EigenLayer: A Restaking Primitive
EigenLayer is a protocol built on Ethereum that introduces restaking, a new primitive in cryptoeconomic security. This primitive enables the rehypothetication of $ETH on the consensus layer. Users that stake $ETH can opt-in to EigenLayer smart contracts to restake their $ETH and extend cryptoeconomic security to additional applications on the network. Part of EigenLayer’s potential, therefore, lies in its ability to aggregate and extend cryptoeconomic security through restaking and to validate new applications being built on top of Ethereum.
Cryptoeconomic security has been a fundamental challenge of Web3 since its inception. From the early days of Bitcoin, to the most recent upgrades of Ethereum and other iterations of Layer 1 networks, establishing robust cryptoeconomic security presents complex issues and tradeoffs. A current challenge within blockchain design is fragmented security. This is particularly true on the Ethereum network. At a very high level, middleware and non-EVM (Ethereum Virtual Machine) applications built on top of the Ethereum network are responsible for generating their own trust network. This is inefficient in many ways. Bootstrapping security is expensive, resource-intensive, and takes a considerable time to generate. Moreover, once launched, a decentralized security network requires ongoing effort to maintain and to scale. As more applications are built, cryptoeconomic security becomes increasingly fragmented across the network.
EigenLayer has pioneered a new mechanism in cryptoeconomic security, the restaking primitive, to overcome these challenges and aggregate security across the Ethereum network. Restaking functions as a set of smart contracts in which users that stake $ETH can repurpose their locked $ETH to extend cryptoeconomic security to other applications built on the network. That is, EigenLayer enables a system of rehypothecation for staked $ETH. The protocol creates an opt-in middle layer where users agree to grant EigenLayer additional enforcement rights on their staked $ETH, enabling it to be effectively restaked on to other applications. An important aspect of EigenLayer’s opt-in feature is that it creates additional slashing conditions on staked $ETH that persist above the consensus layer. This helps to facilitate extensible security as new slashing conditions can be introduced to meet the demands of other projects such as bridges and data availability layers being built on top of Ethereum. So EigenLayer can freely deploy restaked $ETH to additional applications while leveraging slashing conditions to enforce honest behavior and disincentivize malicious behavior. Ultimately, EigenLayer’s design allows staked $ETH to provide validation services beyond just Ethereum itself.
Cryptoeconomic Security and Decentralized Trust Iterations
Before advancing, it is important to briefly discuss the current state of blockchain security and how EigenLayer’s design fits in. Bitcoin’s security model pioneered one of the first successful iterations of decentralized trust and security. Users were empowered to send peer-to-peer payments in a secure manner without the need for a middle-party to coordinate. A major shortcoming of this model, however, is that it was designed to be application-specific. This means that any new decentralized application (dApp) that builds on top of the network also requires a new blockchain and its own trust network. While Bitcoin was able to successfully build out its own network, generating and maintaining systems of trust and security was onerous. Placing this requirement on each new application that sought to operate on the Bitcoin network confounded both innovation and growth of the network.
Ethereum introduced a new approach to security that significantly enhanced extensibility and overcame many of these challenges, specifically by way of its modular design. The Ethereum Virtual Machine (EVM) enabled dApps to build permissionlessly on top of the Ethereum network by leveraging the underlying security on the Ethereum blockchain itself. One of the especially powerful features of this model is that it allows developers to focus on building innovative applications rather than building recursive trust networks over and over. The Ethereum model also establishes trust and security at the very base layer. So dApps being deployed on Ethereum do not require any reputation themselves and instead can leverage the underlying blockchain’s security for settlement.
However, Ethereum’s security model is not without limitation. Sepcifically, dApps that cannot be deployed on EVM cannot utilize the settlement layer of Ethereum. This applies to any application that requires its own actively validated system (AVS), which includes not only the obvious basket of alternative consensus protocols and virtual machines, but also infrastructure critical to the Ethereum ecosystem such as bridges and data availability layers.
This creates an environment not unlike the original Bitcoin security model: a new AVS is required to bootstrap its own trust network in order to gain security, it cannot leverage the underlying network’s pooled security. It also facilitates an ecosystem of smaller, fragmented pools of security and an inherent value leak within Ethereum’s security model, as each new AVS pushes cryptoeconomic security into their own self-contained system by necessity rather than into Ethereum’s base layer.
Another critical component is that validation services are not free. Validators must stake capital in order to secure the network and incur an opportunity costs for doing so. Capital and opportunity costs typically become the most expensive cost for any AVS, often requiring significant subsidies (which may or may not be sustainable) in order to offset these costs. In return, validators must receive incentives commensurate with their efforts and risks. Otherwise, they will not participate.
