### On Collateralization of L1 Proposers for Giving Preconfirmations *notes taken during ZuBerlin sequencing & proposer commitment days + feedback from @mteam* #### Background - Current working assumption: L1 proposers need collateralization to ensure compliance with preconfirmation promises. - Concern: 1000 ETH as collateral is considered too high for a healthy proposer adoption. #### Data Insights - ~99% of mainnet blocks since Jan '24 are worth <1 ETH; no blocks >1000 ETH. - Original 1000 ETH proposal based on these findings #### Issues with 1000 ETH Collateral - Barrier to Entry: Deters solo stakers, even with proposer pools/smoothing pools. - Costly Liveness Risk: Significant risk during sudden power or internet outages. - note: *preconf-chaining* may resolve liveness risk (h/t @mteam) - Capital Inefficiency: High opportunity cost. - Insufficient Compensation: Only accounts for preconfer slashing (=burn), not user compensation. - note: *why? [on-chain collateralization](https://ethresear.ch/t/credibly-neutral-preconfirmation-collateral-the-preconfirmation-registry/19634#bonus-slashing-conditions-13) should allow for user compensation even below minimum required collateral* #### Proposal for 1 ETH Collateral - Rationale & Data Support: 1 ETH likely covers 99% of preconfirmations. - Same logic as with the 1000 ETH proposal is applied (slashing/burn) up until 1 ETH - Remaining 1%: Just-in-time **insurance** for preconfirmations >1 ETH, providing real-time economic security. Requires additional side collateral **from proposers** (i.e. insurers). #### Advantages of 1 ETH Collateral - Accessibility: Easier for solo operators to participate. - Reduced Liveness Risk: Risk capped at 1 ETH. - Capital Efficiency: Lower preconfer collateral requirements, also for relays and builders. - User Compensation: Insurance ensures user compensation for preconfirmations >1 ETH. #### Sybil Resistance and Collateral Allocation - Sybil Resistance: Inherited from L1 (proposer=preconfer). - Preventing Double-Allocation: >1 ETH preconfs require PK signature inside SGX to prevent fractional reserve issues (either locally or potentially via SUAVE?); *see more below*. #### Issues with 1 ETH Collateral - Execution preconfs potentially unavailable at times, if collateral is too low --> bad UX? - ...because execution preconfs for the next active preconfer need to be collateralized by both the active **and** the next preconfer (h/t @mteam) - Moreover, execution preconfs are most valuable to users in times of contentention (e.g. NFT mint) when they are most likely to be reneged. - Potential lack of forward-compatability with increased economic activity and rollups at scale. - Other assumptions involved (historic MEV data, SGX, proposer collateral for being insurers in a world w/o ePBS, ...) #### Consideration of 0 ETH Bond - Challenges: - Permissiveness leads to easy reneging, undermining preconfirmations. - 1ETH is not much of a barrier and give fairly high guarantees for 99% of all preconfs. - Minimum collateral needed as a Schelling point for consensus among rollups to share a sequencer. - Penalty mechanisms (e.g., stake freezing) offer additional benefits. - Opt-in mechanism necessary for proposers to signal intent and agree to slashing conditions. #### Insurance Provisioning for >1 ETH Collateral To prevent potential insurance fraud (e.g., collusion between preconfers and users), preconfers must provide additional collateral on-chain and attest to the existing insurance capital via SGX and remote attestations. 1. The preconfer generates a public/private key pair within SGX and signs off on insurance messages for preconfirmations issued to users. 2. Remote attestation by Intel confirms that the public key matches the private key generated inside trusted hardware according to some insurance programming logic within the enclave, which tracks the amount of insurance capital encumbered. 3. The remote attestation can be verified by a smart contract on-chain (e.g., Taiko, [Puffer](https://docs.puffer.fi/technology/RAVe/)). 4. Once the additional insurance collateral is exhausted, the enclave will stop signing further preconfirmations - in accordance to the untamperable programming logic inside the enclave. 5. Users can trustlessly verify that the preconfers' total encumbered insurance capital does not exceed the maximum available on-chain and can claim their insurance directly on-chain in the event of a liveness failure. *tangentially related: [a deep dive into how locally generated keys inside SGX work in the context of staking](https://mirror.xyz/ladislaus.eth/joTqwZ1sBLxlJayV4pIYxCkwl4RWheM_xipU_OCp9MM)*, or [inside TDX](https://streameth.org/zuberlin/watch?session=666ada1907f92b086c2bdf57) #### Additional Considerations - Airdrop Idea: :bulb: **Rollups may airdrop 1 ETH bond** (individually or collectively) to solo-stakers, or to an underwriter smart contract on their behalf, in order to facilitate preconfer diversity for based rollups (h/t Max). - Further Airdrops: Potentially to preconfers/insurers for covering >1 ETH preconfirmations, combined with lockup periods for even better incentive compatability. #### Preliminary Conclusions - There's a tradeoff between users' and proposers' collateralisation requirements. - Is 1 ETH collateral enough?