Chainlink 2.0 — The Decentralised Finance (DeFi) Metalayer
The Chainlink 2.0 whitepaper was published on April 15th. Chainlink 2.0 aims to create a decentralised metalayer through hybrid smart contracts by having a large number of oracle networks serve users on an individual basis. The end goal of this, would be to have smart contracts interact with multiple oracles, just as users interact with multiple APIs in web2 today. In essence, Chainlink wants to take as much load off of smart contracts as possible. The DeFi metalayer will look something like an off-chain outcomes data factory. Large amounts of data will flow into Chainlink oracle networks and there will be large amounts of nodes offering more specialised services to report on complex values that DeFi smart contracts will call for. Developers will have the flexibility to pick and choose what oracles they need, which in turns allows them to simplify their smart contract code.
The role of nodes in Chainlink and how they can be exploited
The way Chainlink generates one standardised value to send to a smart contract is by aggregating all values it receives from individual nodes for a given variable. A service level agreement (SLA) normally defines how much an individual node can deviate from the aggregated result considered to be correct by the network (usually ~1%). Values are aggregated by the oracle and a median value is sent to a smart contract. This means if there are over 50% of nodes reporting a false value, this false value will be reported to a smart contract (which could have detrimental effects on the functioning of the smart contract it has been sent to). Nodes could have incentive to deliberately report false values if it is in their financial interest to do so. For example, nodes could have information asymmetry if they report false values of crypto-assets and conduct arbitrage across different exchanges reporting different values of crypto-assets (that they have contributed to). There are many different options or reasons that a node might have to report a false value to an oracle. Nodes can also be bribed to report a false value for the benefit of another agent.
Implicit and explicit incentives mitigate malicious behaviour of oracle nodes in Chainlink 2.0
Chainlink uses implicit and explicit economic incentives to ensure oracle nodes do not behave maliciously. Explicitly, Chainlink requires two ‘deposits’, one deposit that can be slashed for reporting an incorrect value not agreed upon by the aggregate network and another deposit that can be slashed for falsely reporting that a network of nodes have collectively reported a false value to an adjudicator known as a ‘second-tier’ (more on this later). Implicitly, Chainlink assumes rational economic actors (nodes) will send correct values to oracles because it is in their best interest to do so (i.e. there is an opportunity cost of rewards a node misses out on for behaving maliciously). Implicit incentives are known as the ‘future fee opportunity’ (FFO) in Chainlink. Chainlink are aiming to measure implicit incentives with their ‘Implicit-Incentive Framework’, a revolutionary attempt at quantifying opportunity cost of nodes that includes a node’s performance history, data access, oracle participation and cross-platform activity (e.g. nodes that might be on other networks such as Chorus One and how they perform on their with regards to downtime, slashing etc.). In fact, Chainlink has gone so far as to create an equation to find the implicit incentives of nodes, which can be found below:
This formula defines why a node in Chainlink would implicitly continue to report correct values to oracles because if they do not, they stand to lose their future fee opportunity (found in the equation above).
An interesting point to note about implicit incentives from Chainlink’s whitepaper is that of ‘speculative FFO’. New nodes that go live on Chainlink are betting that their expenses will be outweighed by their future fee opportunity. In essence, those running a node on Chainlink in the early stages are taking a speculative bet on the fact that they will earn considerable fees in the future. The ‘speculative’ side of FFO (i.e. betting on the future success of Chainlink) multiplies the implicit incentive for nodes to ensure they are behaving correctly because they have a stake in the network performing well. The speculative FFO is an interesting take on what the true value of this implicit incentive is. At Chorus, we believe the value of this implicit incentive is only just now becoming more understood by networks. This implicit incentive can be further strengthened by giving node operators more skin-in-the-game. For Chainlink, an existing network, this could mean an airdrop to node operators of x amount of tokens to ensure they care about the success of the network. An even greater implicit incentive might be for Chainlink to offer supercharged rewards (i.e. 2x rewards such as can be found in Mina) to node operators who have the greatest reputational equity, which would be a positive externality for the entire crypto ecosystem as nodes want to increase their reputation across all networks. For new networks, the implicit incentive could be strengthened by offering tokens to node operators in private sales to make sure they have further skin-in-the-game from the inception of a network. Incentivised testnets can also work well for new networks to encourage validators to get actively involved. The earlier a validator has skin-in-the-game and the larger that skin is early-on, the more attention a validator is likely to pay to the future success and security of the network. We will discuss the importance of implicit and explicit incentives for node operators on other networks in greater depth in a future article.
