Tarun Chitra pfp
Tarun Chitra
@pinged
Are Liquid Restaking Tokens (LRTs) essential to restaking security and even risk mitigation, vs. being a source of systemic risk? Surprisingly, yes! New paper w/ @malleshpai shows that smart allocation to AVSs is crucial for security against cascading failures https://arxiv.org/abs/2408.00928
1 reply
4 recasts
34 reactions
Tarun Chitra pfp
Tarun Chitra
@pinged
Our paper builds off of the excellent work of Tim Roughgarden & Naveen Durvasula that formulates cascade risk in combinatorial terms and argues that overcollateralization is needed for security — but we arrived at this via a circuitous path First: Storytime 📗 https://x.com/n_durvasula/status/1819127937192308967
1 reply
0 recast
8 reactions
Tarun Chitra pfp
Tarun Chitra
@pinged
Jan '24: I read Appendix B of the Eigenlayer paper and found a lot of similarities between the allocation problem and an old paper of mine (+ Alex Evans) on LSTs and on-chain lending Cascade risks seemed like a multidimensional version of our old model — I got overly optimistic about our model applying here
1 reply
0 recast
2 reactions
Tarun Chitra pfp
Tarun Chitra
@pinged
The old paper's insight: If rational stakers *rebalance* between LSTs and DeFi based on yield → risk of cascading slashing events 📉 So: I simulated a multidimensional version (each dim. = abs. return of each AVS) and tried to measure cascade risk (quantified by a regret measure)
1 reply
0 recast
3 reactions
Tarun Chitra pfp
Tarun Chitra
@pinged
Simulations show regret: - Growing linearly in time w/o rebalancing - Asymptotes/slow growth with rebalancing Strongly suggests that smart rebalancing from LRTs (or large stakers) is important for reducing cascade risks Extending our old result should easily show this right?
1 reply
0 recast
2 reactions
Tarun Chitra pfp
Tarun Chitra
@pinged
Wrong! Combinatorial examples in Tim + Naveen's paper show obstructions to 'naive' extensions of our old paper that don't take into account the precise structure of a restaking graph Obstruction: "Global" nature of cascades (i.e. attack w/ Ω(n) nodes) https://x.com/Tim_Roughgarden/status/1819086514451894638
1 reply
0 recast
2 reactions
Tarun Chitra pfp
Tarun Chitra
@pinged
Let's see why in pictures Below is a restaking graph where the black dots are node operators and the boxes are the AVSs An attack against a single node operator cascades into a series of attacks until the entire network's stake is slashed 💀💀💀 A worst-case outcome!
1 reply
0 recast
2 reactions
Tarun Chitra pfp
Tarun Chitra
@pinged
On the other hand, if LRTs / operators _can_ rebalance in response to slashes, we can *arrest* this attack and stop it far before it spreads to the whole network In this figure, a node operator rebalances to form the yellow service which then leads to a graph with no attacks
1 reply
0 recast
3 reactions
Tarun Chitra pfp
Tarun Chitra
@pinged
This example suggests that while overcollateralization is necessary (as T&N showed), if node operators strategically rebalance (due to rewards) in response to slashing events, then one need not be as overcollateralized as in T&N's initial paper Why does this matter?
1 reply
0 recast
1 reaction
Tarun Chitra pfp
Tarun Chitra
@pinged
In Appendix B of our paper, we show an example where the overcollateralization required from T&N's paper is global and potentially requires the smallest AVS (by attack profit) to attract stake equivalent to what the highest AVS has to attract for security — super expensive!
1 reply
0 recast
1 reaction
Tarun Chitra pfp
Tarun Chitra
@pinged
Concretely: Consider two AVSs, one with profit from corruption of 1 ETH and the other with profit of 1,000,000 ETH Globally overcollateralization → 1 ETH profit AVS has to attract on the order of 1,000,001 ETH (May as well start a new PoS network vs. joining restaking network)
1 reply
0 recast
1 reaction
Tarun Chitra pfp
Tarun Chitra
@pinged
Our results show that one does not need to be as overcollateralized if: - Node operators actively rebalancing (like the sims showed) - Attackers face non-trivial profit for attacking multiple services simultaneously ∴ Smarter LRTs + Poorer Attackers = More Capital Efficiency
1 reply
0 recast
1 reaction
Tarun Chitra pfp
Tarun Chitra
@pinged
So what exactly do we show? If: 1. Incentives: Dynamic fees (or points) direct LRTs to allocate to parts of network that need more security 2. Costly Attacks: Cost of attacking n services 📈 (e.g. submodularity of profit) localizes attacks Then: Bounded cascade length R(G)
1 reply
0 recast
1 reaction
Tarun Chitra pfp
Tarun Chitra
@pinged
To achieve such security, AVSs need to provide a certain amount of rewards in ETH terms which is used to 'direct' where LRTs should allocate — how should AVSs choose their rewards? We provide an approximation algo for estimating optimal rewards (using a convex relaxation)
1 reply
0 recast
1 reaction
Tarun Chitra pfp
Tarun Chitra
@pinged
What are the main takeaways? 1. 𝐋𝐑𝐓𝐬 𝐧𝐞𝐞𝐝 𝐭𝐨 𝐚𝐥𝐥𝐨𝐜𝐚𝐭𝐞 𝐢𝐧𝐭𝐞𝐥𝐥𝐢𝐠𝐞𝐧𝐭𝐥𝐲 𝐟𝐨𝐫 𝐧𝐞𝐭𝐰𝐨𝐫𝐤-𝐰𝐢𝐝𝐞 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 2. 𝐀𝐕𝐒𝐬 𝐧𝐞𝐞𝐝 𝐭𝐨 𝐜𝐡𝐨𝐨𝐬𝐞 𝐚 𝐦𝐢𝐧𝐢𝐦𝐮𝐦 𝐲𝐢𝐞𝐥𝐝 / 𝐫𝐞𝐰𝐚𝐫𝐝𝐬 𝐭𝐡𝐚𝐭 𝐚𝐯𝐨𝐢𝐝 𝐜𝐚𝐬𝐜𝐚𝐝𝐞 𝐫𝐢𝐬𝐤
1 reply
0 recast
2 reactions
Tarun Chitra pfp
Tarun Chitra
@pinged
3. Restaking risk combines: a. PoS risk (e.g. combinatorial nature, rewards, attackers) b. DeFi risk (e.g. cascades) Analyzing risk from only one POV underestimates risk dramatically (e.g. what most people are doing) That's why it took me so long to go from simulation to proof!
1 reply
0 recast
1 reaction
Tarun Chitra pfp
Tarun Chitra
@pinged
I also wanted to thank a lot of people who I ranted at about this problem over the last year — thanks! This problem really drove me and @malleshpai crazy for so long because the simulation/intuition was "obvious" but the proof was filled with many twists, turns, and dead-ends
1 reply
0 recast
2 reactions