Vitalik Buterin says rollups must prove security before decentralizing
Ethereum co-founder Vitalik Buterin has explained when he believes rollup-based layer-2 platforms should go decentralized, and why “as soon as possible” is not the correct answer.
In a May 5 X post, Buterin explained that there is a right time for rollup-based scalability solutions to transition to a decentralized model. This moment depends on how low the proof system’s failure probability has fallen compared with the risks introduced by centralization.
Buterin’s thread came in response to a separate post by decentralized exchange Loopring founder and CEO Daniel Wang. Wang explained in his thread that the maturity of a system matters to its security:
“Not all code is created equal. A rollup can be Stage 2, but running fresh code that’s never been tested under real stress.“
Rollup development is classified into stages: stage zero, stage one and stage two. Each stage is increasingly decentralized, with stage two being fully decentralized and trustless.
Related: Vitalik Buterin’s vision for Ethereum: Pectra, Glamsterdam and beyond
Code that experienced war
Cryptocurrency systems that manage significant assets are exposed to profit-motivated bad actors worldwide. Even if a project does not feature a bug bounty program promising payments to people who find vulnerabilities, it is still taken apart under a microscope — it may just pay more for found faults.
This threat is growing as nation-state-backed bad actors increase their crypto activity level. One such example is the Lazarus hacking group, responsible for many high-profile hacks in the crypto space, including the $1.4 billion ByBit hack.
Wang suggested introducing a new metric for veteran code that survived the pressure of being exposed to highly motivated advanced hackers and hacker groups: “BattleTested.” The BattleTested badge would be awarded to a rollup that consistently secured at least $100 million of assets for at least six months, with at least $50 million being in Ether (ETH) and a major stablecoin.
Also, this badge would be lost at every update, as the new code needs to survive the onslaught of attackers to earn it as well. Buterin commented on the analysis:
“A good reminder that stage 2 is not the only thing that matters for security: the quality of the underlying proof system matters too.“
Analyst at Kronos Research Dominick John told Cointelegraph that “to responsibly transition from stage 1 to stage 2, rollup teams must […] take a hard look at correlated risks like shared custody weaknesses or geopolitical chokepoints that can compromise the reliability of multisig security councils.” He said that such risks often go unnoticed until the locked value crosses $100 million. He added:
“The real green light for decentralization comes not when the proof system looks good on paper, but when it proves under real economic pressure that it’s more reliable than the potential for coordinated failures among council members.“
Related: Vitalik wants to make Ethereum ‘as simple as Bitcoin’ in 5 years
When to go decentralized?
Buterin explained that the best time for a protocol to go decentralized is when its onchain proof system is safe enough for the centralized components serving as a centralized point of failure or collusion risk to be the bigger threat. This is because until a system is proven to be secure enough, decentralization, which increases the reliance on this system, may end up making the system less secure.
Mike Tiutin, chief technology officer at decentralized compliance protocol PureFi, told Cointelegraph that “going decentralized too early […] can leave users vulnerable.” John explained that “decentralization isn’t a race, it’s a long-term responsibility shared by the entire ecosystem.” He explained that rushing to stage two puts ideology before safety and increases risks:
“In stage one, councils can step in if something breaks. In Stage 2, a single bug could wipe out billions with no rollback.”