Enhancing explicit incentives for nodes to behave correctly via super-linear staking
Chainlink 2.0 introduces the concept of super-linear staking (or quadratic staking) to ensure nodes are incentivised to always report correct values (as agreed upon by other nodes). Chainlink has essentially created a second layer (known as tier in the whitepaper) that will be used as a backstop if a watchdog believes that an aggregated value being reported by a network of nodes is false. A watchdog is any node in the first-layer that alerts the higher second-layer when they believe a reported value is wrong. You can think of this system like a ‘dibber-dobber’ system. A watchdog is like a student in a class (tier 1) that the teacher (tier 2) trusts will always report back to him/her if the rest of the class misbehaves. To continue with this analogy, let’s say a teacher is leaving for 10 minutes and is offering a candy reward to all students if they do not misbehave when he/she is gone (this is like an explicit incentive deposit for all students) and a second reward for reporting if >50% of the class misbehaves (reward is given by stripping the explicit incentive deposit from misbehaving students). When the teacher leaves, over half of your class starts misbehaving, which means you cannot work because you are distracted. However, your misbehaving classmates want the best of both worlds, they want to misbehave and earn the reward (keep the deposit) from the teacher. Now let’s imagine that anyone can tell the teacher when over half the class is misbehaving to earn a reward but the teacher already has some randomised priority of how she will distribute the rewards from the explicit incentive of misbehaving students to a ‘winner-take-all’ system (i.e. only one student receives all the rewards ‘slashed’ from misbehaving students for dobbing on their peers). Now let’s imagine that the misbehaving students try to convince the behaving students to not report misbehaviour. If only 1 student reports misbehaviour, they will earn all of the rewards (deposit) of misbehaving students. Therefore misbehaving students need to pay more than the maximum reward one behaving student could receive to all behaving students. Keep in mind the priority, rewards are not even and therefore all rewards for a correct report of misbehaviour will go to one student. This is the super-linear quadratic effect of Chainlink 2.0 staking. It becomes much dearer to bribe behaving students (nodes) in the classroom because the maximum amount required to bribe an individual student is the maximum reward a student could receive from overall slashing of misbehaving students. The minimum adversaries must pay to ensure incorrectness is the maximum reward to every behaving student because if only one student tells the teacher, they stand to receive all rewards of misbehaving students (that’s a lot of candy). If rewards of misbehaving students were distributed equally, it would be much cheaper to convince (bribe) behaving students to falsely report to the teacher. In this sense, the tier system (having a second tier that has the final say) and watchdog priority (having a dibber dobber with some priority that stands to earn all rewards of misbehaving nodes for correctly reporting they are acting maliciously) ensures data integrity of reported values in Chainlink.
Economies of scale in Chainlink 2.0
Using super-linear staking and adding capped future fee opportunities per node contributes to economies of scale that can be achieved by Chainlink. Each new user that joins a decentralised oracle network lowers the cost for other users on that network and lowers the average cost per unit of economic security. Chainlink supposes the average cost per dollar of network security is the future fee opportunity / number of nodes. If in future Chainlink decides to cap the future fee opportunity at x per n, any fees that are > x per n will be reserved for new nodes that stake in that network. This achieves economies of scale because it is cheaper for an existing user to join an already existing network rather than to create their own (i.e. fees signal where nodes should be, nodes stake and join that network and security is higher). Due to super-linear staking, the more nodes that exist in a network, the more economically secure a network becomes (quadratically!). Economic security is provided by stake, nodes provide this stake and this can be used to find a node’s average cost per dollar of economic security (how much one node contributes to security in a network, the cost is lower as more nodes join a network when FFO is capped and hence economies of scale are found). Therefore there is an implicit incentive in itself for Chainlink to make sure it grows its staking business. The more total value locked grows, the more smart contracts that need oracles, the more funds that can be exploited, the more at risk Chainlink is when oracles are exploited to drain smart contracts, the more reputational risk Chainlink has, the more funds they will require nodes to stake, the more secure the network gets, the less expensive it is for one dollar of stake to secure the network, the more economies of scale Chainlink achieves.
Delegations on Chainlink 2.0
In any PoS network, it is critical that there is enough at stake of economic actors participating in the network to ensure they do not misbehave. To have more assets at stake in any network, barriers need to be lowered. Delegations were not mentioned in Chainlink 2.0, meaning holders of the $LINK token cannot natively delegate their assets to a node operator such as Chorus One. Currently, the only way for users to earn staking rewards in Chainlink 2.0 is by running their own node to report values for jobs that are assigned to them. However, delegation protocols are being worked on. For example, Linkpool are working on democratising staking rewards for $LINK holders via staking pools. The demand for $LINK delegation has been high since the inception of this service by Linkpool. We expect this demand to continue when Chainlink 2.0 goes live, especially because Chainlink 2.0 will likely require most nodes to have some collateral (stake) in order to report values for jobs. Delegation in Chainlink 2.0 gives users the opportunity to earn staking rewards on otherwise idle $LINK and allows nodes to report values on more jobs to increase their future-fee opportunity (FFO), both of which are a net positive for Chainlink. It is very possible that delegation demand could translate into a new era of $LINK liquid staking innovation.
To conclude, Chainlink 2.0 is secured by implicit (e.g. FFO) and explicit incentives (e.g. super-linear staking). The importance of oracle security has never been higher, as the value that oracles secure in DeFi grows every day. Any oracle exploitation is disastrous for DeFi, so it is important oracle networks such as Chainlink improve their security at the same rate that DeFi grows. The proactive approach of Chainlink to change their economics to capitalise on network effects (incentives to run more nodes) and economies of scale (security becomes cheaper as more nodes join) is timely and likely to sustain Chainlink’s position as an oracle market leader well into the future.