Lido: The Ethereum Staking Road to Trust

On December 1, 2020, the beacon chain was released, and Ethereum embarked on the journey of transition to a PoS (Proof of Stake) consensus. Although users have the opportunity to pledge ETH for the first time, there are still some frictions in the process:

1. Unable to unlock the pledge: Once the deposit is pledged, the verifier cannot raise their pledge deposit before the beacon chain enables the transfer function. This means that in the next few months or even years, participation in pledge will be a one-way process.

2. Lack of liquidity: During the pledge process, users cannot transfer or trade their ETH, nor can they use their ETH as collateral to participate in the DeFi protocol. The inability to raise a pledge deposit from the beacon chain is particularly costly.

3. High capital requirements: The amount of ETH pledged by users can only be multiples of 32 and 32, and users with small or odd balances are excluded from the threshold.

4. Operational burden: Although the core developers of Ethereum stated that pledges have low hardware and uptime requirements, many users still prefer to provide funds and then outsource operations to a third party.

We have clearly realized early on that users want a solution to these problems, and we are not the only service providers trying to solve these problems.

The first and most obvious competitor is the centralized exchange. For them, centralize users’ ETH (solve problem 3); provide users with pledge services (solve problem 4); and issue liquid derivatives to replace users’ locked-up pledge assets (solve problems 1-2), etc. Waiting for operations is a breeze. Considering that customer acquisition and liquidity are so important to the business of exchanges, they can even provide this service to users for free.

Fast forward to today, and centralized exchanges are becoming the early winners in the Ethereum staking field. Validator nodes operated by exchanges such as Kraken or Binance have become the largest group. Less visible exchanges like Coinbase may take a larger share of the pledged ETH.

Graphical Ethereum pledged services accounted for:

Lido: The Ethereum Staking Road to Trust

However, exchanges have become one of the most important users of Ethereum; making them the largest block producer may seriously damage the decentralized nature of Ethereum.

Therefore, we believe that decentralized staking pools like Lido need to compete with the staking pools of centralized exchanges.

Why is it so important to completely trust the Ethereum staking pool?

1. Focus on the security of Ethereum: As mentioned earlier, many users want to entrust its pledge service. However, since Ethereum does not support delegation within the agreement, this provides an opportunity for third-party pledge service providers. Considering how important security is to Ethereum, a trustless staking pool is preferable to a trusted and centralized staking pool.

2. Staking has a centralized power: PoS’s Staking (staking) may be more centralized than PoW’s Mining (mining), supporting a smaller number of more concentrated winners. This is because the pledge pool can issue a liquid pledge derivative (such as stETH) to create a powerful network effect, which PoW does not have.

In this article, we explained the source of ideas for Lido’s current design and how we will turn Lido into a completely trustless infrastructure.

Create a trustless staking pool and derivatives

Before we released Lido, it was impossible to achieve a completely trustless staking pool and derivatives. So we must choose between the two a) postpone the release b) provide the current best alternative to the exchange’s pledge pool while minimizing trust

Although the first method is more trustless than the second method, the postponement of the release will give the exchange the opportunity to compete (because they will not impose the same requirements on themselves). We don’t know whether the pledge of trust can overcome such a large first mover advantage, so for the team, waiting seems to be a more dangerous choice.

Therefore, we have chosen an iterative approach that allows us to compete with centralized exchange staking pools and gain market share, while continuously reducing the trust characteristics of the system (when we can do so).

So, what are the key factors that hinder the complete de-trust of pledged derivatives? Below, we pointed out the three main points that hinder Lido’s complete trustlessness:

1. The pledged deposits before July 15, 2021 are under escrow: When we release Lido, it is impossible to set the smart contract as the owner of the beacon chain verifier. Therefore, the withdrawal certificate of the Lido verifier is controlled by a 6-of-11 multi-signature composed of a group of prestigious Ethereum builders. We have transferred escrow to a smart contract, but this function is not yet applicable to existing pledge deposits.

2. At present, the withdrawal function is not without permission: due to the design of the withdrawal voucher, Lido verifiers must manually release the pledge at present. Therefore, stETH holders cannot force Lido node operators to release their pledges. On the contrary, they must trust the node operators to act honestly and not to do evil.

3. At present, becoming a node operator is not without permission: currently only the Lido registry controlled by LDO token holders can add new node operators. Therefore, stETH users need to believe that LDO holders will continue to support a reasonable and distributed subset of validators.

Please note that the function of withdrawing funds from the beacon chain has not been enabled, which means that no one (including 6-of-11 multi-signature) can withdraw funds from the deposit contract. This also means that currently stETH holders cannot redeem ETH from the beacon chain, so they will not be attacked and lose their assets. Therefore, the first two issues mentioned above will not affect users yet. The reason why we also list these two problems is because once the beacon chain enables the withdrawal function, these two problems will appear.

