Vitalik Buterin says rollups must prove security before decentralizing
Ethereum co-founder Vitalik Buterin has explained when he believes rollup-based layer-2 platforms should go decentralized, and why “as soon as possible” is not the correct answer.
In a May 5 X post, Buterin explained that there is a right time for rollup-based scalability solutions to transition to a decentralized model. This moment depends on how low the proof system’s failure probability has fallen compared with the risks introduced by centralization.
Buterin’s thread came in response to a separate post by decentralized exchange Loopring founder and CEO Daniel Wang. Wang explained in his thread that the maturity of a system matters to its security:
“Not all code is created equal. A rollup can be Stage 2, but running fresh code that’s never been tested under real stress.“
Rollup development is classified into stages: stage zero, stage one and stage two. Each stage is increasingly decentralized, with stage two being fully decentralized and trustless.
Related: Vitalik Buterin’s vision for Ethereum: Pectra, Glamsterdam and beyond
Code that experienced war
Cryptocurrency systems that manage significant assets are exposed to profit-motivated bad actors worldwide. Even if a project does not feature a bug bounty program promising payments to people who find vulnerabilities, it is still taken apart under a microscope — it may just pay more for found faults.
This threat is growing as nation-state-backed bad actors increase their crypto activity level. One such example is the Lazarus hacking group, responsible for many high-profile hacks in the crypto space, including the $1.4 billion ByBit hack.
Wang suggested introducing a new metric for veteran code that survived the pressure of being exposed to highly motivated advanced hackers and hacker groups: “BattleTested.” The BattleTested badge would be awarded to a rollup that consistently secured at least $100 million of assets for at least six months, with at least $50 million being in Ether (ETH) and a major stablecoin.
Also, this badge would be lost at every update, as the new code needs to survive the onslaught of attackers to earn it as well. Buterin commented on the analysis:
“A good reminder that stage 2 is not the only thing that matters for security: the quality of the underlying proof system matters too.“
Analyst at Kronos Research Dominick John told Cointelegraph that “to responsibly transition from stage 1 to stage 2, rollup teams must […] take a hard look at correlated risks like shared custody weaknesses or geopolitical chokepoints that can compromise the reliability of multisig security councils.” He said that such risks often go unnoticed until the locked value crosses $100 million. He added:
“The real green light for decentralization comes not when the proof system looks good on paper, but when it proves under real economic pressure that it’s more reliable than the potential for coordinated failures among council members.“
Related: Vitalik wants to make Ethereum ‘as simple as Bitcoin’ in 5 years
When to go decentralized?
Buterin explained that the best time for a protocol to go decentralized is when its onchain proof system is safe enough for the centralized components serving as a centralized point of failure or collusion risk to be the bigger threat. This is because until a system is proven to be secure enough, decentralization, which increases the reliance on this system, may end up making the system less secure.
Mike Tiutin, chief technology officer at decentralized compliance protocol PureFi, told Cointelegraph that “going decentralized too early […] can leave users vulnerable.” John explained that “decentralization isn’t a race, it’s a long-term responsibility shared by the entire ecosystem.” He explained that rushing to stage two puts ideology before safety and increases risks:
“In stage one, councils can step in if something breaks. In Stage 2, a single bug could wipe out billions with no rollback.”
