Exploring risk ratings in the blockchain world.
Written by: imToken
Ethereum founder Vitalik Buterin once articulated such a thought suggestion in his blog post 'Making Ethereum alignment legible': regarding decentralization and security, it is essential to minimize reliance on centralized infrastructure and minimize loopholes for censorship. For this, we can test and assess methods such as the 'Walk Away Test' and 'Internal Attack Test'.
Among them, the 'Internal Attack Test' refers to autonomously attacking the system to observe how much harm it can cause, thereby discovering vulnerabilities; while the 'Walk Away Test' is a relatively new thinking tool used to check the degree of dependence on centralization of projects and networks, which can become a key test for assessing decentralized projects and can be refined and upgraded into a risk rating tool.
For the original text of 'Making Ethereum alignment legible', please refer to:
https://vitalik.eth.limo/general/2024/09/28/alignment.html
What is the 'Walk Away Test'?
If your team and server disappeared tomorrow, would your application still work?
This is the core testing idea of the 'Walk Away Test' — a thinking tool that can be used to evaluate whether a Web3 project, platform, or protocol has real independent operational capabilities and sustainable development value.
The 'Walk Away Test' is closely related to the technical philosophical concepts of decentralization and autonomy in blockchain, and the thinking directions that this test can derive include:
On project development:
If the development team disbands, can the project still operate independently?
Is there an active community that can take over the project after the team leaves?
Is the project's code open source and able to attract developers to continue improving?
Are there decentralized validating nodes to protect the network, or enough community support to maintain development?
On the economic model:
Does the project have a sustainable operational economic model?
Does the project have sustainable application scenarios?
Does the appreciation of assets on the project essentially depend on speculative manipulation or centralized control?
On community governance:
Do all parties involved in the project have a fair way to participate in decision-making?
Can the project initiate decision-making mechanisms and solve problems without clearly defined core managers?
Does the project have to rely on a few core members for governance, or does it have a broader basis for collective decision-making?
Why is the 'Walk Away Test' important?
If a project relies too heavily on the founding team or certain key personnel to operate; if a network must depend on a fixed server to process data, then it is essentially still centralized, and the long-term survival capabilities, value, and even censorship resistance and risk resilience of the project or network may be called into question.
The importance of the 'Walk Away Test' lies in its ability to uncover the actual degree of dependence on centralized infrastructure of a project or network, allowing for effective improvements, based on the firm philosophical idea of 'decentralization'.
In 2017, Ethereum founder Vitalik Buterin wrote in an early blog post discussing the concept of decentralization:
'Decentralization' is one of the most common terms in the field of cryptoeconomics and is often used as a direct basis to measure whether a network is a blockchain network. However, the actual meaning of this term often leads to confusion and misconceptions.
Vitalik Buterin points out: When people discuss a decentralized issue, they are actually discussing three independent aspects:
Is it architecturally centralized or decentralized?
For example, how many computers make up this system? How many computers can fail at any one time and the system can still continue to operate?
Is it politically centralized or decentralized?
For example, how many individuals and organizations can ultimately control the computers that make up this system?
Is it logically centralized or decentralized?
For example, is the system's interface and database structure a single whole? Or a non-structured group? If we split the system users and providers into two, can they still operate as completely independent units?
What is the role and significance of emphasizing 'decentralization'? Vitalik Buterin provided a clear explanation of this in his 2018 blog post:
Resilience: Decentralized systems have a lower probability of experiencing unexpected failures because they rely on many independent components; theoretically, the probability of independent components failing simultaneously is relatively low.
Attack resistance: Decentralized systems make the cost of being attacked, damaged, and manipulated higher because they lack sensitive centralized points. The cost and difficulty of attacking a system with a clear central point is significantly lower than that of a decentralized system.
Preventing collusion: If participants in a decentralized system want to sacrifice the interests of other participants and conspire for their own profit, they have to pay a higher price than participants in a centralized system.
Core value: a key test for assessing decentralized projects
From the logic of the 'Walk Away Test', Bitcoin can be considered to have passed this test: the public does not know where Satoshi Nakamoto is, but Bitcoin can continue to develop relying on a decentralized network and global developers.
And in Ethereum, founder Vitalik Buterin mentioned in a forum in 2022 that almost all Rollups are not mature, most of which have adopted what is known as Training Wheels to ensure operation. However, the auxiliary measures of Training Wheels reflect, from another perspective, the dependence of Rollup projects on 'human intervention'; the less dependence on Training Wheels, the lower the risk of Layer2 networks; the more dependence on Training Wheels, the higher the risk of Layer2 networks.
To this end, Vitalik Buterin and others graded the dependence of Rollup projects on Training Wheels: Stage 0 (fully dependent), Stage 1 (partially dependent), Stage 2 (completely abandoned). Subsequently, the L2beat website revised this classification scheme through community feedback and upgraded it in June 2024 to 'Layer2 Risk Rating Indicators' for risk rating different Layer2 projects.
What are Training Wheels?
Training Wheels (commonly translated as auxiliary wheels) are certain restrictive mechanisms or measures added during the early implementation of Rollup technology to ensure safety and stability.
Protocols that require the implementation of Training Wheels usually have not yet achieved trustlessness or minimal trust, possibly due to overly complex code or the lack of security audits, and a larger potential attack surface of contracts; protocols that have just launched and have not yet established user trust, etc.
In this regard, Vitalik Buterin pointed out: his ideal goal is to see more entities like L2beat emerge, which can track the real situation of various projects in meeting established standards or other standards proposed by the community. The competition among projects will no longer be about 'whether they have the right friends', but rather about trying to 'stay consistent' based on clear and understandable standards.
On a larger scale, the 'Walk Away Test' can also be refined and upgraded into a risk rating tool to measure the actual decentralization substance and sustainable development of various decentralized use cases such as Web3 wallets, games, and DeFi.
As a common political philosophy theory suggests: to solve the question of 'who supervises whom', the best approach is the separation of powers, rather than centralization of power. The 'alliance' of the project leads to a concentration of power, while the realization of power separation relies on systems and culture — in the blockchain world, this system and culture represent the 'standards of consensus'.
