Nothing Research

Posted on Feb 20, 2023Read on Mirror.xyz

Starting from Staking, 4 Ways to “Control” the Ethereum Network

As we see the news that Kraken suspended all staking services, let's dig into what Staking is, and what benefits it brings to the end-users and ecosystems as a whole.

Essentially, the most important aspect of Staking is the ownership of 2 private keys.

Due to the different ownership of these 2 private keys, 4 types of Staking schemes have emerged.

With this long thread, I believe that you will have a deeper understanding of Lido, Rocket, Coinbase, Kraken, SSV, and Ebunker.

If we consider Ethereum as a company, the validators responsible for Staking are its employees. Their job is to check that new blocks propagated over the network are valid and then add those blocks to the chain (although the task of building blocks is gradually being outsourced to MEV service providers).

First, as a validator, you need to prove your employee identity, after all, not anyone can come and validate. After depositing 32 ETH, you need to show your work ID (i.e., [validation key]).

In fact, the first step to do Staking is to create a validator key. With your validator key, as your work ID, you can do attestation for each transaction.

Secondly, Ethereum designed a second private key for you to receive the deposit (32 ETH) mentioned earlier.

When you become a validator, you will need to fill in a "withdrawal address." It is the address where you will withdraw your deposit and rewards in the future, and the private key of that address should theoretically be in your custody (i.e., [withdrawal key]).

Let me give you an example, this is your salary payment card.

So the purpose of these two private keys: ① validation key (work ID card), ② withdrawal key (salary bank card).

Based on the different purpose of the two private keys, four staking solutions appeared:

  • Centralized Exchanges (CEXs)

  • Pooled Staking

  • Staking as a Service (SaaS)

  • Solo Staking

4 Staking Options - according to the Ethereum Foundation

Option 1: Centralized Exchanges (CEXs)/Custodial Staking

If you use custodial CEX staking services, such as Binance, Coinbase, or Kraken (which just announced pausing all staking services), you will find that you never create a "validator key" nor fill in any "withdrawal key". This is the standard "custodial staking".

Then where are these two keys?

Validator key is in the Binance Pool or Coinbase Pool

Withdrawal key is in the Binance and CB's cold wallet

You don't have to go to work (participate in validation), and the salary card is also kept for you by the exchanges. This plan is the most convenient one and has a minimum guarantee.

But it is not suitable for users who pursue decentralization. FUDs are everywhere, and now probably even the US does not allow you to do this.

Option 2: Pooled Staking/Large Pool

This is the staking solution provided by Lido and Rocket Pool. You still don't need to create the two keys, which are managed by Lido and Rocket. So what's the difference between this and the one provided by CEXs?

Let's talk about the validator key first:

CEXs: Obviously it has only one operator, which is itself.

Lido: Lido 1.0 has 29 professional operators under it. Lido entrusts the management of ETH to selected operators, so the validator keys are relatively decentralized, with each of the 29 operators holding a part. In other words, Lido is a group with 29 strong working groups. You don't have to work, just let the professional work team work for you. So, the operators take a 5% cut, and Lido takes another 5%.

Rocket Pool: Rocket Pool can have an unlimited number of operators, anyone with a machine/cloud server + 16 ETH can become an operator. In other words, Rocket Pool is a crowdsourcing platform, with a bunch of food delivery persons(operators), equipped with electric scooters (machines/cloud servers/16 ETH), helping you run validator nodes. Of course, they will also take a cut.

Now, let's talk about the withdrawal key:

So what is the Staking withdrawal process?

As we all know, Ethereum has two chains: original Ethereum (execution layer) and Beacon Chain (consensus layer). When you Stake, the first step is to transfer ETH to the Beacon treasury address on original Ethereum for https://etherscan.io/address/0x00000000219ab540356cbb839cbe05303d7705fa… locking up, and then the Beacon Chain generates the corresponding ETH for you on the consensus layer.

Note that these staked ETH are locked, not destroyed on the Ethereum mainnet, nor cross-chained to the beacon chain. They are just locked and got reflected.

On-chain Steps for Staking

After the Shanghai Upgrade, withdrawing will be a new type of transaction. When you withdraw:

  1. Your validator node informs the Beacon Chain and sends out a withdrawal signal

  2. Queueing

  3. The Beacon Chain informs the original Ethereum Chain treasury

  4. The original Ethereum Chain treasury transfers to your designated address, such as 0xTodd.eth or NothingResearch.eth or 0x123456789…

So, the so-called "withdrawal key" is essentially the private key for the address 0xTodd.eth.

