DeFi has proven to be something of a double-edged sword for crypto. On the one hand, it’s generating excitement and income. On the other, it poses security threats. Derivative attacks and other hacks made possible by the DeFi “money piñata” could cause cracks in the forthcoming Ethereum 2.0 network.
So say ConsenSys’ Tanner Hoban and Thomas Borgers, who, with funding from MolochDao, used their free time to analyze the incentive structure and security for Ethereum’s long-awaited proof-of-stake network. (Disclosure: ConsenSys funds an editorially independent Decrypt.)
In their just-released paper, “Ethereum 2.0 Economic Review: An Analysis of Ethereum’s Proof of Stake Incentive Model,” the co-authors argue that with “options volume increasing and unique financial instruments like ‘flash loans’ being used in malicious exploits […] derivatives could become the favored avenue of attack for adversaries.”
Not to fear, though. They have a solution: Just pay a bit more for security.
“Attacks on Eth2 are easier to scale than on Eth1,” write Hoban and Borgers. That’s counterintuitively because network participation should be easier on the network; users don’t need as much hardware or to use as much electricity to get involved. To mount attacks, they don’t need more machines, they need more ETH. And there are plenty of markets for them to get it: “The flourishing of DeFi and eventual connectivity to Eth2 can vastly accelerate and magnify this trend.”
Most blockchain watchers are already aware of the risks inherent to Ethereum-based derivatives. Just see February’s bZx exploit, which cost the company hundreds of thousands of dollars.
Though DeFi is already risky on Ethereum 1.0, a proof-of-work blockchain, Borgers told Decrypt that he thinks such derivative attacks “will only continue to proliferate with Eth2, and so far we haven’t seen that Eth2 addresses that vector better than Eth1.”
In their analysis, Hoban and Borgers found that risk to be most acute during the transition to Ethereum 2.0. That’s because at the beginning of the shift, validators must lock up their ETH stakes—and all the rewards they receive for doing so—until the PoW chain fully merges with the PoS chain. That decreases liquidity, and the authors believe it could lead to centralization.
Given the choice between waiting or putting their ETH to work for them, people will likely turn to centralized exchanges and derivatives trading. “A high concentration of validators leveraging these platforms creates centralization risk and unpredictability,” wrote the authors. In other words, more derivatives, more problems—at least while the network is transitioning.
Borgers told Decrypt that while some types of attacks could become more difficult, other attack vectors, in addition to derivative attacks, could present themselves. Therefore, he supports a “slow rollout of Eth2—giving us ample time to test.”
After Ethereum fully transitions, network security should come to rely on “three key variables: ETH staked, the price of ETH, and volatility.” (The current iteration of Ethereum relies on hashrate for security, explained Borgers, which is related to price.)
The authors laid out their reasoning in the paper’s conclusion:
“Our primary concern with regards to the economic stability and security of Eth2 is the resilience of the network at low ETH prices. Profitability diminishes, which could force validators to exit, further diminishing security.”
With fewer validators, the cost to attack the network also decreases. Hoban and Borgers calculate that the network needs 13.8% of ETH to be staked for “adequate security.”
To incentivize people to stake their ETH, and thereby losing some flexibility with their funds, they recommend doubling the base rewards factor—which, along with the amount of ETH at stake, helps determine the amount of ETH stakers can earn—from the currently planned 64 to 128.
“Security is highly dependent [on] ETH price and ETH staked, and we should make sure there is enough ETH staked, as that is the only variable we can really influence directly,” Borgers told Decrypt.
Moreover, adding financial incentives is affordable given that security for the PoS network should actually cost less than with Ethereum 1.0. “We believe the network is underpaying for security,” Hoban and Borgers wrote.
Borgers thinks the transition to Eth2 is worth it from a security standpoint. It just needs some fine-tuning.
“I think if we can find good mechanisms to incentivize enough ETH stake (~15%), which is very possible, as hinted at in our recommendations,” said Borgers, “this is a much more secure, scalable, and decentralized system.”