While going decentralized right away is recognized as problematic, many experts highlight the issue of not going decentralized at all. Arthur Breitman, co-founder of the Tezos blockchain, told Cointelegraph that “prominent Ethereum L2s” are “fundamentally custodial”:
“Privileged entities control core logic, jeopardizing asset integrity; banking on their immunity to collusion is fragile, and failure is likely to be correlated.“
Magazine: What are native rollups? Full guide to Ethereum’s latest innovation
Bitcoin (BTC) $ 105,075.00
Ethereum (ETH) $ 2,531.95
Tether (USDT) $ 1.00
XRP (XRP) $ 2.17
BNB (BNB) $ 650.33
Solana (SOL) $ 145.76
USDC (USDC) $ 0.999777
Dogecoin (DOGE) $ 0.176811
TRON (TRX) $ 0.269176
Lido Staked Ether (STETH) $ 2,531.31
Cardano (ADA) $ 0.635259
Hyperliquid (HYPE) $ 42.24
Wrapped Bitcoin (WBTC) $ 105,134.00
Wrapped stETH (WSTETH) $ 3,053.45
Sui (SUI) $ 3.02
Chainlink (LINK) $ 13.15
Bitcoin Cash (BCH) $ 431.76
LEO Token (LEO) $ 9.06
Stellar (XLM) $ 0.259523
Avalanche (AVAX) $ 19.17
Toncoin (TON) $ 3.02
Shiba Inu (SHIB) $ 0.000012
USDS (USDS) $ 0.999674
Hedera (HBAR) $ 0.159344
WETH (WETH) $ 2,531.54
Wrapped eETH (WEETH) $ 2,709.27
Litecoin (LTC) $ 86.75
Binance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.999775
Ethena USDe (USDE) $ 1.00
Monero (XMR) $ 315.32
Polkadot (DOT) $ 3.80
WhiteBIT Coin (WBT) $ 39.18
Bitget Token (BGB) $ 4.53
Coinbase Wrapped BTC (CBBTC) $ 105,157.00
Pepe (PEPE) $ 0.000011
Uniswap (UNI) $ 7.33
Pi Network (PI) $ 0.584189
Aave (AAVE) $ 275.39
Dai (DAI) $ 1.00
Ethena Staked USDe (SUSDE) $ 1.18
Bittensor (TAO) $ 374.31
OKB (OKB) $ 51.79
Internet Computer (ICP) $ 5.65
Aptos (APT) $ 4.52
BlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
Cronos (CRO) $ 0.091821
NEAR Protocol (NEAR) $ 2.23
Ethereum Classic (ETC) $ 16.76
Ondo (ONDO) $ 0.793155
Jito Staked SOL (JITOSOL) $ 176.21
Tokenize Xchange (TKX) $ 30.19
sUSDS (SUSDS) $ 1.06
USD1 (USD1) $ 1.00
Mantle (MNT) $ 0.643003
Gate (GT) $ 17.29
Official Trump (TRUMP) $ 10.24
Kaspa (KAS) $ 0.075845
VeChain (VET) $ 0.022302
Fasttoken (FTN) $ 4.44
Sky (SKY) $ 0.087916
Cosmos Hub (ATOM) $ 4.12
Lombard Staked BTC (LBTC) $ 105,007.00
POL (ex-MATIC) (POL) $ 0.201916
Ethena (ENA) $ 0.296389
Render (RENDER) $ 3.43
Artificial Superintelligence Alliance (FET) $ 0.666697
Arbitrum (ARB) $ 0.342313
Filecoin (FIL) $ 2.44
Worldcoin (WLD) $ 0.987425
Quant (QNT) $ 106.91
Algorand (ALGO) $ 0.180123
Binance-Peg WETH (WETH) $ 2,531.31
USDT0 (USDT0) $ 0.999425
Jupiter Perpetuals Liquidity Provider Token (JLP) $ 4.37
First Digital USD (FDUSD) $ 0.997014
USDtb (USDTB) $ 0.999932
KuCoin (KCS) $ 11.21
SPX6900 (SPX) $ 1.45
Binance Staked SOL (BNSOL) $ 154.11
Flare (FLR) $ 0.018377
Jupiter (JUP) $ 0.413037
Celestia (TIA) $ 1.81
Fartcoin (FARTCOIN) $ 1.21
NEXO (NEXO) $ 1.21
Virtuals Protocol (VIRTUAL) $ 1.84
Rocket Pool ETH (RETH) $ 2,879.38
Kelp DAO Restaked ETH (RSETH) $ 2,649.04
Injective (INJ) $ 11.74
Bonk (BONK) $ 0.000015
Sonic (S) $ 0.341910
Story (IP) $ 3.62
Optimism (OP) $ 0.598797
Polygon Bridged USDT (Polygon) (USDT) $ 1.00
Binance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999706
XDC Network (XDC) $ 0.059930
PayPal USD (PYUSD) $ 0.999709
Stacks (STX) $ 0.631216
Mantle Staked Ether (METH) $ 2,705.45
Sei (SEI) $ 0.176770
StakeWise Staked ETH (OSETH) $ 2,654.34