While going decentralized right away is recognized as problematic, many experts highlight the issue of not going decentralized at all. Arthur Breitman, co-founder of the Tezos blockchain, told Cointelegraph that “prominent Ethereum L2s” are “fundamentally custodial”:
“Privileged entities control core logic, jeopardizing asset integrity; banking on their immunity to collusion is fragile, and failure is likely to be correlated.“
Magazine: What are native rollups? Full guide to Ethereum’s latest innovation
Bitcoin (BTC) $ 106,929.00
Ethereum (ETH) $ 2,526.18
Tether (USDT) $ 1.00
XRP (XRP) $ 2.36
BNB (BNB) $ 651.33
Solana (SOL) $ 168.48
USDC (USDC) $ 0.999850
Dogecoin (DOGE) $ 0.226829
Cardano (ADA) $ 0.748025
TRON (TRX) $ 0.268596
Lido Staked Ether (STETH) $ 2,519.93
Wrapped Bitcoin (WBTC) $ 106,724.00
Sui (SUI) $ 3.89
Wrapped stETH (WSTETH) $ 3,028.82
Chainlink (LINK) $ 15.75
Avalanche (AVAX) $ 22.70
Stellar (XLM) $ 0.287996
Hyperliquid (HYPE) $ 26.22
Shiba Inu (SHIB) $ 0.000015
Hedera (HBAR) $ 0.195400
LEO Token (LEO) $ 8.76
Bitcoin Cash (BCH) $ 394.81
Toncoin (TON) $ 3.09
Litecoin (LTC) $ 94.26
Polkadot (DOT) $ 4.68
USDS (USDS) $ 0.999787
WETH (WETH) $ 2,518.89
Monero (XMR) $ 350.48
Bitget Token (BGB) $ 5.16
Wrapped eETH (WEETH) $ 2,684.03
Binance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.996041
Pepe (PEPE) $ 0.000013
Pi Network (PI) $ 0.767402
Ethena USDe (USDE) $ 1.00
Coinbase Wrapped BTC (CBBTC) $ 107,048.00
WhiteBIT Coin (WBT) $ 30.24
Aave (AAVE) $ 259.87
Bittensor (TAO) $ 419.53
Dai (DAI) $ 0.999859
Uniswap (UNI) $ 6.05
NEAR Protocol (NEAR) $ 2.81
Aptos (APT) $ 5.15
OKB (OKB) $ 52.10
Jito Staked SOL (JITOSOL) $ 203.11
Ondo (ONDO) $ 0.948178
BlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
Kaspa (KAS) $ 0.110563
Cronos (CRO) $ 0.096948
Tokenize Xchange (TKX) $ 36.00
Official Trump (TRUMP) $ 14.47
Internet Computer (ICP) $ 5.30
Ethereum Classic (ETC) $ 18.47
Gate (GT) $ 21.52
Mantle (MNT) $ 0.747056
Ethena Staked USDe (SUSDE) $ 1.17
VeChain (VET) $ 0.028622
Render (RENDER) $ 4.66
sUSDS (SUSDS) $ 1.05
Ethena (ENA) $ 0.378958
Cosmos Hub (ATOM) $ 4.85
USD1 (USD1) $ 0.996832
Lombard Staked BTC (LBTC) $ 106,033.00
POL (ex-MATIC) (POL) $ 0.232155
Artificial Superintelligence Alliance (FET) $ 0.750364
Algorand (ALGO) $ 0.225011
Arbitrum (ARB) $ 0.394550
Filecoin (FIL) $ 2.87
Fasttoken (FTN) $ 4.40
Celestia (TIA) $ 2.68
Worldcoin (WLD) $ 1.12
Sonic (prev. FTM) (S) $ 0.503581
Jupiter Perpetuals Liquidity Provider Token (JLP) $ 4.55
Bonk (BONK) $ 0.000020
Binance-Peg WETH (WETH) $ 2,516.34
First Digital USD (FDUSD) $ 0.995697
KuCoin (KCS) $ 11.84
Jupiter (JUP) $ 0.505453
Binance Staked SOL (BNSOL) $ 176.72
Kelp DAO Restaked ETH (RSETH) $ 2,629.92
Stacks (STX) $ 0.879831
Fartcoin (FARTCOIN) $ 1.31
Solv Protocol BTC (SOLVBTC) $ 106,459.00
NEXO (NEXO) $ 1.28
Virtuals Protocol (VIRTUAL) $ 1.95
Story (IP) $ 4.54
Flare (FLR) $ 0.018963
Sei (SEI) $ 0.224652
Immutable (IMX) $ 0.652182
Optimism (OP) $ 0.721896
EOS (EOS) $ 0.787399
Injective (INJ) $ 12.19
Maker (MKR) $ 1,722.28
Rocket Pool ETH (RETH) $ 2,864.76
USDT0 (USDT0) $ 1.00
XDC Network (XDC) $ 0.071779
The Graph (GRT) $ 0.111371
dogwifhat (WIF) $ 0.984655
Curve DAO (CRV) $ 0.711589
FLOKI (FLOKI) $ 0.000099
Mantle Staked Ether (METH) $ 2,696.20
