This research aims to introduce and give our opinion on EigenLayer, a restaking primitive on Ethereum that enables users to rehypothecate their staked Ethereum to secure applications and earn additional yield. First, we provide a general overview of EigenLayer, diving deeper into what we believe to be its advantages and key vulnerabilities and risks. After reviewing the protocol, we evaluate EigenLayer’s adoption to date and provide our insight into its future. The target audience for this piece are crypto enthusiasts, researchers, investors, and builders who have an understanding of Web3 concepts such as staking and consensus.
The Fragmented Security Challenge
Over the past year, EigenLayer has taken Web3 by storm, fuelled by its potential to reinvent security of decentralized applications. Since the inception of Ethereum, cryptoeconomic security has been a fundamental challenge. In essence, the goal of most decentralized networks is to create robust cryptoeconomic security, capable of safeguarding users from exploits and bad actors.
A significant issue that arises during the creation of robust cryptoeconomic networks is the challenge of fragmented security. This predicament is particularly prominent within the Ethereum network. Broadly speaking, middleware and applications outside the realm of the Ethereum Virtual Machine (EVM) constructed atop the Ethereum network are tasked with establishing their individual web of trust. This approach is laden with inefficiencies. The initiation of security demands substantial expenses, drains resources, and requires a considerable amount of time. Furthermore, once initiated, the process of upholding and expanding a decentralized security framework is a continuous process. With the growth of new applications, the integrity of cryptoeconomic security becomes progressively scattered across the network. Each application has its own security and trust assumptions, many of which compromise the assumed security “guarantees” of Ethereum. As a result, non-EVM middleware obfuscates the users from the very thing that drove them to Ethereum in the first place.
Consider Chainlink or any “decentralized” oracle solution. While oracles are essential to thousands of applications, dApps that use oracles to power data streams are not relying on the Ethereum consensus mechanism or the 23.5 M of staked ETH (worth ~$40B) backing the network. Instead, applications rely on Chainlink’s off-chain consensus mechanism. We believe Chainlink’s oracles have inferior trust and security properties than Ethereum, evidenced by the hundreds of oracle exploits over the past few years.
EigenLayer is not the first proposal to secure oracles and other types of middleware with Ethereum validators. The oracle problem has been debated for years. In fact, enshrining oracles into the validator’s consensus mechanism has consistently remained a speculative idea put forth by visionaries like Vitalik and Justin Drake. However, none of these ideas have been adopted or implemented by the Ethereum foundation. The EigenLayer team noticed the gap in the market, and designed a protocol backed by years of research and coordination.
To address these challenges and seek to enhance security throughout Ethereum, EigenLayer has pioneered the restaking primitive. The restaking primitive enables the rehypothetication of $ETH on the consensus layer. Users that stake $ETH can opt-in to EigenLayer smart contracts to restake their $ETH and extend cryptoeconomic security to additional applications on the network. EigenLayer’s potential lies in its ability to aggregate and extend cryptoeconomic security through restaking and to validate new applications being built on top of Ethereum.
In some ways, EigenLayer follows what Cosmos did with Interchain Security (ICS). Typically appchains building on Cosmos must bootstrap their own security with their own validator set. However, if a new app chain employs Cosmos’ ICS, the validators within the Cosmos network will verify transactions and secure the app chain. This validation process, undertaken in exchange for block rewards, empowers emerging app chains to place their trust in Cosmos’ robust security mechanisms. As compensation for this service, Cosmos validators receive block rewards, providing the incentives to effectively secure the market.
EigenLayer has a similar objective as ICS, but uses a different mechanism with restaking. Simply, this means that Ethereum validators are allowed to stake already-staked ETH tokens again in other protocols and participate in their validation process. During the restaking process, ETH tokens are subject to both the slashing conditions of Ethereum and the new protocol. As a result, thousands of new applications can leverage Eigenlayer to bootstrap security. Additionally, Ethereum stakers can contribute to the decentralized trusts of new applications, while earning attractive yields. This is a new paradigm, opening up new possibilities to scale Ethereum, while introducing new risks and vulnerabilities.
