.png){kind=logo}
The explosion in number of rollups, RAAS that scale the execution make credibility neutrality of L1 even more important. Lido co-ordinates the allocation of ETH between the stakers and validators, and has reached a critical level. It has an 85% in dominance in the liquid staking market alone, allocating about 31% of the staked ETH among ‘professional node operators’. To give a sense of the numbers, 8.85M ETH has been staked through 191k unique depositors using Lido. Why is it so dominant and what are the problems with such a dominance?
The concept of Liquid staking emerged in the Cosmos ecosystem before, but didn’t grow as much as it did in the ETH ecosystem with Lido. Lido had some unique catalysts that led to its growth. Lack of delegated POS and presence of locking period after merge made liquid staking an easier way for the stakers to get liquidity for their assets. These LSTs also needed distribution and utility, and Defi in ETH had a thriving demand for such assets as collateral. stETH is one of the most liquid LST, that is a network effect that benefits it even further. This dominance over something very close to the core protocol has led to concerns. We will address the concerns and mitigation efforts by Lido and others in later sections, let’s look at the staking process in general.
In staking, there is a division of labor and capital. Lido builds on top of this insight. Lido makes it easy for stakers to provide capital and not worry about the difficult part of setting up validators and managing them. The professional node operators make up the labor part. For their services, the node operators and the Lido protocol share 5% of the rewards each. The rest of the rewards flow to the stake providers or stETH holders. Currently around 5-6% of stakers are solo stakers, i.e the one’s providing both capital and labor. Among all the ways of staking, liquid staking is the most popular way and is expected to stay dominant because of the utility for locked ETH.
It is this division of capital and labor that leads to some of the concerns. The stakers, or the stETH holders are sufficiently wide and diverse, but the LST protocol that manages the distribution of stake among the node operators have a large responsibility. If Lido commands a significant amount of overall stake, the LDO holders might end up controlling the chain in some ways.
Efforts to address the concerns associated with Liquid Staking Tokens (LSTs) are being implemented in various ways, both within and outside of the LST protocol itself. These include :
Now that we have a fair idea about the state of the LST market, dominance of Lido, let’s see how a single dominant entity could threaten the integrity of the chain . An entity that controls 33, 50 or 66% of the staked ETH influence the finality and reorgs. Some of the things that can be done with a dominant stake -
When a party holds more than one-third (>33%) of the total stake, they gain the capability to temporarily disrupt the network's finality. The extent of this disruption is a function of the attacker's stake size. Ethereum counters this through its inactivity leak mechanism, which penalizes inactive or malevolent stakeholders over time. This penalty system ensures that, eventually, the honest majority regains control by reclaiming a two-thirds majority, thus restoring finality to the network.
The scenario intensifies when a party controls over half (>50%) of the total stake. Such dominance enables them to censor transactions and execute short-term reorganizations of the blockchain—a situation commonly referred to as a 51% attack. This level of control directly challenges Ethereum’s fork choice rule and opens the door to potential abuses, such as detrimental Maximum Extractable Value (MEV) extraction strategies.
A more extreme case occurs when a party amasses over two-thirds (>67%) of the total stake. In this situation, they possess the power to finalize their chosen version of the blockchain, completely disregarding the inputs of other stakers. However, this power comes with a caveat. Although they can revert finalized blocks, doing so triggers a slashing mechanism, imposing significant penalties.
Let’s take an example of a possible attack using more than 33% stake, from which Lido is fairly close. But first refresh our memories about the consensus used by ETH.
ETH uses a combination of CasperFFG and CasperGHOST for its consensus, called Gasper. Casper FFG guides the finality of the chain, and it takes an approximately 12 mins (2 epochs) for the chain to get finalised. FFG creates block checkpoints every epoch (typically the first block in the epoch) that are considered to be final from where the chain cannot be re-orged. CasperGHOST allows the validators to agree on the head of the blockchain and selects the correct branch if there are multiple branches. For each epoch, the validators are divided into committees that vote in different slots. But each epoch the validators vote for the checkpoint and the valid slot. Once the checkpoint gathers sufficient votes, it is considered justified. The same process is repeated in the next epoch and a new justified blocks is found. After this the previous checkpoint becomes finalised. The reason finality is not immediate due to the burden of verifying the signatures of all the validators.