Remove these trust requests

Transfer escrow to a smart contract

As mentioned earlier, when Lido is released, the smart contract cannot be set as the owner of the beacon chain verifier node.

The smart contract withdrawal address format has been added to the beacon chain specification. Last week we transferred the withdrawal voucher of Lido’s new pledger to a smart contract.

To understand why this does not apply to existing deposits, we need to first understand what the withdrawal certificate in the beacon chain is:

1. As mentioned earlier, the Ethereum pledge initially only supports one type of withdrawal voucher, 0x0. This only allows the BLS address type to become the owner of the validator node, not even the Ethereum address.

2. In December 2020, 0x01 was introduced in the specification to allow Ethereum addresses to set up validator nodes.

3. To convert the withdrawal certificate of the existing validator, the pledged ETH must be unlocked first, and then re-pledged with the new withdrawal certificate. However, before the withdrawal function is enabled, no one can unlock the pledged ETH and re-stake. So now if you want to change the withdrawal certificate from 0x0 to 0x01, you need to adopt the second mechanism. This mechanism allows the verifier to convert their withdrawal certificate without unlocking the pledge.

Our smart contract for new withdrawal vouchers is implemented as an architecturally scalable smart contract. This is because we still lack the key functions to realize remote withdrawal (ie, smart contract triggers the verifier to unlock the pledge), so we need to maintain upgradeable options when introducing these functions.

The smart contract withdrawal certificate was upgraded on July 15, 2021, that is to say, any new pledge deposits on Lido after that are completely non-custodial.

Remotely force validators to unlock pledges

If a user wants to unlock the pledge now (this will not work, because the ETH in the deposit contract can neither be raised nor re-pledged), Lido will have to send a message to the verifier. Then, the verifier must manually unlock the pledge, allowing them to destroy or even blackmail the Lido protocol. In order to alleviate this problem, so far, we have been joining new node operators in a permitted manner.

Ideally, we can completely solve this problem by allowing stETH holders to remotely trigger the verifier to unlock the pledge . Recently, Ethereum researchers put forward a new proposal that would allow the principal to force its agent to unlock the pledge. This address is temporarily marked as 0x03, which can be implemented as an independent voucher, or as a correction to 0x01 after the beacon chain withdrawal function is enabled.

The proposal was implemented by introducing a new “standard” Exit Contract on Ethereum-somewhat similar to Deposit Contract. 0x03 The owner of the withdrawal voucher will be able to specify any validator that matches it. Then the beacon chain will trigger a “voluntary withdrawal” mechanism for the verifier as part of the state transition function of the beacon chain. This means that the verifier received the user’s remote unlock pledge instruction and executed it.

Open validator registration

As we have seen, hosting problems and Griefing attacks have simple technical solutions. Fortunately, they are also very important issues at the same time, and solving these issues are the two primary tasks to make the Lido protocol more trustless.

This leaves us with a question: who can become the node operator of Lido. This is a more complex problem, and the solution is not that simple.

First of all, why does Lido need to control who can become a node operator?

The core part of Lido’s value proposition is liquid staking, so stETH derivatives are issued for users’ pledged deposits. In a simple implementation, derivatives issued for different validators should be traded at different market prices, because the performance and reliability of these derivatives are different. However, the resulting tokens cannot be substituted for each other, which makes it more difficult to build liquidity for them.

On the contrary, Lido users obtain the same replaceable stETH tokens through pledge, allowing exchanges, lending markets, etc. to use them.

Although this kind of fungibility is very desirable, it also creates a new problem: it requires socializing the poor performance of those inferior validator nodes and the risk of forfeiture among all stETH holders, that is, stETH holders are not just a single verification. Holders of derivatives of the owner. For example, if a validator is fined, all stETH holders will lose a small amount of assets, rather than a single derivative holder losing a large amount of assets.

If the pledged derivatives are irreplaceable, then users will have to use some incentives to attract some of the best node operators to help them run the nodes, because the quality of the node’s operation directly affects the value of their pledged derivatives. In other words, the quality control of node operators will be performed by the market. But if the pledged derivatives are interchangeable, Lido must ensure that only qualified node operators can accept the user’s entrustment.

This kind of central “quality control” inspection for node operators is not an easy problem. We have listed some possible solutions. The following is an incomplete list of solutions:

Central registry + off-chain reputation: The simplest solution is to only allow top node operators with good records and legal recourse to participate, and they can be selected by LDO governance voting. This is the current solution, but it may give too much power to the protocol governance. If the network effect of stETH becomes so strong that even though a more decentralized staking provider appears on Ethereum, people are willing to use it, then the governance power of the protocol becomes extremely large.