EigenLayer is best understood as a marketplace for decentralized trust that connects three types of stakeholders: Stakers seeking added token yield, Services offering risk-reward structures for yield generation, and Operators acting as bridges between Stakers and Services. Stakers include individuals and native validators that hold staked Ethereum and are looking to take on additional protocol risk in return for higher yields. Services are simply any middleware application that wants to derive security from EigenLayer and integrate its smart contracts. They are commonly referred to as actively validated services (AVS). Operators are users who actually run the software built on top of EigenLayer. These operators enroll within EigenLayer, enabling stakers to delegate their responsibilities to them. Operators select which services they want to secure based on their own risk tolerance and capabilities.
From a technical standpoint, EigenLayer is a set of smart contracts enabling these three parties to connect and interact seamlessly with Ethereum staking. Stakers who choose to participate in the EigenLayer ecosystem grant operators the authority to incentivize actions using a mechanism involving slashing. In typical staking, Ethereum stakers have the option to specify a withdrawal address, which serves as a third-party address for receiving the ETH tokens when they decide to unstake. When this withdrawal address is assigned to a smart contract within EigenLayer, any ETH tokens subjected to slashing will be deducted from the initial principal.
This brings up an interesting question: how does Ethereum and EigenLayer distinguish which staked Ethereum it has the right to slash? Currently, if an Ethereum network validator behaves maliciously, they might lose up to 16 ETH from their staked 32 ETH as a penalty. EigenLayer simply extends this penalty to the remaining half, effectively doubling the risk for restakers on EigenLayer. As a result, validators boasting node specifications surpassing Ethereum’s requirements can employ EigenLayer to use their idle capacity to validate other protocols and earn incremental yield.
We believe that one of the most important features of EigenLayer is that it is permissionless, meaning that anyone can join as a staker, service, or operator. New services built on EigenLayer must define their own, arbitrary slashing conditions, allowing services to slash operators for any on-chain verifiable offense. Each service will have its own risk parameters, code quality, and trust assumptions. Stakers must choose which services they would like to secure or simply delegate their stake to an operator whom they trust to not get slashed. If a staker or operator believes a service has an unsafe slashing mechanism, then they can simply not opt-in to serving that application. The obvious advantages of this approach are the network effects, driven by permissionless innovation. The downside is that the network is open to bad actors, both ones with malicious intent and ones that do not value robust testing and auditing.
Restaking on EigenLayer works for both natively staked ETH and liquid staked tokens like stETH, rETH, cbETH, and LsETH.
For liquid restaking, the process involves locking a liquid staking derivative token (such as stETH or rETH) into the EigenLayer smart contract. This action grants EigenLayer explicit authority to apply penalties (slash) to the token or, if necessary, redirect and burn it. These measures are taken in the event of misbehavior by the node operator.
Conversely, native restaking is tailored for Ethereum homestakers who actively manage their nodes. In the conventional setup, the withdrawal credential, dictating the entity authorized to withdraw the staking position, is usually associated with the staker’s personal address. However, in the case of native restaking, this credential is instead linked to the EigenLayer smart contract. This adjustment empowers EigenLayer to directly access and withdraw the staked assets from the Ethereum network.
Compared to liquid restaking, the native approach carries greater potency. Native restaking allows the protocol to engage directly with the Ethereum core protocol, eliminating the intermediary layer introduced by the LSD-provider in the liquid mechanism. Additionally, the utilization of independent nodes enhances the protocol’s decentralization, bolstering its security by introducing more nodes and making collusion more difficult.
There are hundreds of applications and middleware that can benefit from Eigenlayer, spanning oracles, data availability layers, bridges, settlement layers, decentralized sequencers, and possibly even new execution environments. The EigenLayer team is building some of this infrastructure in-house, but will rely on developers to use EigenLayer to bootstrap security for their applications. Some notable use cases where EigenLayer can enhance shared security between Ethereum and middleware are:
- Data Availability: EigenLayer could be used to build and hyperscale a Data Availability (DA) layer with a high availability rate and low cost. The EigenLayer team is already building EigenDA, its own DA layer. Ensuring data availability is essential for security and scalability, especially with the proliferation of layer 2 solutions including ZK and optimistic rollups. By using highly valued and trust ETH tokens to secure its DA layer, EigenDA is positioned to build a robust, secure solution.
- Decentralized Oracles: As mentioned earlier, decentralized oracles have been criticized for their security properties and history of exploits. Using EigenLayer, developers could build their own oracles for off-chain data where validators or nodes must restake Ethereum. The restaked ETH would be slashed if the nodes provide incorrect data streams or are offline.