Let’s say that there are m validators assigned to a slot and Lido (or someone else) controls 34% of the stake in m validators. The attack proceeds as follows: the attacker DOES NOT publish block B, and does not publish any of their attestations on the published blocks. Honest validators would attest for A and vote that they did not see a block at n+1. During slot n+2, another honest proposer would build a block C on top of A, and the honest validators would support C. The proposer from Lido reveals B and attestations for B for both slots n+1 and n+2. The bottom fork would have 0.68 * mvalidators supporting it, but the top fork only has 0.66 * m support, so the bottom fork wins
Lido and Rocketpool differ in how they onboard Node operators. While Rocketpool is permissionless in nature, Lido has a permissioned set of 31 Node operators. The LDO token holders control the selection or removal of the Node operators. If the token holders are motivated to gain outsized profits via MEV extraction and censorship, this becomes the criteria for selection or removal of the Node operators, leading to cartelisation. Censorship is another risk that a token controlling so much stake introduces. It becomes an easy target for the governments to target instead of ETH validators. Using DVT validators that have geographic and node operator diversity is one of the solution, which the Lido team is actively introducing using the DVT staking router.
Performance based automated selection of the node operator could also lead to similar problems. If the performance demands MEV attacks, node operators that are not aligned to that get ejected or not selected by the DAO.
The node operators can collude together and lead to mass slashing of the validators that they run. Since there is no bond posted by the NO they don’t suffer much damage apart for the reputational and opportunity cost. The stETH would lose lot of its value and lead to bank run
As we saw, the Node operator selection controlled by the DAO can be manipulated and directed towards profit maximisation by the token holders. To keep that in check Lido is coming up with a few solutions. We’ll have a deeper look in the next section.
But there’s a positive side to Lido as well. Lido plays a significant role in promoting a more equitable distribution of stake across Ethereum's node operators. Without services like Lido, stake distribution on Ethereum tends to be influenced by factors such as MEV (Maximal Extractable Value) extraction and various integrations, often leading to an uneven accumulation of advantage among certain validators. In contrast, Lido ensures a more balanced allocation of stake within its protocol. It achieves this by distributing stakes relatively equally among validators. Each validator in the Lido protocol typically manages slightly over 1% of the total stake. Moreover, as new node operators are introduced into the system, Lido continuously redistributes the stake, contributing to a more uniform stake distribution across the network. This approach by Lido plays a crucial role in enhancing the fairness and stability of stake distribution in Ethereum.
To counter the power of LDO token holders and to give voice to the stakers in governance, Lido is in advanced stages of Dual Governance for the DAO. Its aim is to align the interests of the stETH holders with the DAO. Though stETH holders can’t propose, they have a veto power on decisions that the LDO holders propose. If the LDO holders remove Node operators unfairly, only small quorum (5%) of the stETH holders can veto the decision, enforcing a check on the power. LDO holding is much more concentrated if you look at the distribution, and hence is bad for the governance. stETH is also much more diverse in its distribution compared to the LDO token and can mitigate censorship by Government entity. One of the concerns though is the abuse of veto power by the stETH holders. Since they can only veto and not propose any changes, they can effectively veto any proposal and bring the DAO to standstill. But since stETH can be freely purchased from the market, this is not so severe. Though the veto power for the stETH holders is an improvement and serves as a check against the total control of the LDO holders, there could be stronger governance powers for them.
One of the common platform playbook used by many web3 protocols is minimising core functionality and governance of the protocol and open permission less modules that can extend the capabilities. Uniswap hooks allow devs to create new functionalities like TWAMM, dynamic fees for the pools instead of writing the entire code from scratch. Safe has similar Safe core and modules for adding new functionalities for its AA wallets. LidoDAO currently manages the selection and ejection of the Node operators. This monolithic code base would be converted into a modular one, where modules would be assigned for different kinds of validator sets with their own logic (fee distribution proportions, upper limits etc)
The monolithic architecture presents challenges for onboarding different kinds of validators to Lido. Each different kind of validator subset forms a part of a smart contract integrated into the protocol. In the current paradigm, the node operators apply, get approved by the DAO and then deposit their keys to the registry from where they get stake and rewards. Under staking router, different modules manage the signing keys of the validators, distribute the rewards and stake between them. Staking router is the top level controller that controls the operation across modules. The staking router could also be used for alignment with ETH by providing higher share of rewards to the module (eg solo staker module could be given a larger share since their participation strengthens the core value proposition of the base layer.) The DAO token holders and stETH holders have the natural tendency to prefer greater profits coming from larger node operators. Revenue share with the module would serve as a lever to steer the protocol towards alignment.
