This page serves as a living document to explore how a Cosmos chain (here Inco Network) can be dual-secured by using EigenLayer restaked ETH.
TODO: what is Inco, what is Eigen, why dual stake. This blog post is a good intro.
A third consideration is that the Inco validators will additionally run a MPC network for the FHE decryption key. However, due to the current difficulties with slashing in a MPC network, we can omit this consideration in this document.
In other terms, the goal is to decide which design to use:
The validators run a CometBFT chain whose voting power is a function of both INCO and ETH. They use a side-car to natively listen to events on Ethereum, and inject it into the Inco chain.
We use the USD market cap of staked token as a common denominator for dual staking both tokens. We inject into CometBFT's voting power the sum of $(INCO) + $(ETH)
.
The price oracle is fetched by the active validator set, using for example VoteExtensions, or via on-chain voting. See section "Listening to Voting Power" for a comparison.
Pros:
Cons:
Notes: Inco has started working on a PoC based on this design. See diagram.
Without price oracle, we propose to do a weighted sum of the absolute values of both voting powers: x * INCO + y * ETH
with x + y = 1
. The two parameters can be updated via governance.
An sub-case is to set x := 0
, i.e. use ETH for securing the network and INCO solely as a governance token.
Pros:
Cons:
x
and y
are only gov-updatable, which is slow compared to ETH/INCO price volatility.Rely on Ethos for ETH backing. In a way, this is very similar to Self-Sovereign Dual Staking (design #1), but using Ethos for injecting voting power instead of doing it directly with EigenLayer. Inco can integrate with Ethos:
Pros:
Cons:
Open Questions:
Mesh (Ethos) | RS (Ethos) | Self-Sovereign Dual Staking | |
---|---|---|---|
Dual tokens | yes | no | yes |
Slashing | IBC | IBC | directly to Eigen |
Death by Contagion | Medium+ | Highest | Medium- |
Implentation cost | Low | Low | Medium (but ongoing) |
Difficulty of recruiting ETH security | Easy (ask Ethos operators to delegate to Inco vals) | Medium (ask Ethos operators to also run an Inco val) | Hard |
Overhead on Eigen operator | None | Run Inco validator | Run Inco validator |
Ease of scaling Inco validators | Easy | Hard | Hardest |
Inco token utility | High (security, gov, fees) | Low (gov, fees) | High (security, gov, fees) |
Note: We might also want to use the same mechanism for price oracle, if we need one.
We use a solution based on ABCI++'s VoteExtensions, for example using Skip's Slinky. This means that voting on Ethereum events is delegated to CometBFT: votes are not casted on chain, but done during CometBFT's voting rounds, only the result is stored on chain (via PreBlocker
).
If we don't use Slinky, we can still design our own implementation using VoteExtensions.
Pros:
Cons:
Each validator will have its own observer side-car, which monitors events on Ethereum. Once the side-car receives an event, it will broadcast a Msg on the Inco chain using the associated validator's private key.
This design takes inspiration from prior art:
Pros:
Cons:
Open Questions:
With this design, the voting power is injected from Ethos to Inco's state machine using IBC.
We propose to categorize slashing into two categories: consensus misbehaviors and bridging misbehaviors.
CometBFT and Cosmos SDK currently handle 3 types of misbehaviors:
The evidences of such misbehaviors are easily verifiable on the Cosmos side, but verifying them on the Ethereum/EigenLayer side requires periodically passing Cosmos stake tables to Ethereum.
Inco Slash % | ETH Slash % | |
---|---|---|
Non-Liveness | 1% | ? |
Double-Signing | 5% | yes, if possible |
LC Attack | 5% | yes, if possible |
Incorrect bridged event | ?% | yes |
This table summarizes how other Ethereum-Cosmos bridges are designed. It is not meant as a bencharmark of which bridge Inco should connect to, but as inspiration for Inco's own native bridge.
Some other references:
Blobstream | Zetachain | Axelar | Gravity | Slinky | Namada | |
---|---|---|---|---|---|---|
Technical docs | spec | docs, whitepaper | cgp-spec | design | notion | blog |
Validator runs observer? | n/a | Yes, validators run light-client (passive) or full-node (active) [11] | Yes, validators run full-nodes[1] | Yes, validators run full-nodes[2] | Yes, agnostic over RPC vs full-node | Yes, validators run full nodes [8] |
Consensus on observed events | n/a | on-chain[2] | on-chain | on-chain | VoteExtensions | VoteExtensions |
Slash malicious observers | n/a | No (intentional) [6] | possible | |||
What is stored on the ETH contract? | Latest valset + height=>dataRoot [5] | Latest TSS address [10] | Latest valset[7] | Latest valset[4] | n/a | Latest valset [9] |
What does ETH key sign? | 1 sig per attestation (valset or data commitment) per validator[13] | 1 TSS sig per outbound tx[12] (TODO can batch?) | 1 sig per validator per BatchRequest or ValsetRequest | n/a | ||
How are ETH signatures aggregated? | EDCSA multi-sigs. Custom P2P network, relayers bundle N sigs | TSS (edcsa & eddsa) | On-chain EDCSA multi-sigs | On-chain EDCSA multi-sigs | n/a | |
Example TX | link | link (decode input data) | ||||
Who relays the tx? (pays for ETH gas fee) | n/a | |||||
Relayer incentive | Fees | n/a | ||||
Additional backstop mechanism | ||||||
Fraud Proof | n/a |
References:
Gravity.sol
.Blobstream.sol
. They are also called Valset
and Data commitment
attestations in the spec.Bridge.sol
.ZetaConnector.base.sol
.Below are some notes that haven't been integrated in to a section above
There are three main failure modes to consider:
✅⚠️❌