And for Lido & Rocket's withdrawal key, there are an additional 3 steps::

  1. You inform Lido/RPL that you want to withdraw

  2. Lido/RPL informs the operator that a certain validator node wants to withdraw

  3. The operator informs the Beacon Chain that a certain validator node wants to withdraw

  4. Queueing

  5. The Beacon Chain informs the original Ethereum Chain treasury

  6. The original Ethereum Chain treasury transfers to the Lido/RPL withdrawal treasury

  7. You burn stETH/rETH and the Lido/RPL smart contract transfers to your address.

PS: If it's a CEX, step 7 would be CZ/Armstrong directly adding balance to your Binance/Coinbase account.

Regarding the pooled staking scheme, steps 4, 5, 6, and 7 are purely on-chain operations ✅. However, the weak parts are in steps 1, 2 and 3 ⚠️.

In theory, pooled staking schemes can reject your withdrawal, for example, if you are sanctioned by the US OAFC for using Tornado Cash, then steps1, 2 and 3 can achieve this by not transmitting information to you.

Why I call it the "pooled staking" scheme is because the withdrawal address for all validators are the same, that is, the smart contract address of the Lido/RPL treasury.

Of course, for CEXs, they still have a long way to go and lots of room for improvement.

However, this scheme is very close to the "full custody" one, as steps 1, 2 and 3 can be manipulated. After all, the withdrawal key is theoretically still owned by the large pool, and you only have the "withdrawal address" of the "withdrawal address."

So, for schemes that do not control the final destination of funds, I tend to classify them as "full custody."

Some Rocket Pool supporters often claim that it is completely decentralized, this slogan is deeply ingrained in people's hearts.

But when you read this thread, you know that it is decentralized in the key verification part, and anyone can be a verifier (Lido V2 is also working hard on this).

For the withdrawal key part, as a user, you still cannot participate and your assets are still controlled by a third-party wallet.

Compared to exchanges, Lido and Rocket only add one or two more steps, but are more decentralized. It’s still a good compromise. Especially Lido, stETH liquidity is very good (currently far exceeding all other LSD schemes), which is an important bonus.

Option 3: SaaS (Staking as a Service)/Small Pool

At Step 3, staking becomes more orthodox. Personally, I have a certain preference for decentralization, especially after experiencing a series of CEX bankruptcies.

I made an analogy earlier that the validator key is a work permit, and the withdrawal key is a salary card.

Then we tend to think whether there is a way to have someone else work for us while we collect the salary.

There is no such thing in real life, but we can find it here in the Ethereum network, which is called SaaS or VaaS (Validator as a Service). Let’s take Ebunker, a non-custodial staking pool, as an example.

Firstly, you have to use the validator key (created by yourself) to create a keystore and provide it to the Ebunker pool. A professional staking pool, such as Ebunker, will maintain the validator's block production for you. In the meantime, you fill in your own withdrawal address, which means you can 100% control the final withdrawal of Ethereum.

Summary:

[Validator key], only you have it, while the staking pool own a copy of its variant;

[Withdrawal key], only you have it.

That is: the staking pool works for you, you receive salaries, and the staking pool takes a cut.

So what is the difference between this option and the large pools? The difference is that:

For the Pooled option, the withdrawal address is unified (i.e., Lido\RPL treasury), so it is a "large pool."

For the SaaS option, the withdrawal address is filled out by each person, so it is a "small pool."

PS: I came up with the terms "large pool" and "small pool." I think they are very vivid and easy to understand 🥰.

Now you may ask, for the SaaS option, if the staking pool does not help you propagate to the Beacon chain, you still cannot withdraw, right?

Here's the answer: don‘t worry, you have a contingency. Since you have your [validator key], if the worst happens, such as the staking pool being rug-pulled, you can still personally run the validator and propagate blocks yourself. At the same time, you also have the [withdrawal key], so you can withdraw staked ETH by yourself as well.

In the case of the large pool option, you do not have this chance in the worst-case scenario because you have neither the verification key nor the withdrawal key.

You might ask the second question, "Can the small pool in a SaaS solution take away my funds?"