- Bridges: Bridges, specifically light node bridges, could use EigenLayer to bootstrap security. EigenLayer restakers can validate off-chain whether the bridge inputs are accurate. If a consensus is obtained, the inputs are accepted and the transaction will go through. In the event of a challenge, then the input can be verified and EigenLayer operators can be slashed if deemed incorrect.
- Decentralized Sequencers: ETH restakers can form a single decentralized sequencer quorum that orders translations on rollups. This is particularly helpful for decreasing centralized MEV capture and enabling censorship resistance
We believe that one of EigenLayer’s biggest advantages is its flexibility, which will enable more developers to build on top of it. While projects building on EigenLayer will leverage staked Ethereum for security, projects can still have their own tokens. The token can be used for governance, transaction fees and value capture, complementing security derived from Ethereum. Additionally, dual staking can be done with EigenLayer. In this scenario, consensus would be achieved by aligning both the validators restaking Ethereum through EigenLayer and validators staking a project’s native token. The potential advantage of this approach is stronger security, creating a more trustworthy network that can withstand volatility and bear markets. There are many cases where a blockchain network issues its own token to secure itself, but the security is short lived. Over time, token inflation and a fleeting user base cause the token’s value to plummet, destroying the security of the network. With dual staking, projects can rely on Ethereum validators in addition to their own, positioning them to withstand large drawdowns. The large market capitalization and low volatility of ETH can provide a significant level of security enhancement for middleware.
Key Risks and Vulnerabilities
While some are hailing EigenLayer as one of the most important developments in Web3 since Ethereum itself, the protocol has its skeptics. Most notably, Vitalik Buterin, the founder of Ethereum, has expressed his concerns with overloading Ethereum’s consensus.
There are two main types of risks with EigenLayer: (i.) risk confined to EigenLayer and its operators/ stakers and (ii.) systemic risk that EigenLayer brings to Ethereum.
The first type of risk is largely unavoidable, but preferable as losses are kept contained to the validators and users who opted in to participating in and using a service built on EigenLayer.
Generally there are three main vulnerabilities inherent to all services built on EigenLayer:
- Collusion risk: Malicious validators could collude to form a majority, potentially putting a protocol’s security at risk. This vulnerability is apparent in any decentralized network. The key to reducing this risk is having a robust set of validators, distributed geographically with proper oversight and monitoring.
- Slashing vulnerabilities: Protocols built through on EigenLayer may have unintended slashing vulnerabilities. As a result, there is a risk of honest nodes getting slashed, leading to losses for restakers. Furthermore malicious protocols could intentionally slash restaked ETH. Due to the permissionless nature of EigenLayer, validators must perform rigorous diligence to ensure the protocols they secure are safe.
- EigenLayer smart contract risks: Smart contracts drive slashing on EigenLayer, opening up an additional attack vector. Specifically, EigenLayer employs a rebalancing algorithm that takes into account the different validators and their accompanying stake and security capacity and usage. If this rebalancing mechanism is too slow to adjust or fails, then security on some services could be compromised, resulting in potential losses. It is crucial to ensure that the system is accurately updating any outstanding restaked ETH and that it remains fully collateralized.
Beyond risk confined to EigenLayer, there is systemic risk EigenLayer could bring to Ethereum. Most notably, EigenLayer and the staking primitive could pressure or overload Ethereums’ social consensus. This risk does not exist in every use case of EigenLayer; Protocols using EigenLayer to allow Ethereum validators to participate and vote without incentives will generally not pressure Ethereum’s social consensus. If everything breaks, the losses are confined to the validators and users who opted in to participating in and using the protocol. However, there are some protocols using EigenLayer that may “borrow” Ethereum’s social consensus. Ethereum’s social consensus acts as a coordination system where stakers decide how to resolve subjective problems. When these EigenLayer protocols break, they may tie in the broader Ethereum ecosystem social consensus to fork or reorg to save their protocol.
Why is this threatening to Ethereum? If Ethereum validators fork a protocol secured by staked ETH, validators will naturally take sides, cleaving apart Ethereum and undermining its cohesion and security. Borrowing Ethereum’s social consensus to fork services connected to the real world (ie. Oracles) could potentially divide Ethereum and erode its resistance to censorship. As a result, developers building on EigenLayer need to understand this risk and ensure that their protocol is not pressuring Ethereum’s social consensus.
