Vitalik: Maintain the minimalism of the chain, do not let Ethereum's consensus become overloaded.

Original Title: "Don't overload Ethereum's consensus"

Original Source: Web3 Voyage

The consensus mechanism of the Ethereum network is currently one of the most secure cryptographic economic systems. The validation nodes, worth 18 million ETH (approximately 34 billion US dollars), confirm a block every 6.4 minutes. These validation nodes run multiple different protocol implementations to ensure redundancy. If there is a problem with the cryptographic economic consensus, whether due to a bug or a deliberate 51% attack, a large community consisting of thousands of developers and more users will carefully monitor to ensure that the chain is correctly restored. Once the chain is restored, protocol rules will ensure that the attacker may suffer severe penalties.

Over the years, there have been many ideas (usually in the experimental stage of thinking) proposed to use the Ethereum validation node set and even Ethereum social consensus to achieve other goals:

Oracle of the End: Propose a mechanism where users can vote by sending ETH to indicate the truth of the matter, using the SchellingCoin mechanism: each person who votes for the majority answer can receive a proportional share of all the ETH that was voted for the minority answer.

This description continues to explain: "So in principle, this is a symmetrical game. What breaks the symmetry is a) the truth being a natural point of coordination, and more importantly b) the people betting on the truth can threaten to fork Ethereum if they lose."

Re-staking: A set of techniques used by many protocols (including EigenLayer), on which Ethereum holders can simultaneously stake their shares as deposits in another protocol. In some cases, if they violate the rules of other protocols, their deposits may also be penalized. In other cases, without incentives within the protocol, the shares are only used for voting.

L1 Driven L2 Project Recovery: It has been suggested multiple times that if there is a bug in L2, L1 can fork to recover it. The most recent example of this design is using L1 soft fork to recover the failure of L2.

This article aims to explain in detail why I believe that some of these technologies will bring high systemic risks to the ecosystem and should be prevented and resisted.

These proposals are usually made with good intentions, so the goal is not to focus on individuals or projects, but on technology. The general principle that this article will attempt to defend is that although there are some risks associated with the double use of ETH pledged by validators, it is basically acceptable, but it is not advisable to try to "recruit" Ethereum's social consensus to serve your application.

Example of the difference between reusing validators (low risk) and social consensus overload (high risk):

- Alice created a web3 social network. If you can prove that you control the key of an active Ethereum validator through encryption, you will automatically obtain the "verification" status. Low risk.

- Bob proves that he controls the keys of ten active Ethereum validators through encryption, in order to demonstrate that he has enough wealth to meet certain legal requirements. Low risk.

- Charlie claims that he has refuted the twin prime conjecture and claims to know the largest p such that both p and p+2 are prime. He changed his deposit withdrawal address to a smart contract, where anyone can submit a claimed counterexample q > p, along with a SNARK proof that q and q+2 are prime. If someone makes a valid claim, Bob's verifier will be forced to exit and the submitter gets the remaining ETH from Bob. Low risk.

- Dogecoin has decided to switch to Proof of Stake and allows Ethereum holders to engage in "double staking" to increase the size of its security pool while joining its validator set. To do this, Ethereum holders need to change their staking withdrawal address to a smart contract, and anyone can submit proof that they have violated Dogecoin's staking rules. If such proof is submitted, the holder's validator will be forced to exit, and their remaining ETH will be used to purchase and destroy DOGE. Low risk.

- eCash did the same thing as Dogecoin, but the project leader further announced that if the majority of participating ETH validators collude to review eCash transactions, they expect the Ethereum community to remove these validators through a hard fork. They believe that since these validators have been proven to be malicious and unreliable, Ethereum is interested in doing so. High risk.

- Fred created an ETH/USD price oracle that operates by allowing Ethereum validators to participate and vote, without any incentives. Low risk.

George created an ETH/USD price oracle that operates by allowing ETH holders to participate and vote. To prevent laziness and potential bribery, they added an incentive mechanism, which gives 1% of ETH to participants within 1% range of the median answer, exceeding 1% of the median answer of participants.

When asked "What if someone reliably offers bribes to all participants, causing everyone to submit incorrect answers, and the honest person loses 10 million ETH?"

George replied: Then Ethereum will have to strip the funds of bad actors. High risk.

George clearly avoids answering questions about high-risk scenarios (because the project may create incentives to attempt such forks, so even without formal encouragement, there may be attempts to fork).