Currently there are 2 more modules planned -
The DAO will initially set limits for stake allocation, increasing it as the confidence in tech increases with time. Currently the DAO manages the allocation of stake to validators in the permissioned set. Staking router takes over this functionality in V2. It monitors the different modules, percentage of the threshold filled and allocates stake accordingly. The stake is proportionately divided, allocated for a short amount of time. The module loses priority over the allocated stake if it is unused after certain time so that other unfilled modules can be filled instead. LST protocols are distribution channels that bring the supply (Node operators) and demand (stakers) together and can play an important role of redistributing or allocating the stake among the validator set.
DVT operated validators bring resilience, security, increased geographical and node diversity. The initial DVT staking router module will be called ‘Simple DVT’, done at a smaller scale. DVT allows validators and clusters to be set up that have node operator diversity. This means that a single or a cluster of validators can have solo stakers, community stakers, professional node operators running it together. There would be 24 clusters running 5 validators each in the initial pilot and its stake would be capped at 0.5% of the total stake. To incentivise participation, the DAO has also changed the fee sharing proportion - 8% to the module and 2% to the DAO treasury. This module is supposed to run for a medium term and be replaced by a more scalable module after performance metrics are met. SSV and Obol network will have separate clusters and the success of the clusters will be considered independently.
What are some of the effects DVT run clusters can have? By splitting its validators across multiple different providers, Lido can make it more difficult for any one provider to gain too much control. This can help to protect Lido from attacks and ensure that the platform remains decentralized. DVT would also make the network more resilient to attacks, as it would be more difficult to take down a large number of validators at the same time. This is because Lido would be able to distribute its validators across multiple different locations and infrastructures
In the beginning we talked about the division of labor and capital in staking. Even though Liquid staking and other forms of staking are democratising the access to staking to regular people, they rely on limited number of node operators and aren’t able to decentralise it. This is an idea proposed by Dankrad that tackles it. The staked ETH is divided into 2 tiers, node operator bonds (C1) and delegated stake (C2). In this design (which is similar to Rocketpool) the node operator stake is slashable but the delegated stake isn’t. Each node operator has a different LST and only a non-slashable ETH can mint this LST. The rates for C1 and C2 are different - for the different amount of risks associated with them. To make it easier for the delegators to move from one operator to another, their LST won’t be a part of the activation and exit queues. The benefit of this design is to protect the stakers and remove the trust that they place with the operators to not get their stakes slashed. The setting of rates for the two tiers is the key problem. Finding the sweet spot for the rates that doesn’t make the node running more attractive or node operators fully saturated might be figured out in market. This could also reduce the security, since for the stake of the validator, only a portion supplied by the operator is slashable.
With increase in the stake from delegators and number of validators, most validators having the same node operator, leads to burden of verifying the signatures on the consensus layer. There are proposals to increase the role of delegators to some light. weight duties that could serve as a check to the centralisation of the node operators.
Single slot finality planned in the future, could handle 10,000 validators. The validator balance cap is being raised for that purpose, leading to consolidation and reduction in signatures. The small stakers could be given light weight tasks like signing on the LMD GHOSt fork choice rule along with the large operator run validators. These small stakers would be selected randomly every slot and would help mitigate centralisation risks of the large operators. If the fork choice rule for small stakers and node operators diverge, community would mediate. Other than the fork choice rule, the small stakers could also sign off on blocks and attestations for a short period of time along with node operators. These proposals could be integrated in staking protocols to mitigate centralisation of Node operators and prevent a 51% majority from finality reversion.
