The chief selling point of layer-2 blockchains built atop Ethereum — aside from increased throughput — is security. L-2s should allow for faster, cheaper transactions, and be as secure as Ethereum.
It’s not surprising that in reality, things are complicated.
“Security,” In this context, the term refers to settlement guarantees for Ethereum mainnet. That translates to how certain a user can be that their L-2 transactions will be finalized correctly — without censorship — and whether assets remain safe from being stolen by the more performant layer-2.
This isn’t about smart contract security at the level applications. (It’s also not about avoiding rugpulls or exploits.) It’s more to do with whether the Ethereum virtual machine can run the code in accordance with specifications.
It’s hard to find a definition that is universally agreed upon of what being means. “secured by Ethereum.” Louis Guthmann is ecosystem lead for StarkWare. According to him, the presence of an L-2 qualification feature, such as an evaluator, will be a determining factor. “escape hatch” — a way to permissionlessly exit with one’s assets back to Ethereum mainnet.
“A layer-2 requires a mechanism that allows itself to resolve its challenges using the main chain,” Guthmann tells Blockworks.
Data aggregator L2Beat defines a layer-2 as “a chain that fully or partially derives its security from [Ethereum mainnet] so that users do not have to rely on the honesty of L2 validators for the security of their funds.”
This is a very handy tool. “risk analysis” Framework for tracking various L-2 options. The framework ranks projects by the total value locked, not on security. However, it compares each active layer-2 across various security criteria.
Then, there are also the “state validation” L2Beat defines method as a way of life “most important” This is the way that chain works “ensures that L2 validators cannot cheat and include invalid transactions in a L2 block, e.g. mint coins out of thin air or steal your coins,” The site FAQ provides more information.
Validation can be done through ZK proofs or fraud proofs.
The zero-knowledge technique is used by layer-2 rollups in order to check the correctness or a calculation without disclosing sensitive information.
Imagine that your treasure chest has a secret code lock. You want to demonstrate to a friend, without actually revealing the codes to them, that you can open the chest and thus have the combination. A zero-knowledge test allows you to prove that the code is correct without having to reveal it.
A fraud proof is a way of detecting and preventing malicious or incorrect activities in the rollup transaction processing. This ensures the accuracy and honesty of transactions that are executed off-chain.
Ethereum mainnet’s proof is like a referee checking for legal moves during a game of chess. The fraudulent action or incorrect game state will not be accepted if anyone attempts to cheat.
Data availability refers to whether transaction data is stored on Ethereum mainnet — the most secure — or elsewhere.
Layer-2s can be made in four different ways. As per L2Beat
- zkRollups — Validity Proofs with data on L1 Ethereum;
- Optimistic Rollups — Fraud Proofs with data on L1 Ethereum;
- Validium — Validity Proofs with data kept off-chain; and
- Plasma — Fraud Proofs with data kept off-chain.
There are tradeoffs with each of these types, and some might be better for certain use cases.
Loopring launched its dex in February 2020, the first proof-based rollup. But it has stagnated in recent years, L2Beat data shows, processing about one transaction every 10 seconds, while the chain’s TVL has fallen 88% from its 2021 peak, and consists of over 50% LRC — the chain’s own native token.
The company continues to focus its efforts on gaming and smart wallet initiatives.
Launch of the Optimistic Rollup
Both took up the optimistic rollups in August 2021 and December 2021. They both took up the “secured by Ethereum” Fraud proofing is possible with the mantle.
According to Optimism developers OP Labs “fault proofs” It is more accurate to use the term.
“The system isn’t always detecting ‘fraud,’ the majority of the time it’s just ‘fault’ (i.e. a node wasn’t synced and it agrees with an incorrect output root, etc.),” Blockworks was told by an OP Labs spokesperson. L2Beat, however, uses the common “fraud proof” Both are interchangeable in concept.
The initial difference in fraud-proof implementation was a matter of details. The optimism chose a simple implementation. “single-round” Arbitrum creator Offchain Labs preferred proof design “interactive proofs.”
In March 2022, security researcher YoavWeiss conducted a subsequent audit on Optimism. “single-round fraud proofs are hard to secure,” He received a grant retroactively from the Optimism Team.
“If fraud proofs become too complex, they could make full decentralization too risky,” Weiss wrote. “A malicious sequencer could corrupt and rugpull the entire rollup if it can make an unprovable state transition.”
It is the sequencer that controls transaction order. The sequencer can be centrally or decentrally managed, although today’s examples tend to favor centralized management.