One last consideration is that fragmented security results in lower attack costs. Since each validated system is responsible for maintaining its own cryptoeconomic security, it will generally be much cheaper to attack an individual protocol than to attack Ethereum itself. This can negate Ethereum’s settlement layer power, as a successful attack on a middleware layer can break any protocol supported by it, rendering the security at the base layer completely useless.
The Restaking Mechanism
EigenLayer’s restaking mechanism leverages two fundamental ideas to overcome these challenges, namely pooled security and free-market governance. Collectively, these enable Ethereum’s base layer security to be extended to essentially any protocol built on top of it, irrespective of its composition (e.g. EVM-compatibility). This helps remove the efficiencies outlined above and creates a much more robust system in a few ways.
First, restaking creates an optimized system of pooled security. Staked $ETH that used as collateral to secure Ethereum, and is otherwise locked into that singular function, is repurposed to provide validation services to other protocols. Again, this is done through an opt-in process on EigenLayer. Once users opt-in, they agree to new slashing conditions to be imposed above the consensus layer in return for additional rewards. EigenLayer enforces this by obtaining the rights of the staked $ETH’s withdrawal credentials. In addition, participating validators grant the ability to impose new slashing conditions on their stake. So stakers that opt-in to EigenLayer earn additional rewards on their staked $ETH, while the validators that participate gain additional revenue from the AVSs that utilize their services. There is thus a strong incentive to participate in restaking and an equally strong incentive to act honestly, since on-chain verifiable slashing can be applied to capital.
Second, the notion of free-market governance allows protocols to actively control the amount of pooled security consumed while giving validators the same license over how much pooled security is supplied. So EigenLayer creates a competitive market for pooled security that is dictated by supply and demand. A key takeaway here is that validators are by no means required to provide pooled security without agency. Instead, they have the ability to determine their own preferred set of risk and reward parameters before providing services to a given protocol. This allows validators to selectively choose which protocols to bootstrap. In general, this incentivizes validators to pursue the most worthwhile servicing opportunities and avoid less promising protocols. EigenLayer’s restaking ecosystem therefore accelerates innovation across Ethereum while simultaneously increasing the profitability from staking.
This results in an open and competitive marketplace in which protocols can buy pooled security from $ETH validators and $ETH validators can sell pooled security to protocols, removing many of the inefficiencies that exist within current security models. More specifically, the burden of bootstrapping network security is mitigated since a new protocol can simply purchase security on the EigenLayer open market rather than generating and maintaining it internally. Restaking also lowers the marginal capital costs of validator services since stakers can rehypothecate their initial capital across many different protocols beyond native Ethereum, earning additional revenue in return along the way.
Restaking also fosters reinforced cryptoeconomic security since it aggregates and consolidates existing security into one place over time. So fragmented pools of capital move towards a more unified pool, making the model much more robust and resistant to financial attack, since the cost of corruption becomes substantially more expensive. Finally, value accrual is improved through restaking since $ETH stakers gain additional revenue streams by opting-in to EigenLayer to extend security.
EigenLayer Slashing and Enforceability
Again, EigenLayer’s restaking mechanism augments security by increasing the cost of malicious attacks significantly. This is largely accomplished through the consolidation of otherwise fragmented pools of security. As these pools converge on to EigenLayer, rather than existing independently of one another, the financial cost of attack becomes exceedingly more expensive than its financial reward.
In order to maintain this system, new slashing conditions are developed and enforced through EigenLayer by way of smart contracts that manage the withdrawal credentials for staked $ETH when a user opts-in. If malicious activity occurs, then slashing will occur and the staker will not be able to withdraw the original principal amount deposited. Under the current design of Ethereum, up to 50% of staked $ETH can be slashed. So when withdrawal is triggered, at least 50% of ETH will remain available. EigenLayer enables slashing the remaining 50% staked on the protocol.
Key Risks and Vulnerabilities
Generally there are two main attack vectors of EigenLayer. One is that many validators collude to attack a set of middleware services simultaneously. The other is that the protocols that leverage EigenLayer and are built through it may have unintended slashing vulnerabilities and there is a risk of honest nodes getting slashed.
Much of the EigenLayer mechanism relies upon a rebalancing algorithm that takes into account the different validators and their accompanying stake and security capacity and usage. This underpins the success of the protocol. If this rebalancing mechanism fails (e.g. slow to adjust, latency, incorrect parameters) then EigeinLayer opens itself up to different attack vectors, particularly around cryptoeconomic security. It essentially replicates the same vulnerabilities that it sought to solve with merge-mining. So attention must be paid to ensuring that the system is accurately updating any outstanding restaked $ETH and that it remains fully collateralized.
