Liquid Staking — is it dangerous?
Danny Ryan, researcher at the Ethereum Foundation, told about the dangers that liquid staking can lead to.
Danny Ryan, researcher at the Ethereum Foundation, told about the dangers that liquid staking can lead to.
Danny Ryan, researcher at the Ethereum Foundation, told about the dangers that liquid staking can lead to.
In his blog on HackMD, Danny Ryan published a post with the title “The Risks of LSD” (LSD means Liquid Staking Derivatives, it’s not what you think). In this text, the researcher described the problems that liquid staking derivatives can cause.
Liquid Staking Derivative (LSD) is a token that is a claim on underlying staked collateral and accrued staking rewards. In other words, this is what the user receives in return for their staked tokens. We have already mentioned what liquid staking is and there was no hint about this problem that was raised in this article. So, what’s the problem?
And the problem is that LSD “are a stratum for cartelization and induce significant risks to the Ethereum protocol and to the associated pooled capital when exceeding critical consensus thresholds.” If the LSD protocol exceeds the consensus thresholds (1/3, 1/2 and 2/3), then “staking derivative can achieve outsized profits compared to non-pooled capital due to coordinated MEV extraction, block-timing manipulation, and/or censorship — the cartelization of block space.”
“LSD protocols can minimize governance, upgradability, and other risks over time, but the question of “who” gets to be a part of the Node Operator (NO) set remains. This lever is the primary cause of cartelization <…> If pooled stake under one LSD protocol exceeds 50%, this pooled staked gains the ability to censor blocks (and worse-so at 2/3 due to being able to finalize such blocks).”
It turns out that a user who can exceed the thresholds of the consensus mechanism will receive huge profits and too much power, which can lead to unpredictable consequences. But, how to solve this problem? Danny Ryan in the post writes about two possible solutions:
“This can be designed in one of two ways in the long run — either via governance (a coin vote or other similar mechanism) or via an automated mechanism around reputation and profitability.”
The first solution is node operators control. It is controlled using “distinct entity — the governance token holders — that a regulator can make requests of censorship.” These governance token holders will monitor decisions made in consensus and stop attempts by cartels to make decisions harmful to the protocol.
“In any sort of token governance control over a majority-LSD, we thus rely on the benevolence of the DAO or however control is structured. Relying on such an entity’s benevolence, anonymity, or geographic distribution to prevent attacks is not safe, and we must assume not sufficient in the long run.
The second solution may be the economic selection of node operators. In this case, the problem with cartelization is solved by excluding it from the NO on the principle of profitability, which still needs to be correctly determined.
“Kicking from the NO set on profitability is likely the only trustless (non-governance) method to ensure that NOs are good for the pool. Defining profitability is problematic — either you define some absolute number (e.g. getting good baseline issuance rewards) or you need to define some relative number (e.g. within 10% of average/normal profitability). Given the unpredictability of MEV/TX rewards in some time window but also given the importance of MEV rewards to profits in the long term, this needs to be dynamic and a comparison over some time period to other operators/validators.”
But, this method has one problem:
“This profitability comparison metric works well when all operators are using “honest” techniques, but if any amount of the NOs defect to utilizing destructive techniques such as multi-block MEV or adjusting block release times to capture more MEV, then they skew the profitability target such that honest NOs will eventually be automatically ejected if they do not join in on the destructive techniques.”
And this problem smoothly flows into another, the most important one. In either of the two methods, sooner or later a pool exceeding the consensus threshold becomes a stratum for cartelization. Either it will be a direct cartel on the part of the managers, or a destructive cartel, the purpose of which is to make a profit through the design of smart contracts. It turns out that with liquid staking, not everything is as smooth as it seemed before. Moreover, problems with LSD protocols put the entire Ethereum protocol and the pooled capital at risk.
“Cartelization, abusive MEV extraction, censorship, etc are all threats to the Ethereum protocol and ones that users and developers will respond to in the same methods available for traditional centralization attacks — leak or burn through social intervention. Thus pooling of capital into this stratum for cartelization puts not only the Ethereum protocol at risk, but, in turn, the pooled capital.”
But, not only Proof-of-Stake is subject to the problem of centralization. In the Proof-of-Work system, there are also pools in which huge computing power accumulates, allowing you to influence consensus.
Although the risk of the events described above is quite small, it should not be overlooked. More than once in the crypto industry, something has broken due to an unlikely combination of circumstances. Well, be careful with your funds. See you soon!