George answered, "Then the attacker wins, and we will abandon the use of this oracle." This is a medium to low risk (not entirely "low risk," but rather because this mechanism does create a large number of actors who may be incentivized to independently advocate for forks to protect their deposits in a 51% attack).

Hermione created a successful Layer 2 and claimed that because her Layer 2 is the largest, it is inherently the safest, because if an error causes funds to be stolen, the loss would be so great that the community would have no choice but to recover user funds through a fork. High risk.

If you are designing a protocol, it is low-risk if even everything completely collapses, the loss is limited to the validators and users who choose to participate and use your protocol. On the other hand, if you intentionally introduce a broader Ethereum ecosystem social consensus to solve your problems through forking or restructuring, this is high-risk. I believe we should strongly resist all attempts to create such expectations.

The situation in the middle zone starts from the low-risk category, but motivates its participants to slide towards higher-risk categories; SchellingCoin-style technology, especially the mechanism that imposes significant penalties for deviating from the majority, is a major example.

So, what are the problems with overusing Ethereum consensus stretching?

If it is now 2025, a group of people who are frustrated with the existing options decide to create a new ETH/USD price oracle that determines the price by allowing validators to vote once per hour. If a validator votes, they will unconditionally receive a portion of the transaction fee as a reward from the system. However, soon the participants become lazy: they connect to centralized APIs and when these APIs are under network attacks, they either drop out or start reporting incorrect values. To solve this problem, they introduce an incentive mechanism: the oracle will also vote on the price from a week ago, and if your (real-time or retrospective) vote differs from the median vote by more than 1%, you will be severely punished, and the penalty will be given to those who vote "correctly".

Within a year, more than 90% of validators participated. Someone asked: What if Lido joins several major stakers to carry out a 51% attack on the vote and forcibly pass a false ETH/USD price value, extracting heavy penalties from all those who do not participate in the attack? At this point, supporters of the oracle have invested deeply in this plan and they answer: If this really happens, Ethereum will definitely fork and kick out the bad actors.

Initially, this plan was limited to ETH/USD and seemed very stable. However, over time, other indices were added: ETH/EUR, ETH/CNY, and finally the exchange rates of all G20 countries.

However, in 2034, things began to go wrong. Brazil experienced an unexpected and severe political crisis, leading to election disputes. One political party controlled the capital and 75% of the country, but another party controlled some northern regions. The major Western media believed that the northern party was clearly the legitimate winner because its actions were legal, while the southern party's actions were illegal (and they were fascists). However, official sources from India and China, as well as Elon Musk, believed that the southern party actually controlled most of the country, and the international community should not try to act as the world police, but should accept this result.

At this point, Brazil already has a CBDC that has split into two forks: (Northern) BRL-N and (Southern) BRL-S. During the oracle vote, 60% of Ethereum stakers provided the ETH/BRL-S exchange rate. Most community leaders and businesses condemned the stakers' submission to fascism and proposed a hard fork of the chain that only includes "good validators" who provide the ETH/BRL-N exchange rate, and reduces the balance of other validators to near zero. In their social media bubble, they believed they would clearly win. However, once the fork occurred, the BRL-S side unexpectedly became strong. Their expected overwhelming victory turned out to be almost a 50-50 community split.

At this point, both parties are in two separate universes, each with two chains, and they are actually unable to reunite. Ethereum, a global permissionless platform created in part to escape the influence of nations and geopolitics, has been split in two due to unexpected serious internal problems in any one of the G20 member countries.

This is a great science fiction story that could even be made into a good movie. But what can we actually learn from it?

The "purity" of blockchain, in that it is a purely mathematical structure that only seeks consensus on pure mathematical things, is a huge advantage. As soon as a blockchain tries to "hook" the outside world, conflicts from the outside world begin to affect the blockchain. If a sufficiently extreme political event occurs, in fact, considering that the above story is basically an imitation of events that have actually occurred in all major (>25 million population) countries in the past decade, even a currency oracle may tear the community apart.

Here are some possible scenarios:

The currency (possibly even the US dollar) tracked by the oracle simply experiences hyperinflation, and at some point in time, the market collapses without a clear market price.

If Ethereum adds a price oracle to another cryptocurrency, then a controversial split like the one in the story above is not hypothetical: it has already happened, including in the histories of Bitcoin and Ethereum themselves.

If strict capital controls are implemented, reporting which price between two currencies is the legitimate market price will become a political issue.

But more importantly, I believe there exists a Schelling fence: once blockchain begins to incorporate real-world price indices as a protocol feature, it is easy to succumb to explaining more and more real-world information. Introducing a layer of price indices also expands the legal attack surface of blockchain: it is not just a neutral technical platform, but it becomes more obviously a financial instrument.