Macroview and Beyond
Restaking, if executed correctly, can create more efficient systems of cryptoeconomic security and resolve many of the challenges around fragmentation bootstrapping. It is also has the potential to make security very interoperable, as staked $ETH can be applied to essentially any protocol operating on Ethereum, irrespective of EVM-compatibility, and perhaps beyond. Developers can begin to focus more on innovation and building products, and less on bootstrapping security.
For end users, restaking presents a significant improvement in value accrual. Traditional staking is not capital efficient. Token holders essentially lock their capital into a given contract to earn a reward for contributing to network security. However, they must forgo other opportunities to do so. The advent of liquid staking derivatives creates more capital efficiency by enabling token holders to lock their capital in a staking contract, earn rewards, and then deploy the staking derivative capital elsewhere to earn additional yield. This requires a more proactive, hands-on approach, in which the user has the wherewithal, and perhaps most importantly, the timing, to earn additional yield. Any loss on this extension of capital is a loss on the underlying capital. So liquid staking is not without risk.
One of the most potentially powerful user features of EigenLayer is that restaking removes this sort of user-side risk. By opting in to a restaking contract, users effectively earn passive rewards on their extended capital. Moreover, the same capital investment that is otherwise locked on $ETH with a single revenue stream can now be rehypothecated to additional protocols, each with their own system of rewards. However it is important to note that this is not without risk. Users that opt-in to EigenLayer are still at risk for slashing on the consensus layer in addition to the new slashing conditions imposed by the protocol.
EigenLayer also has the potential to improve Ethereum fee model. In short, this model creates a flow of value that grows along with the network: Ethereum supplies security to all of the different dApps built on top of it, and in exchange, these dApps send fees back to Ethereum. The fundamental limiting factor of Ethereum’s model is that it is entirely exclusive to EVM compatibility. Enabling new protocols to participate here, rather than building their own pool of security, helps keep value flow locked within Ethereum and helps drive more revenue back to the network.
While there currently is no formal plan to launch an EigenLayer layer token, there are a few potential designs that could be useful here. One design in specific centers on participation and access, and would reinforce cryptoeconomic security, extensibility, and the protocol’s overall ability to scale to meet demand. That is, users that wish to participate in staking through EigenLayer must stake a minimum threshold of EigenLayer ($EL) tokens to be eligible. So each user that opts-in to EigenLayer would grant special permission to enforce slashing conditions on their staked $ETH as well as their staked $EL.
Under the current design of the Ethereum network, stakers can only have a maximum of 50% of their total staked $ETH slash, while EigenLayer can enforce slashing on the remaining 50%. This would add additional capital into the enforcement component and function similarly to an overcollateralized loan. Users, therefore, are at risk to lose more than just 100% of their staked $ETH if they act maliciously. This sets a considerable precedent for honest behavior.
A key risk for EigenLayer is the over-extension of cryptoeconomic security. As the protocol grows and more users opt-in to participate, that middleware layer becomes increasingly more at-risk for attack. The addition of higher capital requirements helps mitigate this risk, facilitates deleveraging, and improves extensibility all while enabling the protocol to grow with more scale. Moreover, if EigenLayer chooses to build across chains, this helps with bootstrapping and composability. Different networks have different staking parameters. The addition of $EL helps to normalize capital requirements. A chain-agnostic token also allows the network, and its users, to move between chains with less friction and more liquidity.
Further Reading and Resources
Cryptofunds, market makers, and trading desks can interact with these DeFi protocols with MetaMask Institutional
MetaMask Institutional offers unrivalled access to the DeFi ecosystem without compromising on institution-required security, operational efficiency, or compliance. We enable funds to trade, stake, borrow, lend, invest, and interact with over 17,000 DeFi protocols and applications.
Found this research useful? Connect with the ConsenSys Cryptoeconomic Research team at [email protected]
Disclaimer: ConsenSys Software Inc. is not a registered or licensed advisor or broker. This report is for general informational purposes only. It does not constitute or contain any individual investment advice and is made without any regard to the recipient’s objectives, financial situation, or means. It is not an offer to buy or sell, or a solicitation of any offer to buy, any token or other investment, nor is it intended to be used for marketing purposes to anyone in any jurisdiction. ConsenSys does not intend for any person or entity to rely on any facts, opinions, or ideas, and any financial or economic commentary expressed in this report may not be relied upon. ConsenSys makes no representations as to the accuracy, completeness, or timeliness of the information or opinions in this report and, along with its employees, does not assume any responsibility for any loss to any person or entity that may result from any act or omission based upon this report. This report is subject to correction, completion, and amendment without notice; however, ConsenSys has no obligation to do so.