EigenLayer has started a wave of innovation in Restaking. What are the potential risks that come with it?

Abstract

1. EigenLayer’s core technology Restaking allows decentralized services (AVS) to reuse Ethereum’s pledged fund pool and enhance the trust mechanism. When the ETH validator's withdrawal certificate is redirected to the EigenLayer contract, AVS can set up a reward and punishment mechanism to attract low-cost verification participation, improve the validator's fund utilization and enhance overall network security.
2. EigenLayer introduces new micro and macro security challenges in the "Consensus Selling Market". The main body of the market: ETH validator (Operator), service projects (AVS) that require decentralized PoS trust, and the EigenLayer platform itself constitute the interactive structure in the ecosystem. Each of these parts may face security threats, affecting the stability of the entire ecosystem. Malicious Operators may attack multiple services at a low cost under the Restaking mechanism; Malicious AVS may use superficial publicity and seemingly credible rates of return to attract unknown Operators to join its service system, causing them to suffer slashing and irreversible losses; the rapidly developing ecosystem has put forward higher requirements for the security of the EigenLayer protocol.
3. Professional auditing and reliable dynamic protection measures are the cornerstone of ensuring the security of the platform and users. In addition to innovation, the EigenLayer ecosystem also requires a strong security framework that can cope with new challenges. BlockSec continues to build in the field of blockchain security, providing project parties with professional code audits and dynamic security protection after launch, supporting the continued growth of this ecosystem.

Introduction

The Ethereum-based protocol EigenLayer innovatively proposes a re-pledge function, allowing participants to further utilize their pledged ETH while maintaining the original pledge and income. to support other protocols to maximize the potential value of capital.

Having grown from US$1 billion in early 2024 to US$15.3 billion now, EigenLayer’s TVL is second only to Lido in the entire DeFi ecosystem. The explosive growth not only demonstrates the strong interest of the market, but also verifies the practicality and influence of its technology. With this growth, projects based on the EigenLayer ecosystem such as Puffer Finance and Renzo have also quickly gained the favor of capital and users. The re-staking track with EigenLayer as the core is undoubtedly one of the most high-profile narratives in the DeFi ecosystem this year.

As a company focused on blockchain security, we will analyze and discuss the new security challenges and tests that EigenLayer’s operating mechanism brings while innovating the DeFi ecosystem from a macro to micro security perspective. .

Top-level design and macro security

Restaking is essentially a basic means to further solve specific problems by reusing the trust provided by the Ethereum Proof of Stake (PoS) pledge pool. As the founder of Restaking technology, EigenLayer provides an emerging market with two-way free selling of Ethereum capital pool trust, that is, it provides a consensus selling market. EigenLayer claims that the current Ethereum ecosystem is suffering from the macro-security problem of split trust, and EigenLayer can solve this problem very well. Next, we will start from the design and motivation of EigenLayer to understand what trust splitting is and how EigenLayer solves trust splitting.

1. Who does the consensus selling market serve? Who are the parties involved in two-way freedom?

EigenLayer sells the trust provided by Ethereum's pledge capital pool, so the seller of consensus is the verification node Validator of Ethereum. And the buyer, that is, Actively Validated Services (AVSs). Simply put, it can be understood as any service that needs to build a distributed trust network. As a buyer, AVS needs to purchase distributed trust.

2. Why does this emerging market segment need to exist? What problem was solved?

Ethereum only provides innovative properties at the contract level. Developers have more "deep" innovation needs, such as trying to modify the running environment of the program (in Ethereum, it is the Ethereum Virtual Machine EVM), or further hoping to modify the consensus protocol.

Figure1:EthereumTrustFlow,Source:EigenLayerForum

The founders of EigenLayer regard these developers' desire for underlying innovation as an unmet market need and as a problem of limited innovation and try to solve it through Provide a free selling market that reuses Ethereum trust to solve this problem of limited innovation, meet the innovation needs of developers, and reduce innovation costs.

EigenLayer 还应对了以太坊因创新受限而导致的宏观安全问题，即信任分裂问题。在以太坊的 PoS 机制中，网络安全依赖于足够的质押资金和验证节点的数量。新的项目尝试建立自己的信任网络，常常需要质押自己的代币，这导致质押资金从以太坊主网分流，影响其安全性。例如，如果以太坊主网有 10B 的质押资金，而分散至三个子服务的质押总计为 3B，则实际增加的质押资金并未直接加强主网的安全性。此外，信任分裂还可能增加 DApps 的安全风险，因为攻击者可能针对资金较少的子服务发动攻击，利用系统中的弱点造成更广泛的安全问题。

Figure2:PooledsecurityofEigenLayer,Source:EigenLayerWhitepaper

综上，现在的以太坊生态同时遭受创新受限问题，以及由创新受限导致的信任分裂问题。EigenLayer 就是为了解决这两个问题而诞生的。

3. EigenLayer 是如何解决这些问题的？

Figure 3：Comparing the ecosystem of actively validated services today and with EigenLayer, Source:EigenLayerWhitepaper

现有的 AVS 无法访问以太坊质押资金池，更无法进行 Slashing。而 Restaking 技术就是以接口的形式为 AVS 开启一个能够访问以太坊质押资金池的通道，这个通道就是 EigenLayer。在 EigenLayer 的抽象层中，服务以智能合约形式存在，以太坊底层则保证了平台的可靠性。通过这个平台，AVS 可以定义其验证需求和奖惩机制，吸引 ETH 验证者以较低成本参与，提升整个网络的安全性和效率。这些服务包括部署专用的 Slashing 和 Payment Contracts，允许验证者根据需要选择参与以获得利润。

