Vitalik Buterin says rollups must prove security before decentralizing
Ethereum co-founder Vitalik Buterin has explained when he believes rollup-based layer-2 platforms should go decentralized, and why “as soon as possible” is not the correct answer.
In a May 5 X post, Buterin explained that there is a right time for rollup-based scalability solutions to transition to a decentralized model. This moment depends on how low the proof system’s failure probability has fallen compared with the risks introduced by centralization.
Buterin’s thread came in response to a separate post by decentralized exchange Loopring founder and CEO Daniel Wang. Wang explained in his thread that the maturity of a system matters to its security:
“Not all code is created equal. A rollup can be Stage 2, but running fresh code that’s never been tested under real stress.“
Rollup development is classified into stages: stage zero, stage one and stage two. Each stage is increasingly decentralized, with stage two being fully decentralized and trustless.
Related: Vitalik Buterin’s vision for Ethereum: Pectra, Glamsterdam and beyond
Code that experienced war
Cryptocurrency systems that manage significant assets are exposed to profit-motivated bad actors worldwide. Even if a project does not feature a bug bounty program promising payments to people who find vulnerabilities, it is still taken apart under a microscope — it may just pay more for found faults.
This threat is growing as nation-state-backed bad actors increase their crypto activity level. One such example is the Lazarus hacking group, responsible for many high-profile hacks in the crypto space, including the $1.4 billion ByBit hack.
Wang suggested introducing a new metric for veteran code that survived the pressure of being exposed to highly motivated advanced hackers and hacker groups: “BattleTested.” The BattleTested badge would be awarded to a rollup that consistently secured at least $100 million of assets for at least six months, with at least $50 million being in Ether (ETH) and a major stablecoin.
Also, this badge would be lost at every update, as the new code needs to survive the onslaught of attackers to earn it as well. Buterin commented on the analysis:
“A good reminder that stage 2 is not the only thing that matters for security: the quality of the underlying proof system matters too.“
Analyst at Kronos Research Dominick John told Cointelegraph that “to responsibly transition from stage 1 to stage 2, rollup teams must […] take a hard look at correlated risks like shared custody weaknesses or geopolitical chokepoints that can compromise the reliability of multisig security councils.” He said that such risks often go unnoticed until the locked value crosses $100 million. He added:
“The real green light for decentralization comes not when the proof system looks good on paper, but when it proves under real economic pressure that it’s more reliable than the potential for coordinated failures among council members.“
Related: Vitalik wants to make Ethereum ‘as simple as Bitcoin’ in 5 years
When to go decentralized?
Buterin explained that the best time for a protocol to go decentralized is when its onchain proof system is safe enough for the centralized components serving as a centralized point of failure or collusion risk to be the bigger threat. This is because until a system is proven to be secure enough, decentralization, which increases the reliance on this system, may end up making the system less secure.
Mike Tiutin, chief technology officer at decentralized compliance protocol PureFi, told Cointelegraph that “going decentralized too early […] can leave users vulnerable.” John explained that “decentralization isn’t a race, it’s a long-term responsibility shared by the entire ecosystem.” He explained that rushing to stage two puts ideology before safety and increases risks:
“In stage one, councils can step in if something breaks. In Stage 2, a single bug could wipe out billions with no rollback.”
