Let us start the risk section with a real story that is hard to believe. StakeHound, one of the early liquid staking platforms, announced its stETH LST on November 24th, 2020. Wait a minute, that trademark sounds familiar. You are right, Lido and StakeHound argued about the “stETH” trademark on Twitter (now X) and even involved legal counsel on both ends (read more here). The conflict over the name ended unresolved, but it does not matter much. One of the well-known risks of crypto as an industry materialized on May 2nd, 2021. According to StakeHound’s statement, the company was informed by one of their custody providers, Fireblocks, that 38,178 of their staked ETH, worth nearly $72 million at the time of writing, may have been rendered inaccessible because of a failure by Fireblocks to secure the cryptographic keys as they had been required to do. Assumably, a series of errors by Fireblocks caused the loss of 2 keys that were part of the 3-of-4 threshold signature for the shards that formed the StakeHound’s withdrawal key. The aggrieved party claimed that Fireblocks (1) did not generate their private keys in a production environment, (2) did not include the private keys required to decrypt their 2 key shares in the backup, and (3) lost both keys.
As a next step, StakeHound filed a lawsuit against Fireblocks at the Tel Aviv District Court on the grounds of alleged negligence. Eventually, on July 26th, 2021, StakeHound decided to discontinue their liquid staking activities and devote their full attention to the recovery of the loss, which never happened. Here, you can see StakeHound’s TVL chart, on which DeFiLlama decided to index 0, even though the money still sits on the contracts to which no one has effective access keys. That sad story has one more angle. On July 11th, 2023, the bankrupt crypto lender Celsius sued StakeHound over the platform’s alleged failure to return $150 million worth of tokens. That story should be a reminder of inherited risks in the crypto nature.
Centralization of assets is one of the main aspects the LST market faces. Lido has a substantial market share regarding the ETH staked. Of course, it is not their fault they managed to attract so many users and deposits, it rather shows market conviction in the quality of their ecosystem. Nevertheless, any problems related to that protocol can affect the entire liquid staking industry. Some critics point out an inadequate number of nodes due to the size of funds deposited. For instance, Lido has 39 node operators at the time of writing and Rocket Pool, the decentralization maxis, has 3000 node operators. There are two sides to every story, with more nodes come new challenges and risks. The permissioned versus permissionless nature of LST protocols also plays a crucial role. Although a permissionless design is what DeFi strives for, it is harder to scale due to its inherently trustless operations.
Liquid staking protocols leverage Ethereum’s proof-of-stake consensus mechanism to create an interconnected ecosystem, supported by LSTfi platforms utilizing liquid staking tokens. Fluctuations in top or bottom protocols can impact the entire market, as they rely on each other to maximize yields. Ensuring security is paramount for project success, yet the average user lacks the ability to verify protocol security and audits, relying instead on auditing firms for assurance.
Protocol-wide risks, such as the potential for excessive stake control, pose significant threats to decentralization, neutrality, and openness in Ethereum. When an entity holds over 30% of the stake, it can wield substantial control, potentially disrupting finality and compromising blockchain integrity. Monitoring entities with significant stake holdings, like Lido, is necessary to maintain ecosystem stability. Arbitrage opportunities related to LST ETH peg stability are vital for understanding asset value dynamics. Although specialized protocols emerged to earn on the arbitrage opportunities, the deviations will occur. It is the space where the part of the oracles is crucial.
Do Not Overload Ethereum’s Consensus ~ Vitalik Buterin
The dual-use of validator-staked ETH is an intriguing concept carrying benefits but also risks. It is reasonable to leverage this approach within certain boundaries. Particularly if the protocol’s design ensures any failures or losses remain confined to the validators and system users. Such an approach is inherently low-risk, as it does not entail broader implications for the Ethereum ecosystem’s social consensus.
Conversely, when the intention is to gain support from the larger Ethereum community or manipulate the social consensus for the protocol’s own objectives, it becomes a high-risk endeavour. This type of manoeuvre should be met with strong resistance, as it jeopardizes the stability and integrity of the Ethereum network.
Ethereum validator set utilization to enhance security for other chains does not prevent all the attacks. It may protect against 51% finality-reversion attacks but falls short in guarding against 51% censorship attacks. In scenarios where Ethereum validators are already part of the equation, a potential solution could involve transitioning into a validium framework. It is a scaling solution that uses off-chain data availability and computation to process transactions, e.g., zero-knowledge rollups.
Developers are tempted to expand the blockchain’s core functionality to cater to a growing range of use cases. However, each extension introduces complexities that could render the core system more vulnerable. A minimalistic design is advisable to safeguard the blockchain’s integrity. Restaking experiments should not infringe on the Ethereum consensus model. Developers ought to seek alternative security approaches, ultimately fostering a more robust and secure ecosystem.
Restaking, although a promising innovation, introduces potential additional vulnerabilities. It imposes leverage on staked ETH and argues with Vitalik’s point of view to build robust, secure, and minimalistic blockchains. Slashing incidents are another fear associated with restaking. Protocols like EigenLayer want to provide other networks with Ethereum’s validator set. There is a potential danger of slashing for non-performance, and restakers have extra requirements to meet. Expanding Ethereum’s consensus responsibilities adds costs and complexities for validators. It forces them to manage additional software, monitor new protocol updates, and ensure proper behaviour, increasing operational challenges. All things considered, restaking is a captivating concept worth pursuing. However, security must be the leading virtue to follow.
“The reason I personally am not just staking all of my ETH (…) is because if you stake your ETH, it has to be all out, like the keys that access it have to be public on some system that’s online, and for safety it has to be a multi-sig, and multi-sigs for staking are still fairly difficult to set up, and it gets complicated in a bunch of ways,” said Vitalik Buterin, Ethereum Co-founder.
Disclaimer: This post is not a financial advice. It was created for informational purposes only. Remember to always do your own research.
About RedStone
RedStone is a modular oracle delivering diverse, high-frequency data feeds to EVM Layer1, Layer2, Rollup-as-a-Service networks, and beyond, i.e., Starknet, Fuel Network, or TON. By responding to market trends and developer needs, RedStone can support assets not available elsewhere. The modular design allows for data consumption models adjusted to specific use cases, i.e., capital-efficient LSTfi and early support of LRTs. RedStone raised almost $8M from Lemniscap, Blockchain Capital, Maven11, Coinbase Ventures, Stani Kulechov, Sandeep Nailwal, Alex Gluchovski, Emin Gun Sirer, and other top VCs & Angels.