Author: BlockSec

Abstract

1. The core technology of EigenLayer, Restaking, allows decentralized services (AVS) to reuse the staking fund pool of Ethereum and enhance the trust mechanism. When the withdrawal credentials of ETH validators are redirected to the EigenLayer contract, AVS can set up reward and punishment mechanisms to attract low-cost validation participation, increase the capital utilization of validators, and enhance the overall network security.
2. EigenLayer introduces new micro and macro security challenges in the "consensus selling market." The subjects of the market, ETH validators (Operators), the demand for decentralized PoS trust service projects (AVS), and the EigenLayer platform itself constitute an interactive structure in the ecosystem. Each part may face security threats that affect the stability of the entire ecosystem. Malicious Operators may attack multiple services at a lower cost under the Restaking mechanism; malicious AVS may use surface propaganda and seemingly credible return rates to attract uninformed Operators to join their service system, leading to slashing and irreversible losses; the rapid development of the ecosystem poses higher security requirements for the EigenLayer protocol.
3. Professional audits and reliable dynamic protection measures are the cornerstone of ensuring the platform and user security. In addition to innovation, the EigenLayer ecosystem also needs a robust security framework to address new challenges. BlockSec continues to build in the field of blockchain security, providing professional code audits and dynamic security protection after deployment to support the continuous growth of this ecosystem.

Introduction

Based on the Ethereum protocol, EigenLayer innovatively proposes the Restaking function, allowing participants to further utilize their staked ETH to support other protocols while maintaining their original staking and earnings, maximizing the potential value of capital.

From an initial $1 billion in early 2024 to the current $15.3 billion, EigenLayer's TVL ranks second only to Lido in the entire DeFi ecosystem. The explosive growth not only demonstrates strong market interest but also validates the practicality and influence of its technology. With this growth, projects based on the EigenLayer ecosystem, such as Puffer Finance and Renzo, have quickly gained capital and user favor. The Restaking track centered on EigenLayer is undoubtedly one of the most eye-catching narratives in the DeFi ecosystem this year.

As a company focused on blockchain security, we will analyze and discuss the operational mechanism of EigenLayer from a macro to micro security perspective, exploring the new security challenges and tests it brings to the innovative DeFi ecosystem.

Top-level Design and Macro Security

Restaking is essentially a fundamental means of further addressing specific problems by reusing the trust provided by the Ethereum Proof of Stake (PoS) staking fund pool. As the pioneer of Restaking technology, EigenLayer provides a two-way free sale of Ethereum fund pool trust to an emerging market, namely, it provides a consensus selling market. EigenLayer claims that the current Ethereum ecosystem is facing a macro security issue of trust fragmentation, and EigenLayer can effectively address this issue. Next, starting from the design and motivation of EigenLayer, we will understand what trust fragmentation is and how EigenLayer resolves it.

1. Who are the service objects of the consensus selling market? Who are the two parties involved in the two-way freedom?

EigenLayer sells the trust provided by the staking fund pool of Ethereum, so the seller of the consensus is the Ethereum validator. The buyer, the Actively Validated Services (AVSs), actively seeks to purchase distributed trust as buyers. In simple terms, it can be understood as individual services that need to build a distributed trust network. AVS, as the buyer, has the demand to purchase distributed trust.

2. Why does this emerging niche market need to exist? What problem does it solve?

Ethereum only provides innovative nature at the contract level. However, developers have more "deep-level" innovation needs, such as attempting to modify the program's operating environment (in Ethereum, it is the Ethereum Virtual Machine EVM), or further hoping to modify the consensus protocol.

Figure 1: EthereumTrustFlow, Source: EigenLayerForum

The founder of EigenLayer views these developers' desire for underlying innovation as an unsatisfied market demand, as a problem of limited innovation, and attempts to solve this problem by providing a free selling market for reusing Ethereum trust, meeting developers' innovation needs, and reducing innovation costs.

EigenLayer also addresses the macro security issue caused by Ethereum's limited innovation, namely, trust fragmentation. In Ethereum's PoS mechanism, network security depends on a sufficient staking fund and the number of validators. New projects attempting to establish their own trust network often need to stake their own tokens, leading to the diversion of staking funds from the Ethereum mainnet, affecting its security. For example, if the staking fund on the Ethereum mainnet is $10 billion, and the total staking distributed to three sub-services is $3 billion, the actual increase in staking funds does not directly enhance the security of the mainnet. In addition, trust fragmentation may also increase the security risks of DApps, as attackers may target sub-services with less funds, exploiting weaknesses in the system to cause more widespread security issues.

Figure 2: Pooled security of EigenLayer, Source: EigenLayerWhitepaper

In summary, the current Ethereum ecosystem is facing both the problem of limited innovation and trust fragmentation caused by limited innovation. EigenLayer was born to address these two issues.

3. How does EigenLayer address these issues?

Figure 3: Comparing the ecosystem of actively validated services today and with EigenLayer, Source: EigenLayerWhitepaper

Existing AVSs cannot access the Ethereum staking fund pool, nor can they perform Slashing. Restaking technology opens a channel for AVSs to access the Ethereum staking fund pool in the form of an interface, and this channel is EigenLayer. In the abstract layer of EigenLayer, services exist in the form of smart contracts, with the Ethereum underlying layer ensuring the platform's reliability. Through this platform, AVSs can define their validation requirements and reward and punishment mechanisms to attract ETH validators to participate at a lower cost, thereby enhancing the security and efficiency of the entire network. These services include deploying dedicated Slashing and Payment Contracts, allowing validators to choose to participate based on their needs to earn profits.