除了价格指数之外，其他的风险呢？

Other than the price index, what are the other risks?

Any extension of the "responsibility" of Ethereum consensus will increase the cost, complexity, and risk of running validators. Validators are required to pay attention, run and update additional software to ensure that they act correctly according to other introduced protocols. Other communities have gained the ability to externalize their dispute resolution needs to the Ethereum community. Validators and the entire Ethereum community are forced to make more decisions, each of which carries the risk of community division. Even without division, the desire to avoid this pressure creates additional incentives to externalize decisions to centralized entities through collateral pools.

The possibility of splitting will also greatly increase the mechanism of bad over-sizing and inability to reverse. There are so many second-layer and application-layer projects on Ethereum that it is unrealistic for Ethereum social consensus to fork to solve all these problems. Therefore, larger projects will inevitably have a greater chance of being rescued. This in turn will lead to large projects getting moats: you would rather put your coins on Arbitrum or Optimism, where if something goes wrong, Ethereum will fork to save the situation, or on Taiko, because it is smaller in scale (and non-Western, so there is less social contact in the core developer circle), and the possibility of L1 support for rescue is smaller?

However, vulnerabilities pose a risk and we need better oracles. So what should we do?

I believe that the best solution to these problems varies depending on the situation, as each problem is fundamentally different. Some solutions include:

Price oracle: Either a decentralized oracle for non-fully encrypted economies or a validator-voting-based oracle that explicitly commits to emergency recovery strategies other than relying on L1 consensus (or a combination of both). For example, a price oracle may rely on a trust assumption that the corruption rate of voting participants is slow, so users can be warned in advance of attacks and can exit any system that relies on the oracle. Such an oracle can intentionally delay rewards for a long time, so if an instance of the protocol stops being used (e.g., due to oracle failure and community forking to another version), participants will not receive rewards.

About the more complex truth-telling machine regarding subjective facts than price: a decentralized court system built on a non-fully encrypted economic DAO.

Layer2 Protocol:

Short-term, relying on some training wheels (referred to as the first stage in this post).

Mid-term, relying on multiple proof systems. Trusted hardware (such as SGX) can be included in this; I strongly oppose using systems like SGX as the sole guarantee of security, but as a member of a 3 out of 2 system, they may be valuable.

In the long term, it is hoped that complex functions such as "EVM verification" will eventually be incorporated into the protocol.

Cross-chain bridge: Similar to an oracle in logic, but also minimizing your reliance on the bridge: holding assets on their source chain and transferring value between different chains using atomic swap protocols.

Use Ethereum validator set to protect other chains: One reason why the (safer) Dogecoin method in the example list above may not be sufficient is that while it does prevent 51% finality reversal attacks, it does not prevent 51% censorship attacks. However, if you are already relying on Ethereum validators, one possible direction is to stop trying to manage an independent chain and instead become an effective validation system anchored in Ethereum. If the chain makes such a change, its protection against finality reversal attacks will be as strong as Ethereum's, and it can prevent up to 99% of censorship attacks (compared to the previous 49%).

Conclusion:

The social consensus of the blockchain community is a fragile thing. Due to the need for upgrades, the existence of vulnerabilities, and the possibility of 51% attacks, social consensus is necessary, but because of the high risk of causing chain splits, we should use it with caution in mature communities. There is a natural impulse to expand the core functionality of the blockchain because the core has the largest economic weight and the largest community observers, but each such expansion makes the core itself more fragile.

We should be wary of application layer projects taking actions that may increase the "scope" of blockchain consensus, unless these actions are validating core Ethereum protocol rules. It is natural for application layer projects to attempt such strategies, and such ideas are often generated without awareness of the risks, but the results can easily be highly inconsistent with the overall goals of the community. This process has no limiting principle and may lead to the blockchain community increasingly having "responsibilities" over time, pushing it into uncomfortable choices between annual high-risk splits and some kind of de facto bureaucratic control over the chain with ultimate control.

We should maintain the minimalism of the chain and support the use cases of re-staking that do not appear to be slippery. We should expand the role of Ethereum consensus and help developers find other strategies to achieve their security goals.

Original article link

欢迎加入律动 BlockBeats 官方社群：

Telegram 订阅群：https://t.me/theblockbeats

Telegram 交流群：https://t.me/BlockBeats_App

Twitter 官方账号：https://twitter.com/BlockBeatsAsia