How has EigenLayer done?
EigenLayer is conducting a guarded launch with three phases. During phase 1, stakers can onboard onto EigenLayer, depositing stETH, rETH and cbETH into three different pools. Phase 2, expected to kick off in Q4 of this year, will onboard node operators that can receive delegation from restakers. Phase 3, which should begin in early 2024, will focus on onboarding services and transitioning EigenLayer to a permissionless framework.
In mid June, EigenLayer, launched its mainnet, initiating phase 1 of its Go To Market Plan. On launch day, EigenLayer’s three restaking smart contracts each reached their maximum limit of 3,200 liquid staking tokens. Since launching EigenLayer has gradually increased its liquid staking token cap. As of August 23, EigenLayer has over 140,000 staked ETH, worth around $240M. While it’s too early to evaluate EigenLayer’s performance or security, the demand for restaking is extremely high and impressive. It’s clear that LSD holders are searching for additional yield opportunities and view EigenLayer as a risk-adjusted protocol to receive yield.
Final Thoughts and the Future of EigenLayer
Despite its vulnerabilities, we think EigenLayer is incredibly innovative. Trust networks in general are hard to bootstrap, and even harder to get or keep decentralized. We believe EigenLayer provides some applications a better and more robust way to secure their network.
But is EigenLayer the best solution to the fragmented security problem? The answer to these questions depends on the context and each individual application. A more effective approach to bootstrap and secure middleware with native validators could involve integrating MEV into a system. Ethereum validators could opt in to provide additional security for non-EVM middleware like bridges without restaking. In this example, validators would receive MEV rewards for honest behavior, positioning the validators in a trusted stance. In this design, validators would be incentivized to secure middleware without introducing additional risks of slashing on staked $ETH.
The obvious issue with this approach is that some applications do not generate enough MEV to effectively incentivize native validators. A decentralized sequencer could implement this framework, but an oracle that generates no MEV couldn’t. This example illustrates the fragmented security problem probably won’t be solved with a “one size fits all” approach.
Moreover, it’s clear that not all restaking services leveraging EigenLayer will have equivalent risk properties. Due to the permissionless nature of EigenLayer, there will be malicious applications that leverage EigenLayer to exploit and slash stakers. There will also be risky, poorly tested applications with no malicious intent that have several vulnerabilities, leading to losses for restakers. Finally, there will be robust, well designed applications on EigenLayer that offer high, risk-adjusted yields. The beauty of EigenLayer is that everything is opt-in. Applications don’t need to use it for security and Ethereum stakers don’t have to restake on it and take on additional risk.
Regardless of its limitations, we belive EigenLayer will play a major role in the future of Ethereum applications. It’s extremely innovative and it’s likely the protocol will attract billions of dollars in staking over the next year with some large projects on EigenLayer such as EigenDA taking off. It won’t be surprising if a major project like a large Layer 2 rollup or bridging solution integrates with EigenLayer and secures itself with Ethereum staking or some form of dual staking.
Despite EigenLayer’s wide range of acceptance, it will impact Etheruem and the next batch of decentralized applications. The most important thing is that Ethereum users and developers understand the risks and constraints of EigenLayer and build projects that limit systemic risk. All things considered, we believe EigenLayer should be a welcomed innovation to Ethereum.
The information provided in this blog post is for educational and informational purposes only and is not intended to be investment advice or a recommendation. Struck has no obligation to update, modify, or amend the contents of this blog post nor to notify readers in the event that any information, opinion, forecast or estimate changes or subsequently becomes inaccurate or outdated. In addition, certain information contained herein has been obtained from third party sources and has not been independently verified by Struck. The company featured in this blog post is for illustrative purposes only, has been selected in order to provide an example of the types of investments made by Struck that fit the theme of this blog post and is not representative of all Struck portfolio companies.
Struck Capital Management LLC is registered with the United States Securities and Exchange Commission (“SEC”) as a Registered Investment Adviser (“RIA”). Nothing in this communication should be considered a specific recommendation to buy, sell, or hold a particular security or investment. Past performance of an investment does not guarantee future results. All investments carry risk, including loss of principal.