarify the proposition, analyze the arguments and provide evidence.

2. Is economic security a meme?

Before discussing this, we need to clarify the definitions and transmission relationships of staking, economic security, Ethereum security, and shared security. These four terms are often used interchangeably in many discussions.

The following figure attempts to describe the relationship between them. Part of the pledged ETH becomes economic security. Economic security and other security factors together constitute Ethereum security, and Ethereum security is partly used by AVS as a shared security service.

Source: IOSG

Toly's first argument is that the security effect of staking on the POS chain to prevent attacks is far less than the value of the stake. To verify this, we need to know how much of the staked ETH has been converted into Ethereum security.

The relationship between staking -> economic security -> Ethereum security

Currently, 33m ETH is staked, with a market value of nearly $120b. Is all this large amount of staked ETH equally effective as economic security?

Before that, let's review the "attack" that is relative to security. There are two types of attacks that we mainly consider:

  • If the number of nodes exceeds 33%, theoretically a double-signature attack can be launched or the network can be brought to a standstill.

  • >50% of the nodes can review the transaction and initiate a short-range reorganization.

Theoretically, there are two ways to obtain 33%/51% of the nodes:

  • Run a new node

  • Controlling existing nodes

In the first case, given that new nodes need to queue up to enter the network, adding more than 33% of validators will take hundreds of days, which is almost impossible to achieve.

In the second case, Toly believes that due to the existence of the LST protocol and centralized staking services, the cost of acquiring 33% of the nodes for attack is much less than the staked amount. In essence, the cost here is the cost of attacking/bribing the liquidity staking protocol or centralized staking service provider rather than the cost of funds.

Let’s take a look at the current status of staking in liquid staking protocols and centralized staking service providers. Currently, Liquid Staking accounts for nearly 33% of the staking ratio, and centralized service providers such as CEX account for 24.4%, which is quite close to the threshold of 33%.

Source: hildobby - Dune Analytic

For CEX, the proportion may increase further with the passage of Ethereum ETF - Coinbase is often used as a fund custodian in Bitcoin ETFs.

Source: Maximum Viable Security: A New Framing for Ethereum Issuance

The degree of centralization of CEX staking is very high. Coinbase even created a sequence where eight consecutive blocks came from its own validators. This will only intensify with the passage of ETFs in the future. Such a degree of centralization makes this part not only uncontributory to economic security, but even has side effects.

Source: IOSG Ventures

Liquidity Staking

Overall, Lido, as the leading protocol, controls nearly 1/3 of the staked ETH, which means that from the perspective of the protocol, the Nakamoto coefficient has dropped to 1 (only one protocol is needed to attack the entire network).

Compared with CEX, liquidity staking is good in that it alleviates centralization in different ways, including DAO governance, dual token governance, Lido's DVT and Rocket pool's Mini pool for service provider selection. The HHI index drawn by Steakhouse is used to measure the degree of centralization of Ethereum staking (in a sense, it represents the efficiency of converting the staking amount into economic security), where HHI Lido Real means that Lido has decentralized governance, HHI Lido Single means that Lido has not decentralized governance, and HHI No Lido means that Lido does not exist. We can see that when Lido is actively governing (blue line), it promotes the centralization of staking.

Source: steakhouse - Dune Analytic

We further analyze the changes in the HHI index. When the proportion of ETH in the total supply reaches 11%, that is, around August 2022, when the supply is 120m, the marginal utility of decentralized growth calculated by HHI begins to weaken significantly. We believe that "staking saturation" has occurred at this time - that is, the decentralized improvement brought by the newly added staked amount has weakened significantly.

Source: IOSG

We found that in either case, an increase in the number of pledges will have a positive effect on the degree of decentralization of the pledge, but the marginal utility (0.9%) brought by the liquidity pledge protocol that actively conducts decentralized governance is more obvious, and it still has a relatively good marginal utility after the pledge is relatively saturated (0.8%).

Source: IOSG Ventures

Since the total amount of Ethereum staked is constantly increasing, this means that economic security may still be in a slow but continuous growth.

