The Case for Social Slashing

“You gotta slash the hell outta them”

Courtesy of Denis Pourteaux

Background hella quick

On Aug 8, 2022, the US Treasury added Tornado Cash addresses on Ethereum to the OFAC SDN list. A few days later, Tornado Cash developer Alexey Pertsev was jailed in the Netherlands.

One of the biggest DeFi proponents unable to use DeFi because the US government updated a blog post?
TRM Labs is a (un)popular company that helps many DeFi protocols comply with sanctions by providing APIs to blocked address lists.
Most (>90%) miners today outsource their block construction to Flashbots which helps miners aggregate profitable transactions to mine. Flashbots decided to expedite the open sourcing of their relay as a response to the concerns that Flashbots would gatekeep OFAC-non-compliant transactions from even getting into the blockchain.
It’s obvious that Coinbase will follow the law, but what are the implications?
Coinbase is estimated to control 13.2% of the stake, maybe more. If you’re wondering why Lido validators are not unified in this chart, it’s because Lido consists of a consortium of validators and this legend separates them out individually. Lido can not enforce how a specific validator runs their node, but after withdrawals are enabled in the Shanghai upgrade, the Lido DAO (LDO token holders) can remove validators that have failed to perform according to the DAO’s wishes. If aggregated, Lido’s total share would be 31.1%. Source.
Point missed on many: It is currently possible to exit the validator set in Ethereum. You can opt-out of being a validator before the Shanghai hardfork that enables withdrawals. This means that there’s a way to enter a sort of “purgatory” where you don’t have a risk of losing ETH due to slashing or being punished for being inactive. The problem is that all exits need to go through an exit queue which is throttled, so even if Coinbase wanted to, it could still take 1–2 months unstake all their ETH.

Summoning The Evil Cocktail

A number of items have lined up to make the current situation in Ethereum extra pernicious, which has elevated the tone and the demand for answers:

  1. The US government putting a smart contract address on the OFAC list is a first. It used to be individuals that were sanctioned, not contracts. This, in addition to Tornado Cash developer Alexey Pertsev being arrested in the Netherlands, gives the general impression that governments are aggressively moving their pieces forward on the chessboard.
  2. Many teams developing DeFi applications (along with the Ethermine mining pool) quickly complied with these sanctions, and according to some even with an “overcompliant” tendency.
  3. With the Merge, Ethereum is replacing all its miners with validators one month from now and these validators’ makeup and stance on OFAC compliance is not well-known.
  4. The Proof-of-Stake mechanism itself has an inherent weakness in the sense that regulated custodial entities such as Coinbase, Kraken and Binance will play an outsized role in its dynamic.
  5. As per Ethereum’s design choice to preserve the safety of Proof-of-Stake, there is no easy way to unstake large amounts of ETH quickly. Exiting the stake from the validator set can take 1–2 months for a large staker like Coinbase (this is a separate issue from withdrawals being disabled until the next Shanghai hardfork which many incorrectly believe to be the first bottleneck).
  6. There are fears that “putting signatures on OFAC-non-compliant blocks proposed by other actors” in PoS is a more easy thing to regulate than “hashing on a chaintip” in PoW. Illogical or not, regulated entities may be more unwilling to put their signature on OFAC-non-compliant blocks in the Proof-of-Stake attestation process than miners are to mine on the latest chaintip in Proof-of-Work.

The Defense Mechanism is Known and Obvious… Why Is No One Talking About Our Special Weapon?

When Andreas Antonopoulos got the question, what do we do in Bitcoin if a state actor controls 51% of the hashrate and uses it to destroy Bitcoin, this was his famous response. It is one of the best articulated replies to an audience question I’ve ever heard. I felt like running through a wall after hearing it the first time.

From Vitalik’s blog.
  1. Ethereum has DeFi which has many more external dependencies (oracles, multisig sidechains, L2 sequencers, stablecoins) than non-DeFi chains. Many of these may struggle legally to go along with the OFAC-non-compliant “rebel”-fork of Ethereum, even if the community wants to. The Ethereum UASF “won’t work”.
  2. Principal-agent problem: When the “attacker” in this case is an entity like Coinbase, it’s not their money that gets burned, but instead billions of dollars staked by institutional clients and retail users through Coinbase’s custodial staking service. The Ethereum UASF is “unfair”.

Solving the Crypto Philosophical Dilemma

If you’ve made it this far in the article, congratulations. This is where you’re going to need to exercise those ethical-dilemma-cracking muscles. You now have sufficient background information to understand the dilemma, and we’ll now spend the rest of the article counter-arguing the above two points.