Staker-curated registries (Staker-curated registries): A more decentralized and consistent value solution is to let the pledger choose the set of node operators. This is not an easy problem, because the pledge deposit is liquid and the pledger does not have to bear the long-term consequences of its actions. However, if the issue is resolved, the Lido agreement will not require a license and will be highly consistent with the interests of the pledger.

Bonding solution: One method used by other blockchains such as Tezos and other staking pools such as Rocket Pool is to require validators to provide a deposit. For example, in Rocket Pool, validators must pledge with their delegators. In the one-to-one margin system, the user actually has no risk of forfeiting, because the system will also first confiscate the verifier’s margin.

However, the experience in the history of encryption tells us that capital efficiency is very important. And the bond solution is usually smaller than the evening market, and for the holder, this solution is more costly than the non-bond solution. It stands to reason that the same reasoning also applies to the pledge market. To make matters worse, this brings considerable advantages to those custodial liquid staking pool solutions (such as exchanges), because they can use other people’s tokens to buy bonds in other staking pools for free to earn Benefit.

Secret Shared Validators: The Ethereum Foundation has proposed a new proposal, Secret Shared Validators (SSV), which improves the fault tolerance of the system without affecting performance.

SSV splits a single verifier into multiple signatures controlled by different entities. Then, these entities will first reach a consensus through an off-chain voting agreement to jointly produce blocks. Although the cost of this scheme is higher communication overhead, the advantage is that a single verifier cannot cause any failure by itself, because they may control 10% of the 10 verifier nodes instead of controlling an entire verifier. node.

There are currently relevant researches on SSV on the Lido Forum.

Tracking validator performance (Tracking validator performance): Another easy-to-implement solution may be to track the performance of the validator within the agreement and allocate ETH in the system based on this information. This solution first requires the beacon chain to disclose the validator’s statistical information (such as its uptime) so that the smart contract of the pledge pool can calculate its on-chain performance.

The verifier’s on-chain data can be used in several ways. For example, node operators with better performance are more likely to be allocated new pledge ETH. In addition, when users want to unlock their pledged ETH, the system is able to remove the worst-performing validators, rather than randomly.

Insurance: Lido can re-outsource the quality inspection work of verifiers to the market, for example, by having a public insurance system. This is actually a prediction market, and Lido will provide some rewards for users to predict which verifiers perform best each month.

Node operator score: To reiterate, Lido needs to perform quality control checks on node operators. Nevertheless, Lido still does not want to achieve it in a centralized way determined by the LDO governor or others.

The best solution is to combine many of the above ideas with a verifier points system. Whenever new ETH is queued for pledge, node operators with higher scores will more easily obtain ETH for pledge until the ETH allocated to them reaches the safety limit. When a withdrawal request occurs on the system, operators with low points may also be punished first. If their points are lower than the minimum threshold, they may even be completely removed from the system.

Each node operator who newly joins the system has an initial score of zero, which means that its trust level is low and the chance of accepting entrustment is small. Then, the node operator can earn points by performing various operations to increase trust, such as:

  • Be part of multiple verifiers of SSV
  • Stake some ETH deposit
  • Insure yourself
  • Mainly to demonstrate its good verifier performance over time

(These are just some indicative methods for scoring node operators. There may be more/better options.)

In such a system, anyone can become a node operator, but he must perform well, just like competing in the market to get the favor of users. As node operators gradually accumulate good points, they can start to reduce other costs, such as insurance or SSV expenses. This system can also incentivize verifiers to perform as well as possible, because it will allow them to get more rewards through more pledge deposits.

No matter what the best solution is, we will do our best to make Lido achieve its goal of decentralization.


We believe that the winning Ethereum staking pool and derivatives will be a protocol with maximum decentralization and immutability, and this is the ideal state of Lido.

We also believe that waiting for Ethereum to be 100% compatible with similar solutions will undoubtedly give up the market to centralized exchanges that do not restrict themselves with this standard. Therefore, the best way to provide a trustless alternative is to adopt the best practices at the time and then gradually iteratively change.

We are working hard to make the Lido protocol completely non-custodial and trustless. Our two top tasks have clear technical solutions, and we are working with Ethereum developers or waiting for deployment when possible.

The issue of trustlessness of node operators is a more complex issue. Nevertheless, we will still explore the above-mentioned solutions and other solutions that we have not considered, to minimize the Lido protocol’s reliance on community governance organizations.

As the solution becomes feasible, we will continue to iterate quickly and reduce the trust surface required in the Lido system. We are proud to provide a better solution that can replace the staking pool of centralized exchanges, and build a completely decentralized, trustless staking derivative.


Posted by:CoinYuppie,Reprinted with attribution to:
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Like (0)
Donate Buy me a coffee Buy me a coffee
Previous 2021-08-09 10:09
Next 2021-08-09 11:08

Related articles