4. Does EigenLayer effectively address these issues? Are there any associated costs?

First, regarding the issue of limited innovation, by reusing the trust provided by the Ethereum staking fund pool, AVSs can indirectly absorb Ethereum's trust, effectively reducing the startup costs of such services and providing a prerequisite for the prosperity of the blockchain ecosystem.

Next is the more critical issue of Ethereum's trust fragmentation. On one hand, investors supporting AVSs through Restaking via EigenLayer is a more profitable choice, which can significantly support the staking funds diverted to decentralized services to flow back to the Ethereum staking fund pool. On the other hand, the cost of participation for validators becomes lower. For AVSs themselves, they can attract more Restaking assets at a lower cost, which strengthens the weakest link in the chain of potential attacks, thereby enhancing overall security.

From a design and motivation perspective, many projects have made mature attempts at innovation, such as Cosmo, OP Stack, and others. These projects allow emerging projects to launch a new public chain at a relatively lower cost, but they have not addressed the macro security issue of trust fragmentation. EigenLayer's resolution of the macro security issue of trust fragmentation, along with the lower threshold for AVSs and higher returns for ETH validators (accompanied by risks), is very attractive and unique.

Security of the Emerging Ecosystem

EigenLayer's trust selling market can be divided into three main entities:

• Operator, commonly known as an ETH Validator, the seller of trust;
• AVS, a service project requiring decentralized PoS trust, the buyer;
• The EigenLayer platform supporting Operators and AVSs, the market itself.

These three entities constitute the EigenLayer ecosystem, and each part may face security threats that affect the stability of the entire ecosystem.

1. Reduced cost of malicious Operator activities

ETH Validators in the EigenLayer ecosystem only need to invest a capital to receive multiple returns. This significantly increases the utilization of staking funds, lowering the barrier for Operators to enter the trust network of AVSs. Correspondingly, Operators also need to undertake the validation tasks specified by the AVS, assuming additional risks. The increased utilization of funds significantly reduces the cost of malicious activities for Operators.

This risk is mentioned in the whitepaper, which provides a potential solution: setting up a Dashboard that can be accessed by anyone. In the case of maliciously high fund utilization, AVSs can use the Dashboard to check whether the Operator providing Restaking staking funds is in a multi-staking state, how many times they have staked, and more. The whitepaper emphasizes that this is a two-way free market and does not care about malicious fund utilization, and does not allow multiple staking, which can clearly attract more Restaking staking funds, depending entirely on the considerations of the AVS.

2. Attracting blind Operators by malicious AVSs

In the EigenLayer market, AVSs mainly provide reward and punishment mechanisms for Restaking staking funds, and the reward and punishment mechanisms are determined by the AVS itself, with corresponding Contracts deployed on the Ethereum mainnet. Operators and EigenLayer can also demand that AVS projects open source such contracts, but we cannot guarantee that every Operator has the ability and resources to confirm the reliability of the AVS service they want to purchase. The absolute freedom of AVSs may lead to malicious AVSs attracting Operators through false or exaggerated information, exploiting contract coding vulnerabilities to trigger Slashing through backdoors. Markets tend to be profitable, and malicious AVSs may attract relatively blind Operators, ultimately suffering from malicious slashing and irreversible losses.

To avoid such events, security and reliability for the reward and punishment mechanisms of AVSs can be ensured through audits. The EigenLayer whitepaper hopes that the reward and punishment contracts of AVSs will need to undergo reasonable audits and evaluations. At the same time, the whitepaper proposes the establishment of a committee to supervise the Slashing reward and punishment mechanism to help emerging AVSs get on the right track.

3. Platform Security

Finally, there is the security of EigenLayer itself, the platform's security. If EigenLayer itself has security flaws, it will pose a huge threat to the entire ecosystem, and even directly threaten the security of Ethereum's PoS consensus. Considering that EigenLayer aims to provide a two-way free trade market for Operators and AVSs, it needs to provide more custom interfaces for both parties to support richer demands. This rich demand will make the abstraction layer more complex, leading to more potential security threats.

Since EigenLayer itself is also implemented by contracts, its basic security can also be guaranteed through code audits and post-deployment monitoring, but as mentioned earlier, these contracts still need to stand the test of time.

Conclusion

EigenLayer innovatively introduces the Restaking mechanism, optimizing the use of funds, enhancing network scalability, and addressing the macro security issue of trust fragmentation. However, in addition to its many innovative advantages, it also introduces new security challenges and potential risks, such as the reduced cost of malicious activities due to increased fund utilization. Therefore, for blockchain developers, investors, and security experts, it is crucial to pay attention to associated issues and seek solutions.

As a company focused on blockchain security, we recognize that in order to maintain the security of the entire DeFi ecosystem, in-depth audits of EigenLayer and its ecosystem's code, as well as the implementation of dynamic monitoring and security protection measures, are crucial. Security should be fully considered during the design and implementation of AVSs, and professional audits, dynamic monitoring, and security protection are the cornerstones of ensuring platform and user security. As blockchain technology continues to evolve and market demand grows, EigenLayer and its ecosystem need not only innovation but also a strong security framework to address new challenges. Therefore, we will continue to build at the forefront of security, providing detailed code audit services and post-deployment monitoring and dynamic security protection for more projects, supporting the continuous growth of this ecosystem.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。