Third-Party Staking Services on Ethereum 2.0
Today, there are 120,000 Ethereum addresses that hold the minimum 32 ETH required to become a validator on the Ethereum 2.0 chain. Of course, not all of the existing and future ETH holders will have the technical ability or desire to operate their own validator client node(s) and help secure the Ethereum network.
Luckily, prospective stakers will have the option to stake their ETH through Staking-as-a-Service providers or exchanges that will run validators on their behalf. In a large scale survey we conducted, over 1/3 indicated their interest in using a third party provider to stake on Eth2. If you are one of them this post is for you!
In order to participate in the consensus finding of the eth2 chain and receive rewards for doing so, validators are required to sign attestations and propose blocks with their validator private key. This validator private key will be operated by the third party staking provider if you plan to stake on eth2 without running any of your own infrastructure.
It is important to note that trusting a single company with your validator private key effectively grants the provider unilateral operative control over your validator. This creates a single point of failure that can put your capital at risk if the provider experiences downtime, knowingly or unknowingly incurs a slashable event or needs to exit the system prematurely due to bankruptcy.
Exchanges with a large share of existing users such as Binance and Coinbase are well positioned to leverage existing customer onramps and reputation to extend existing business lines to offer eth2 staking on behalf of their users. Compared to smaller providers larger companies may also have sufficient economies of scale and alternative revenue streams to subsidize staking services at below market averages or 0% commission rates in some cases to drive further adoption or capture larger market share.
If a given company has concentrated ‘delegated staking power’ across a significant share of the overall network this poses potentially larger scale risks to the entire network. Considering that infrastructure providers typically operate the same infrastructure for multiple customers this raises potential concerns of simultaneous downtime and coordinated attacks. Moreover, since eth2 has anti-correlation penalty structures built into the protocol your incurred penalties increase by three times in proportion to all existing validators being penalized around the same time. If a staking provider, client or cloud provider (e.g. Amazon) with significant concentrations of stake accidentally goes offline or commits a slashable offence you will be penalized more than you would if you did something wrong but uncorrelated with others.
A quick explainer on Secret Sharing and Multi-Party Computation
Before we dive into the benefits of secret shared validators on Ethereum 2.0 let’s have a quick recap on its fundamental mechanisms. Secret computation relies on two core primitives.
The first primitive is secret sharing. Secret sharing is a mechanism by which a secret (or private key) is split and distributed across different participants in a way that each participant holds a share of that secret. Individual shares cannot be used to reconstruct the secret. To reconstruct the secret a pre-defined number (or threshold) of shares needs to be combined.
The second is Secure Multi-Party Computation (MPC). MPC allows for multiple participants to compute a function of their inputs in a privacy-preserving way. Applying MPC to secret sharing allows for secret shares to be distributed amongst participants, to perform decentralized computation of these inputs and generate the secret-shared output without reconstructing the secret on a single device.
Secret Shared Validators on Ethereum 2.0
Eth2 uses BLS signatures, a signature scheme that is defined over an elliptic curve (BLS12–381 for eth2). BLS signatures are additive, which means they are friendly to aggregation allowing for multiple signatures to be combined into one.
Thanks to this additive property, sharing a private key (e.g. using Shamir’s secret sharing mechanism) allows signing messages, without requiring reconstruction of the secret or a full MPC. By using a threshold signature scheme you are able to configure the number of shares you want to split your validator private key into and how many of these share signatures are required to compute the full BLS signature.
For example, if Alice wanted to diversify her risk and simultaneously contribute to the broader security and resilience of the eth2 network she could decide to split her private validator key into three shares, distribute each to a provider of her choice and require a ⅔ signature scheme to reconstruct the full signature. No individual provider would have unilateral control over her validator and there would no longer be a single point of failure.
So who are the winners of Secret Shared Validator schemes? Everybody.
The value-add of Secret Shared Validators on Ethereum 2.0
- Diversify your risk! This is achieved by eliminating unilateral control and a single point of operative failure of your validator(s). Moreover, the scheme could be leveraged to implement anti-correlation strategies, for example by selecting nodes from smaller providers with that are less likely to have correlated failures
For Staking Providers:
- Mitigate your liability! The eth2 protocol incentivizes validators (especially large ones) to reduce the likelihood of their validator failing at the same time as others. Allowing operators to distribute their validators across several machines and even data centers could mitigate this risk and associated liabilities.
- Level the playing field! Smaller validators with fewer signing policies are likely to behave in a way that is non-correlated to larger providers — this opens up avenues for mutually beneficial collaboration between providers of different sizes and proportional stake by offering secret shared validator services.
For the Network
- Increase security! Centralization poses potential risk and attack vectors for the network and its participants at large. Security has a direct impact on the value of Ethereum as a new global settlement layer. Focusing on the development of secret shared validators offers a path to practically achieve some of the decentralization and anti-correlation goals of the Ethereum 2.0 protocol that benefit all stakeholders in the network.
Call to Action and Existing Efforts
Jumping on Joseph Chow’s awareness campaign the practical implementation of Secret Shared Validators on Ethereum 2.0 will require:
- A specification for Secret Shared Validator Clients
- An implementation of Secret Shared Validator Clients
- A standard for operating Secret Shared Validators amongst different providers
- End-user friendly UX/UI to split private keys amongst different providers
With the impending launch of the official eth2 testnet the timing could not be better for the community to drive collective action to specify, implement and adequately test the implementation of Secret Shared Validators ahead of the mainnet release.
The PlatON team, supported by a grant from the EF, has already accomplished the goal of designing a secure multi-party computation algorithm levering an optimized SCALE-MAMBA implementation that exhibits desirable feasibility and performance goals. This project has been focused on the MPC implementation of the Proof of Custody scheme in Ethereum 2.0. Please see GitHub for further reference.
Please reach out to firstname.lastname@example.org if you would like to contribute and support this effort.
Thank you to Ben Edgington, Dankrad Feist, Joseph Chow and Collin Myers for their review and feedback.