# Update 9 Over the past two weeks, I have mainly been exploring the ['Further Work'](https://hackmd.io/@echno/rollup-relay#Trade-offs) section of the Rollup-Relay approach, with a focus on further reducing the trust assumptions through a data availability layer, as well as further abstracting the approach. ## Abstraction Since I didn't emphasize this enough in my earlier posts, the off-chain commitment between the builder and the proposer does not need to have a rollup as the intermediary. It can also be done via a mev-boost-relay or a data availability layer, as shown in the illustration below. ![](https://i.imgur.com/UEnLVXf.png) Trust assumptions are reduced with this approach regardless of which intermediary is used. However, there are different trade-offs to consider beyond the trust assumptions, which is why I initially chose to use a rollup as the intermediary. However, I can also see a world where all these different intermediaries can co-exist, and proposers and builders can choose which one to use based on their trade-offs. This leaves room for experimentation and lets the market decide what intermediary works best. Here is the full approach with the abstracted intermediary: ![](https://i.imgur.com/mgd4ej3.png) ## Reducing trust assumption further with a data availability layer As explained in the [future work section](https://hackmd.io/@echno/rollup-relay#Availability-committee-for-the-off-chain-commitment) of the Rollup-Relay approach, a data availability (DA) layer could be used to reduce the trust assumptions even further. Either a DA could act as the intermediary directly, or there could be a DA-hybrid approach where the rollup or the mev-boost-relay work together with a DA. This would further reduce the trust assumptions because of the DA, but it would not compromise on latency for the auction. The DA would have its own consensus mechanism, and members of the DA would attest to the "signed header" transaction. The members of the DA would pull the transaction from the rollup or relay, ensuring that it is available on the intermediary. Additionally, it would serve as a backup for the builder if the transaction is not available on the rollup or relay. In the event of a slashable offense happening, the proposer must now also submit the attestation from the DA to the fault-proof smart contract. This is because it proves that the builder had access to the signed header. Which would eliminate the trust assumption that the sequencer does not collude with the proposer. This is because they could only grief the builder by withholding the signed header transaction or releasing the transaction very late and slash the builder for not releasing the block or not releasing the block on time. The DA solves this because it needs to attest to the transaction being available to the builder during the auction. The proposer would need to submit the attestation from the DA to prove the fault, but it couldn't if the transaction wasn't available to the builder. ![](https://i.imgur.com/AJ6thOl.png) As mentioned earlier, the DA employs a consensus algorithm, but the consensus algorithm does not compromise security or decentralization in the [scalability trilemma](https://vitalik.ca/general/2021/04/07/sharding.html) (refer to the illustration above), despite the auction needing to take place within the 12s slot of the proposer. This is because, at the time of the auction, only one honest node needs to know about the data as a backup for the builder. But since attestations are only required in the event of something slashable occurring, they are not needed directly after the proposer's slot, allowing the consensus algorithm to take its time (the time of the proving window). The proving window could be for example 7 days. So the DA has time to reach consensus. ![](https://i.imgur.com/XViWPSg.png) As you can see in this graphic, the DA pulls transaction data (specifically the signed header transaction) and attests to its availability, as well as storing a backup for the slot period + \mu. Of course, if we use a DA as the intermediary, another DA is not needed. Hence, the additional DA only pulls transaction data from the Rollups and the Relays.
Last changed by  
ogechno
219

Read more

Final EPF update

This is the final update for the "Reducing trust in the PBS relay" project by echno. The project aimed to reduce the required trust assumptions in the PBS relay either by proposing a new approach or adopting an existing one Status report The goal of the project was defined as follows: The goal is to have developed a solution and specification, with the fewest possible drawbacks, that to some degree reduces the trust of the relay. Additionally, it would be nice to have a prototype implementation of this specification. The approach we created is called the Rollup-Relay, which is a PBS solution that utilizes a rollup as the intermediary between the builder and the proposer. Additionally, we described how this approach could be further abstracted to utilize other intermediaries, such as a modified MEV-Boost-Relay or a Data Availability Layer (DA). We also extended the approach with an additional Data Availability Layer to reduce trust assumptions even further.

2/27/2023
Rollup-relay

The goal of the project was to reduce the trust assumption in the PBS relay. While the Rollup-Relay may not be the ultimate solution for solving PBS, we still believe it accomplishes this goal. Additionally, this solution could be implemented relatively quickly today compared to other solutions, since the infrastructure is already in place. It also serves as a solid foundation for more sophisticated solutions. The Problem Currently, relays serve as the link between the builders and proposers. Builders can submit bids to the relay to have their block included in the proposers slot. The relay selects the highest valid bid and forwards the block header the proposer. The proposer picks the best block from all the relays and returns the signed header back to the chosen relay. After the signed block header is received, the whole block is released to the network. This strategy has some fundamental trust assumptions, e.g. relying on the relay to release the block on time, unbiased in selecting the blocks for the proposer (e.g. the relay operators do not prefer their own blocks over others), does not censor blocks based on their content and do not steal the builder’s mev opportunities. To reduce these trust assumptions, we propose the rollup-relay. The Approach The Rollup-Relay approach involves using a rollup to facilitate the exchange of minimal information needed for the builder and proposer to accomplish the auction. In the following section, we will provide a more detailed explanation of how this process takes place.

2/19/2023
Update 8

The last two weeks, I have been mainly focused on cleaning up the approach and writing a comprehensive doc that explains the entire mechanism. I'm also in the process of collecting feedback from various people about the it. Additionally, I looked further into data availability layers with their own consensus algorithms, such as Celestia. The doc with the entire approach can be found at: https://hackmd.io/@echno/rollup-relay If you want to leave some feedback, dms are open on twitter or leave some feedback here: https://collective.flashbots.net/t/rollup-relay-reducing-trust-assumptions-in-the-relay/1212 I have also started a Github repo a while back: https://github.com/ogechno/rollup-relay There isn't much in the repo, except for some boilerplate code, but I will probably try to hack on it during the builder week at ETHDenver 2023.

2/6/2023
Update 7

The last two weeks, I focused on the slashing mechanism for the rollup-relay, as well as reconsidering an availability committee for the off-chain commitment. Slashing mechanism As mentioned in my last post, there are 3 slashing conditions: The builder did not release the block on time - this is necessary because in our approach, the builder is responsible for releasing the block to the network on time. If they fail to do so, the proposer is missing out on the reward for proposing the current block. The slashing amount could be the block reward + promised bid in the auction + some \mu for punishment. The builder submitted an invalid block - this condition is needed so the builder does not grief the proposer by submitting an invalid block. The proposer would also lose out on the reward for proposing the block. Because of that, the builder needs to be slashed. Again, the amount could be the block reward + promised bid of the auction + \mu. The builder did not pay the promised fees - this slashing condition is needed so the builder actually pays the proposer the promised bid. The slashing amount could be the promised bid + \mu for punishment. Although, for all of them, there is a problem - if the bid is greater than the staked ETH of the builder, the proposer losses out on some reward. In addition the builder has an incentive to just take the "slash" instead of paying the promised bid amount in case of 3. if bid > stake.

1/19/2023
Read more from ogechno
Published on HackMD