note:
I wrote this whole big old thing, and came to the conclusion that this method is just too coercive and that the higher value problem is likely pricing. The market driven approach described originally here, is better than the approach that I describe below.
I think Celestia should be her own liquid staking monopoly
To me, this proposal seems quite complex, and to @evan’s credit, he understands deeply that it doesn’t solve the fundamental underlying problem, “actually fix pos”. I tend to agree. Celestia is a particular joy because Of all of the work that has gone into addressing base layer problems. I’m not entirely sure that this proposal doesn’t actually create additional problems, there are two pieces of it that to me seem to be in inherent tension:
- Vampire attacks
- Slowing the rate of validator set change
The proposal seems to riff on the liquid staking module in a number of ways, and propose what seemed to me to be genuine improvements to it.
However, I believe that the proposed design does reduce the primacy of Celestia, especially when liquid staking is considered.
If Celestia is to make significant modifications to staking logic, I think it might make a lot more sense to make liquid staking a native part of Celestia, instead of building and adapter for liquid staking third parties.
historical background
To my knowledge, liquid staking was recognized as a need when it was very clear that centralized exchanges would set up liquid staking no matter what anybody did. I also think that this remains true to this day, and that there’s a real argument for that. However, since we are already having discussions about reworking the staking module, which indeed needs rework, I think that it may be a good idea to take a step back and examine whether or not it is favorable for celestia to support liquid staking by third party chains at all.
problems with liquid staking
To me, the biggest problem with liquid staking has always been that it pays the same as regular staking. Liquid staking does not provide the same level of economic security and stability as regular staking. Certainly, the ICA route for liquid staking is significantly better than using a multi-signature wallet or even a single signature wallet, to create a liquid staking setup.
But it still has the very real problem that regular stakers accept immobility of their tokens, as well as slash risk.
Liquid stakers on the other hand take far less risk. They accept only slash risk, and in analyses we’ve done internally, it’s actually quite possible to create an insurance fund to relieve liquid stakers of slash risk, or partially relieve them. This is because slashes are relatively rare.
why do delegators get slashed?
We slash delegators as a punishment for choosing a non-performant validator. Currently there are two slashing conditions:
- Uptime
- Equivocation (double signing)
But if it’s possible to to to eliminate slash risk through an insurance fund as described above, and I fully believe that it is, then liquid stakers gain a total advantage – regular stakers are accepting both immobility of their tokens and slash risk, while liquid stakers accept none of this.
proposed model
Celestia should never open the staking ICA port. Instead, Celestia should implement liquid staking at the base layer, and provide a mechanism that can eliminate staking rewards for known liquid staking products using multisignature accounts.
This is the best of all worlds for Celestia because Celestia will never need to accept the risks that come with liquid staking products other than her own.
Celestia’s liquid staking product should definitely include a tax. The tax could go to the community pool, or simply never be issued. This way, traditional stakers will be able to benefit fully from the immobility that they’ve chosen to accept.
I’d estimate that immobility is worth 60%, and I am getting this number from The fact that slashing is really genuinely rare and that most slashing events are very small, typically downtime slashes. The majority of double signing events that have occurred in Cosmos have been operator error. I can’t really say that there’s been a Byzantine equivocation slash, except for a very interesting incident on CRO where a validator was compromised and eventually the attacker double signed (or threatened to, I forget which) And that was very Byzantine but the attacker was most certainly not threatening consensus in the traditional understanding of equivocation.
benefits of proposed model
- Celestia controls her own security.
- Reward to traditional and liquid stakers is in line with the amount of risk taken by both.
- Anyone is free to build restaking on top of Celestia’s liquid staked Tia.
- Less danger will be posed by restaked Tia, because there are fewer layers.
downsides
- I don’t like the heavy-handed approach of using governance to mark liquid staking protocols… But if we are viewing them as a security and primacy risk (and we should) then I do think it makes sense.
- One way to sidestep this would be to do nothing, as multisig risk is historically greater than slash risk or immobility risk.
- This also goes against governance minimization, and could create contentious votes.
- Even evan’s proposal good create incentives for liquid staking protocols to never move away from multi-signature wallets that provide the full benefit of direct staking.
- I’m walking away from this post fairly conflicted about how to deal with even the current incentive problems of liquid staking protocols.
- The development burden of the actual liquid staking protocol is placed on Celestia (but I think that it is less than what is described in the above post)
be the monopoly
subsequent literal shower thoughts
The biggest weakness of this proposal is that it can do very little to deal with the risks posed by multi-signature liquid staking tokens without a governance mechanism.
The biggest strength that I see in @evan’s proposal is that it is fully Market driven. While at first I saw a tension between slowing the rate of change in the validator set and the rapid conversion of lsts, in the shower I realized that this combination allows for the market to make determinations, and frankly that’s preferable to decisions made by governance. Maybe the only caveat here is that so far in most scenarios for liquid staking, the market has tended toward natural monopolies.
My post needs to be edited tomorrow, to remove the governance crutch. If I can’t figure out how to remove that crutch, then the original proposal by Evan is probably better than mine. I still agree with @LST that taxes are good in this scenario, as I do think that it’s possible to create very meaningful methods to limit or even eliminate the risk of slashes.