4. EigenLayer 有很好的解决这些问题吗？解决这两个问题是否伴随着一些代价呢？

首先，有关创新受限问题，通过重用以太坊质押资金池提供的信任，使 AVSs 能够间接吸收以太坊的信任，有效降低这类服务的启动成本，为区块链的生态繁荣提供先决条件。

然后则是更关键的以太坊的信任分裂问题。一方面，投资者通过 EigenLayer 再质押支持 AVSs 是利润回报更大的选择，这也就可以很大程度上支持被分流到去中心化服务的质押资金回流到以太坊的质押资金池。另一方面，验证者参与验证的成本变得更低了。对于 AVS 本身而言，就能以更低的代价吸引到更多的再质押资产，而更多的再质押资金也就加固了之前所说的攻击事件链条中最薄弱的一环，提高了整体的安全性。

从设计和动机角度来说，有很多项目做了比较成熟的尝试去创新，例如 Cosmo、OP Stack 等。这些项目允许新兴项目方以相对更低的成本来发起一条新的公链，但都没有解决信任分裂的宏观安全问题。EigenLayer 所解决的信任分裂宏观安全问题，以及对 AVSs 更低的门槛和 ETH Validator 更高的收益（伴随风险），都是非常诱人且独特的。

新兴生态的安全

EigenLayer 的信任贩卖市场可以分为三个主体：

• Operator，即一般认为的 ETH Validator，信任的卖方；
• AVS，即一个需要去中心化 PoS 信任的服务项目，买方；
• 承托 Operator 以及 AVS 的 EigenLayer 平台，即市场本身。

这三个主体构成了 EigenLayer 的生态，其中每个部分都可能面临安全威胁，影响整个生态系统的稳定性。

1. 恶意 Operator 犯罪成本降低

ETH Validator 在 EigenLayer 生态中只需要付出一份资本，就能获得多份回报。这大幅提高了质押资金利用率，使得 Operator 进入 AVSs 服务信任网络的门槛变得更低。相应的，Operator 也需要承担选择的 AVS 指定的验证任务，承担额外风险。资金利用率提高对恶意的 Operator 来说，其犯罪成本也显著降低了。

该风险在白皮书中被提及，并提供了一个潜在的解决方案，即设置一个可以被任意访问的 Dashboard，在恶意资金高利用率的 AVS 可以通过 Dashboard 检查向自己提供 Restaking 质押金的 Operator 是否处于多次质押状态，质押了多少次等。白皮书强调，这是一个双向自由的市场，不在意恶意资金利用率，不允许多重质押，显然能吸引更多的 Restaking 质押金，这完全取决于 AVS 自己的权衡考量。

2. 恶意 AVS 吸引盲目 Operator

AVS ​​mainly provides reward and punishment mechanisms for Restaking pledges in the EigenLayer market, and the reward and punishment mechanisms are determined by AVS itself, and the corresponding Contracts will be deployed on the Ethereum mainnet. Operators and EigenLayer can also require the AVS project party to open source such contracts, but we cannot guarantee that every Operator has enough ability and energy to confirm whether the AVS service they want to purchase is reliable. Absolute freedom of AVS Malicious AVS may attract Operators through false or exaggerated information, and exploit contract coding vulnerabilities to trigger Slashing through backdoors. The market is always profitable, and malicious AVS may attract relatively blind operators, and eventually suffer malicious slashing and other behaviors, causing irreversible losses.

In order to avoid such incidents, the security and reliability of the AVS reward and punishment mechanism can be guaranteed through auditing. The EigenLayer white paper hopes that AVS’s reward and punishment contracts need to undergo reasonable and relevant audits and evaluations. At the same time, the EigenLayer white paper proposes the establishment of a committee to supervise the Slashing reward and punishment mechanism to help the emerging AVS get on the right track.

3. Platform security

The last thing is the security of EigenLayer itself, that is, the security of the platform. If there is a security flaw in the EigenLayer platform itself, it will cause huge harm to the entire ecosystem and even directly threaten the security of Ethereum's PoS consensus. Considering that EigenLayer aims to provide a two-way free trade market for Operators and AVSs, more custom interfaces need to be provided for both parties to support richer needs. Such rich requirements will also complicate the abstraction layer to a greater extent, leading to more potential security threats.

Since EigenLayer itself is also implemented by contracts, its basic security can also be guaranteed by code auditing and post-launch monitoring, but as mentioned before, these contracts still need to withstand the test of time.

Summary

EigenLayer innovatively proposes the Restaking mechanism, which not only optimizes the use of funds, but also improves network scalability while addressing the macro-security issue of trust splitting. However, in addition to many innovative advantages, it also introduces new security challenges and potential risks, such as the reduction in the cost of evil caused by increased fund utilization. Therefore, it is crucial for blockchain developers, investors, and security experts to pay attention to the accompanying problems and find solutions.

As a company focused on blockchain security, we realize that in-depth auditing of the code of EigenLayer and its ecosystem and the implementation of dynamic monitoring and security protection measures are very important for maintaining the security of the entire DeFi ecosystem. Pivotal. Security should be fully considered during the design and implementation stages of AVS, and professional auditing and dynamic monitoring and security protection are the cornerstones of ensuring the security of the platform and users. As blockchain technology continues to evolve and market demand grows, EigenLayer and its ecosystem need not only innovation, but also a strong security framework that can cope with new challenges. Therefore, we will continue to build on the security front, provide more projects with sophisticated code audit services as well as post-launch monitoring and dynamic security protection to support the continued growth of this ecosystem.

The above is the detailed content of EigenLayer has started a wave of innovation in Restaking. What are the potential risks that come with it?. For more information, please follow other related articles on the PHP Chinese website!