Source: hildobby - Dune Analytic

Next, let’s look at Solo Stakers. This group contributes the most to decentralization because each person adds a geographically/socially independent validator. However, currently, individual staking is at a disadvantage to centralized staking, mainly due to the cost structure of individual stakers.

Source: IOSG Ventures

Due to the higher proportion of fixed costs, independent stakers (and small node operators) are more sensitive to changes in staking rewards than large node operators. The Ethereum Foundation currently hopes to reduce the future issuance rate, which means that independent validators will face more severe competition.

Source: IOSG Ventures

Therefore, we can see that for the same amount of pledge, centralized service providers, liquidity pledge protocols, and individual pledgers have different contributions to economic security. The specific differences are difficult to quantify, but we can draw the following conclusions:

1. As the amount of pledge increases

  • Centralized staking service providers have a negative impact on economic security;

  • Actively governed liquidity staking protocols play a positive role but have low marginal benefits;

  • Individual validators play a high positive role;

2. With the approval of ETF, the degree of staking centralization will increase

3. As issuance adjusts, independent validators’ disadvantages increase

Source: IOSG

In addition to economic security, social layer defense and user-initiated forks are the two main defense methods of the POS chain.

Ethereum is closely watched by thousands of developers and communities at all times. If any attack occurs, the observed nodes will issue a warning, and the social level will respond quickly to ensure network recovery. When facing attacks from outside the system (such as government-level censorship attacks or Ethereum system vulnerabilities, etc.), user-led forks are the ultimate defense, but the disadvantage is that the network activity will be temporarily lost.

So, how do we understand the actual contribution of economic security to security? In fact, we can use this perspective to value ETH through the security expectation demand model provided by Kunal. If the price of Ethereum is regarded as the demand for economic security, then by comparing the total market value of the pledged assets and the economic activity capacity of Ethereum, we can roughly see the market's assessment of the proportion of economic security to total security capacity. According to calculations, this proportion is currently around 50%.

3. Economic security is a meme to a certain extent. Is it a bad thing?

In Toly's context, meme refers more to "exaggerated propaganda slogans", and he believes that the effect of economic security actually exceeds current needs.

After the utility analysis in the first part, we can actually find that this sentence is basically correct.

  • Economic security actually plays a smaller role than the pledged value

  • Centralized staking service providers do not necessarily promote security; staking from liquidity staking protocols currently has very little marginal impact on security.

  • Deterrent measures such as social defense are currently effective

So what is Ethereum’s motivation for still promoting economic security?

  • Network activity

First of all, the biggest difference between having economic security and not having it is the impact on network activity. Ethereum aims to become a world-class asset settlement layer, which means institutional-level trust. Any short-term downtime will have an impact on Ethereum's reputation at this level. But for Solana, the post-destruction reconstruction of the social layer is very effective - people will only think that Solana's restart and reorganization are normal things, because Solana has never advertised itself as a blockchain that does not go down or reorganize.

  • User awareness

Secondly, there is certainly a marketing motivation. Toly’s denial of economic security as a marketing tool is based on Luna’s example, showing that staking economic security may lead to incorrect security marketing. The problem with this is that users who have a demand for security will not seek security attributes from Luna. And Toly is right in that economic security is indeed a better promotional indicator than other attributes.

For users, especially institutions, specific economic security numbers are easier to accept. When users cannot feel the security of the network, a margin number is the best anchor. This number is 33m ETH for ETH and 337m SOL for Solana.

Source: IOSG

4. What does the future of economic security look like?

So far, we can basically see that the development of economic security, as part of Ethereum's long-term strategy, has indeed gone through a stage of staking saturation and generated overflow security.

At the same time, the staking of centralized staking service providers, liquid staking protocols, and independent validators plays very different roles. Let's review: centralized staking service providers have no positive effect on network security, and with the passage of ETFs, the increase in the proportion of centralized staking service providers is inevitable. Liquidity staking protocols can promote network security through more reasonable governance, but the effect has gradually decreased. The increase in individual validators has made the greatest contribution to the network, but it is currently facing disadvantages in cost structure, and the disadvantages will become more obvious with the adjustment of Ethereum issuance and staking curve.