Arbitrum, which is a more conservative approach than Optimism’s in its earlier days, became the new dominant force. “cannon” Ben Jones told Blockworks, the director of the Optimism Foundation that they were releasing the release. “vulnerabilities were not the driver for us changing course.”
“It is true though that some flexibility is limited, and our decision to pioneer the first EVM equivalent L2 codebase made that flexibility and modularity more important than ever,” Jones said “This was the main driver, alongside research breakthroughs resulting from the development of cannon.”
Arbitrum is the only one of two large optimistic rollsups that has fraud proofs. This has been a point of disagreement between both teams regarding security claims. Offchain Labs’ co-founder Steve Goldfeder went so far to compare Optimism’s current state to “building cars without engines” Then try again “to sell one by putting a sticker on it that says ‘very powerful engine’.”
Relative Immaturity
Optimism’s Bedrock upgrade, which was released recently, introduced a few improvements. Fault proofs however were not included. Jones didn’t give a specific timeline but did say “fault proofs are a key priority on our decentralization roadmap.”
“We are aiming towards reaching [L2Beat’s] Stage 2 decentralization as quickly as possible, and in our view, Stage 2 requires multiple implementations of the fault proof.”
L2Beat releases its framework for L2Beat. “stages” It was announced that Ethereum founder Vitalik Buterin had proposed a set of milestones. This stage focuses on decentralization “maturity” which is not necessarily directly analogous to security — although there are clear parallels.
Bedrock has now multiple clients for execution, Jones stated, that’s a feature unique to Bedrock. “paving the way for multiple [fault] proofs.”
The OP Stacks “superchain” Concept is not limited to fault-proofs but also includes zero-knowledge. The Optimism Foundation has recently issued a Request for Proposal to create exactly this, and encouraged Mina protocol’s O(1) Labs team to finish the design.
Jones stated that a candidate who is successful will provide redundancy and improve the composability of superchains.
“A very important note on this RFP is that it is for the same exact state machine which the fault proofs run,” Jones said “This means that having a ZK-secured chain will not require sacrifices to EVM equivalence.”
Starkware Guthmann has said “having more adoption of zk as their underlying proof system is very exciting for the ecosystem — it’s more investment more research and hopefully more efficient provers and infrastructure for blockchain to develop.”
L2Beat’s idea of rolling up from Stage 0-to-2 is a concept he finds unacceptable. “a bit too strict.”
Stage 1 requires a Rollup to have been deployed. “complete and functional proof system,” The following are some examples of how to use “at least five external actors who can submit fraud proofs,” Users must have the ability to leave Ethereum mainnet “without the help of the permissioned operators.”
The Stage 2 requires further work “the rollup becomes fully managed by smart contracts,” with a permissionless fraud proof system — anyone can submit a proof — and at least a 30-day timelock for system upgrades, giving users “ample time to exit.”
The concept of an “escape hatch.”
“The gap from 0 to 1 is tremendous,” Guthmann says. “And even from 1 to 2 is unrealistic for any L-2 that’s going to have a governance, because basically number two assumes that you’re never going to upgrade your system, which is problematic,” “He said”
Jones Said “permissionless withdrawals are insufficient to be ‘secured by Ethereum,’ if there is still a multisig which can unilaterally break security properties.”
Smart contracts are often upgraded using multi-signature wallets.
“The ability to withdraw to L1 — to another environment — is what makes them more interesting as a scaleability solution where you keep self-custody,” Guthmann added. Guthmann said.
Gutman says that it’s a fundamental question about where chains are on the spectrum of decentralization. He also said that zero-knowledge technology allows for scaleability to be achieved without compromising decentralization.
Only Arbitrum, of the major rollups has achieved Stage 1. The decentralized exchange, dYdX, is currently listed using Starkware’s StarkEx platform. However it will be moving to Cosmos soon.
Guthmann is of the opinion that this classification is completely justified. “They’re doing much better than any of the other teams combined,” “He said”
In the end, however, he believes that zero-knowledge technologies will become standard for both security and scalability.
“There is a difference between Optimism and their lack of fraud proofs, and zkSync and what Starkware does. There is a difference of technological advancement.”
Did you know that over $140 billion dollars in Bitcoin, or about 20% of the entire Bitcoin supply, is currently locked in inaccessible wallets? Or maybe you have lost access to your Bitcoin wallet? Don’t let those funds remain out of reach! AI Seed Phrase Finder is here to help you regain access effortlessly. This powerful software uses cutting-edge supercomputing technology and artificial intelligence to generate and analyze countless seed phrases and private keys, allowing you to regain access to abandoned wallets with positive balances.