While going decentralized right away is recognized as problematic, many experts highlight the issue of not going decentralized at all. Arthur Breitman, co-founder of the Tezos blockchain, told Cointelegraph that “prominent Ethereum L2s” are “fundamentally custodial”:
“Privileged entities control core logic, jeopardizing asset integrity; banking on their immunity to collusion is fragile, and failure is likely to be correlated.“
Magazine: What are native rollups? Full guide to Ethereum’s latest innovation
Bitcoin (BTC) $ 103,344.00
Ethereum (ETH) $ 2,404.95
Tether (USDT) $ 1.00
XRP (XRP) $ 2.10
BNB (BNB) $ 633.83
Solana (SOL) $ 139.04
USDC (USDC) $ 0.999786
TRON (TRX) $ 0.273620
Dogecoin (DOGE) $ 0.159506
Lido Staked Ether (STETH) $ 2,403.54
Cardano (ADA) $ 0.571313
Wrapped Bitcoin (WBTC) $ 103,303.00
Hyperliquid (HYPE) $ 32.80
Wrapped stETH (WSTETH) $ 2,896.88
Bitcoin Cash (BCH) $ 476.18
Sui (SUI) $ 2.62
Chainlink (LINK) $ 12.44
LEO Token (LEO) $ 8.92
Stellar (XLM) $ 0.240282
USDS (USDS) $ 0.999715
Avalanche (AVAX) $ 16.95
Toncoin (TON) $ 2.89
WhiteBIT Coin (WBT) $ 48.86
Shiba Inu (SHIB) $ 0.000011
WETH (WETH) $ 2,407.52
Wrapped eETH (WEETH) $ 2,574.02
Binance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 1.00
Litecoin (LTC) $ 82.30
Hedera (HBAR) $ 0.141411
Monero (XMR) $ 313.88
Ethena USDe (USDE) $ 1.00
Polkadot (DOT) $ 3.40
Bitget Token (BGB) $ 4.28
Coinbase Wrapped BTC (CBBTC) $ 103,381.00
Uniswap (UNI) $ 6.87
Pi Network (PI) $ 0.536662
Pepe (PEPE) $ 0.000010
Dai (DAI) $ 0.999573
Aave (AAVE) $ 243.00
Ethena Staked USDe (SUSDE) $ 1.18
OKB (OKB) $ 50.60
BlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
Bittensor (TAO) $ 326.07
Aptos (APT) $ 4.34
Cronos (CRO) $ 0.086888
sUSDS (SUSDS) $ 1.06
Internet Computer (ICP) $ 4.80
Jito Staked SOL (JITOSOL) $ 168.41
NEAR Protocol (NEAR) $ 2.02
Ethereum Classic (ETC) $ 15.84
Tokenize Xchange (TKX) $ 28.49
Ondo (ONDO) $ 0.719100
USD1 (USD1) $ 0.999930
Mantle (MNT) $ 0.620906
Gate (GT) $ 16.84
Fasttoken (FTN) $ 4.44
Official Trump (TRUMP) $ 9.02
VeChain (VET) $ 0.020506
Cosmos Hub (ATOM) $ 3.85
Kaspa (KAS) $ 0.066181
Lombard Staked BTC (LBTC) $ 103,306.00
Artificial Superintelligence Alliance (FET) $ 0.634329
POL (ex-MATIC) (POL) $ 0.180507
Sky (SKY) $ 0.075534
Ethena (ENA) $ 0.259226
Render (RENDER) $ 2.97
Filecoin (FIL) $ 2.27
First Digital USD (FDUSD) $ 0.997998
Jupiter Perpetuals Liquidity Provider Token (JLP) $ 4.27
USDtb (USDTB) $ 0.999862
Binance-Peg WETH (WETH) $ 2,407.06
Algorand (ALGO) $ 0.165062
USDT0 (USDT0) $ 0.999759
Arbitrum (ARB) $ 0.280670
Worldcoin (WLD) $ 0.844272
KuCoin (KCS) $ 10.98
Binance Staked SOL (BNSOL) $ 147.36
Sei (SEI) $ 0.223850
NEXO (NEXO) $ 1.17
Flare (FLR) $ 0.016949
Rocket Pool ETH (RETH) $ 2,738.07
Kelp DAO Restaked ETH (RSETH) $ 2,520.68
Kaia (KAIA) $ 0.185518
Jupiter (JUP) $ 0.365354
Celestia (TIA) $ 1.53
Injective (INJ) $ 10.59
Polygon Bridged USDT (Polygon) (USDT) $ 0.999901
Bonk (BONK) $ 0.000013
Binance Bridged USDC (BNB Smart Chain) (USDC) $ 1.00
PayPal USD (PYUSD) $ 0.999436
XDC Network (XDC) $ 0.058720
Virtuals Protocol (VIRTUAL) $ 1.41
Optimism (OP) $ 0.525974
Stacks (STX) $ 0.595528
SPX6900 (SPX) $ 0.977542
Mantle Staked Ether (METH) $ 2,569.81
StakeWise Staked ETH (OSETH) $ 2,525.53
Solv Protocol BTC (SOLVBTC) $ 103,176.00
PAX Gold (PAXG) $ 3,399.14
Sonic (S) $ 0.271670