Based on this, some obvious directions for development would be

4.1 More refined pledge amount design

Stakesure, proposed by Sreeram and others, aims to transform economic security from a rough measure of the entire protocol package to a form of insurance that calculates each user's expected loss in the event of an attack. This means that once an attack occurs, the funds confiscated by the validator will just cover the losses of all users.

This method of quantifying the amount of stake from the user's perspective rather than the attacker's perspective can more effectively measure the demand for economic security and use economic security more efficiently. Naturally, it also has a stronger demand for infrastructure, which is also the direction we are constantly exploring.

4.2 Encouragement for Independent Validators

The importance of independent validators is self-evident. In essence, the number and distribution of independent validators fully represent the network's ability to resist censorship. For now, the absence of independent validators will not affect the operation of the network (such as Solana). But in the long run, if you want to achieve the vision of "autonomy", promoting the growth of the independent validator network is an important but not urgent matter for Ethereum.

The disadvantage of marginal costs for individual stakers is difficult to change. We have seen attempts by people like 0xMaki to label independent validators and give them additional incentives similar to Merge mining. We believe in and are also paying attention to the innovations that continue to emerge at this level.

Source: IOSG

4.3 Evolution of POS

Initially, the doubts about Ethereum's transformation to POS included defining it as a class-based network where only large users have the right to speak. If we regard independent validators as individual users and centralized staking service providers as large users, we will find that the ETH flowing into the liquidity staking protocol has essentially gradually escaped from the POS binary framework.

The liquidity pledge agreement itself is the product of the contradiction between security needs and liquidity needs. This has also led to a discussion within the liquidity pledge agreement on how to enhance the decentralization of governance with a very cautious attitude. This has actually sprouted many discussions and exercises on alienated consensus mechanisms based on POS, including dual governance, proof of authority, and proof of governance. This model aims to govern the validator network and select validators through a more efficient mechanism without giving up the security effect of decentralization.

Source: IOSG

Thinking about this aspect actually encourages us to work backwards from the end. What will Ethereum POS look like in the end? For example, due to the absolute cost structure advantage, 100% of Ethereum is stored in Lido - dual governance of tokens is essential here; or through some kind of governance supervision method, to ensure that the selected nodes can operate in a reliable manner... In the conception of many industry thinkers, the Proof of Authority & Proof of Governance model that relies on community governance and entity reputation will be the end of POS.

We believe that the liquidity pledge protocol that actively explores this aspect will go further and even become an integral part of the Ethereum consensus mechanism in the future. At the same time, we also see that new attempts at POS are constantly emerging in the Cosmos ecosystem, which will also be a direction we will focus on.

4.4 Exploration beyond POS

The essence of economic security is to ensure that nodes do not do evil, not the staking behavior itself. All the security solutions we are currently exploring are still centered around a simple game mechanism of POS staking and confiscation, but in fact, we have seen that some protocols have begun to explore new consensus mechanisms, trying to maintain the security of the network at a lower cost or even without the need for economic security.

The transition from POW to POS has brought about a lot of paradigm innovations, and the next industry opportunity may be hidden in another change in the consensus mechanism.

5. Final Thoughts

In a sense, Toly is right to say that economic security is a meme, because Ethereum’s current economic security conversion rate is indeed getting lower and lower, and other levels of security are also strong enough. But this does not affect Ethereum’s demand for economic security. As part of the security component, economic security can protect the activity of the network, and it is the form of security that users can most directly feel, and it can also best protect the core value of Ethereum.

But in any case, this period of review has indeed made everyone think about how to better move towards the end, including the adjustment of the pledge issuance curve, the incentives for individual pledgers, the new governance model, the new consensus model, and the development of shared security.

Obviously, we are still in the infrastructure construction stage. Nick Szabo proposed that the value of blockchain lies in social scalability. Kyle Samani explained it as that when we enter a building, we don’t worry about the safety of the building first, but often start to use the various facilities in the building with peace of mind. Therefore, it seems that the social trust cost of Ethereum is still very high. When the day comes when we no longer need to delve into security issues, but assume that Ethereum or other infrastructure can be trusted, it means that we are almost there.