Thanks to the clever design of Ethereum Staking, the answer is no. Because when you create a validator, you fill in your own withdrawal address which the staking pool cannot tamper with. So even if the small pool rugs, your assets cannot be taken by the pool, because stealing it is as difficult as attacking Ethereum itself.

For the large pool solution, in the worst case scenario, theoretically the pool can take away your assets and run. It's simple. They only need to upgrade its treasury contract and transfer its ownership to the attacker. Of course, this is the worst-case scenario, extremely unlikely.

To counter this, Lido has introduced multisignature management for smart contract upgrades, while Rocker Pool seems to be avoiding any discussion on this issue, and currently I did not find the information on contract upgrades.

Therefore, for those who do not want to work (after all, 24/7 validator node operation is not an easy task) and have security requirements (not allowing third-party management of funds), picking a SaaS service is a good choice. Apart from Ebunker, there are other pools that offer similar non-custodial services, which can be found on Rated.

Of course, there are also drawbacks. All non-custodial SaaS solutions do not have the LSD option. This is because they do not hold your private key, so how can they give you a savings book (LSD)? Of course, some SaaS staking pools also provide large pool solutions, which can offer LSD.

Simply speaking, whoever holds the private key decides whether you can get LSD. CEX and large pool solutions can provide it, while small pool and solo solutions cannot.

After the Shanghai upgrade, Ethereum withdrawals take up to 1-2 months, and the liquidity of SaaS small pool solutions has also been somewhat guaranteed. Therefore, this is also my personal favorite solution - it is worry-free, slightly cumbersome, does not give your private key to others, and has a good APR. (Premise: You own more than 32 ETH, otherwise use LSD.)

Option 4: Solo Staking

Finally, let me introduce the ultimate holy grail - Solo Staking. As the name suggests, Solo means playing alone, without introducing any third parties. It’s the most decentralized and secure solution.

As a Solo staker, you possess the validator key and withdrawal key by yourself. The advantages are obvious: it is secure, no commission fees, and it adds diversity to the Ethereum network. Most importantly, it satisfies spiritual needs!

The disadvantages are also obvious: you have to do the work yourself, which comes with costs such as time (maintaining it) and funds (renting servers/building physical facilities). If you don't maintain it 24/7, your APR will be slightly lower due to penalties.

For example, the current effective block rate for the entire network is 97%, and even a professional like Vitalik may only achieve 96% effectiveness as a Solo staker. Rocket Pool's is even lower at 95% because it is a crowdsourcing platform.

From Rated

I think the threshold for Solo staking is at least 10,000 Ethereum, which is equivalent to at least 30 validator node groups. On one hand, this is to ensure the stability of block production (missing out on MEV blocks is also very frustrating), and on the other hand, it is to balance income and costs.

However, if you have enough Ethereum, even exceeding 30,000 or 50,000, you can consider hiring people to run it. After all, paying salaries is cheaper than being charged a percentage by large or small pools, which means you will earn more profit.

Solo is the eternal holy grail. If you have a sufficiently large quantity, I strongly recommend looking into Solo. For quantities below 100,000, I recommend reviewing the second and third options.

A side note: What is SSV used for? SSV is actually a researcher of the Distributed Validator Technology (DVT), and it is not a competitor but rather a partner of the aforementioned four types of staking solutions. DVT is used to split the validator key.

When the validator key is split into four parts, the benefits are:

  1. If one operator goes offline, the other operators can immediately fill in the gap.

  2. Third-party operators are unaware of the complete validator key. This makes the validation process more decentralized and empowers Lido, SaaS, and Solo solutions.

You can think of it as a multisig, in fact, it is a threshold signature version designed specifically for verification keys. For withdrawal keys/addresses, you can still use multisig. This is also the difference between DVT and our usual reference to "multisig".

Finally here comes the end of this article! Although it is long, I hope this analysis can help everyone thoroughly understand the differences between all Staking solutions. Feel free to bookmark and review it anytime. If you have any questions about Ethereum or Staking, please feel free to DM me on Twitter @0x_todd.

Last but not least! Welcome everyone to become a validator and contribute to the security of the Ethereum network 🧐.

Author:

@0xTodd | Nothing Research Partner

@0xNalinz | Nothing Research Analyst

Email:

http://mailto:[email protected]/

Ethereum