The Ethereum UASF is “unfair”

It’s definitely true that the Ethereum UASF would probably end up hurting a bunch of clients staking at Coinbase if this action is taken. I argue that this is actually not unfair or unusual in any way, and not even different from PoW:

  • After the Merge, the supply inflation in Ethereum is expected to be ~0% or negative. You get less diluted as a non-staking ETH holder than you would as a bitcoin holder. There is no “pressure” to become a staker. People who stake at a staking service are not innocent. They’ve given away a powerful resource to a potential attacker to receive a yield. All stakers, solo-stakers and pooled stakers, have a responsibility to understand the risks involved with staking, and it is important that this is communicated clearly now so we don’t need to clarify this later.
  • Most people understand that if Coinbase uses their stake to double-spend, Coinbase will get slashed. This is in the protocol rules. There’s no ambiguity here—if you are a staker at Coinbase and they do this, either by mistake or because they got hacked or because they acted maliciously, they unequivocally will get slashed, their clients included. Why should it be any different if the attack they engage in is censorship? Slashing those who conspire to censor the chain would be automated if it was possible to automate it, it is only for practical and technical reasons it needs to be coordinated off-chain. But why should a mere practicality change what’s right or wrong from an ethical point of view?
  • The principal-agent problem exists in Proof-of-Work as well. Ignoring mining pools for a moment since they’re notoriously easy to reconfigure yourself from, Blockstream’s colocation mining creates the similar dynamic for miners. That is also a more “convenient” form of mining that is cheaper and leads to a principal-agent problem with dire consequences if Blockstream was forced to do anything unsavory on behalf of the governement or some other attacker. Blockstream is also not the only company offering these services, these services are spreading. The full extent is just opaque and you likely won’t even know it’s happening.
  • If the system was instead Proof-of-Work and miners were engaging in this censorship (as we’ve already seen tendencies to with Ethermine), the defense mechanism there would be to abandon the Proof-of-Work function. This is also a nuclear option that hurts everybody. Everyone’s hashing equipment would turn useless overnight. If this was Bitcoin, that’s many billions of dollars in losses to actually innocent people. Coinbase stakers atleast played a role in the conspiracy by greedily capitalizing a player that wasn’t likely to uphold the network’s virtues!

The Ethereum UASF “won’t work”

It’s definitely true that the UASF is harder to pull off in Ethereum because of all its DeFi dependencies (oracles, multisig sidechains, L2 sequencers, stablecoins), and although this has nothing to do with PoS, it still needs to be addressed.

87% of those who picked an option chose to support the Ethereum UASF option, not the OFAC-fork.
Who’s going to help develop the OFAC-fork? Not Vitalik.

Final argument

My final argument and the argument I’m expecting to take this conversation home, is that it’s actually more likely that the OFAC-chain is the one that isn’t going to work.

If we allow censorship of user transactions on the network, then we basically failed. This is *the* hill that I’m willing to die on.

If we start allowing users to be censored on Ethereum then this whole thing doesn’t make sense and I will be leaving the ecosystem and maybe start something different that provides these guarantees, and I think there are a lot of people that think the same thing.

I think censorship resistance is the highest goal of Ethereum and of the blockchain space in general, so if we compromise on that, there’s not much else to do in my opinion.

Conclusion

We may only have one shot to get Ethereum right. That direction is not OFAC-chain. By signaling your support for the UASF fork, which is the only viable option, you will likely help deter actors such as Coinbase from staking if they think they have to engage in baselayer-censorship.

Appendix (Q&A)

Who decides these things? Who decides what an attack is, and what's acceptable behavior? Who says that it's one of the design goals of Ethereum to include OFAC-non-compliant transactions? Is there a constitution somewhere?No, there is no constitution. No one "decides" this per se. The words "censorship resistance", "neutral" or "permissionless" don't even exist in the whitepaper, although there is some language that involves "allowing anyone to write smart contrats" when describing the system's intent.Freely speaking, it has just always been informally understood to be one the design goals of Ethereum by its creators and the early members of its community. The above words are nowhere to be found in the Bitcoin whitepaper either, but it did not prevent the Bitcoin community from understanding it as one of its primary objectives and planning to great detail how the community should act if the miners at any point were to censor the chain from certain transactions, including changing the Proof-of-Work function to make all current mining equipment obsolete.To consider censorship unacceptable and something that must be fought at any cost is an idea that has emerged organically within the Bitcoin community, and the Ethereum community has inherited many of these values as well.But what if the community wants to censor some type of transactions? What if censorship has consensus?Technically, it is true that the community can always come together and decide that some form of censorship is desirable for whatever reason. It can have to do with preserving the health of the system, or perhaps, as in Bitcoin's UASF case, wanting some upgrade to be introduced into the system (in the Bitcoin UASF which occurred in 2017, BIP91 and BIP148 allowed users as well as miners to reject, i.e. censor, any blocks that did not signal for SegWit activation, in order to ensure its deployment on the network).However, these are not types of censorship that are generally understood as attacks. Censorship is really only understood as an attack if it prevents a specific set of users from transacting in some way especially if it has external political ties.What's the required % of stake one must control in order to censor the Ethereum blockchain?There are multiple penalties and rewards in Ethereum's Proof-of-Stake system, so this question isn't as simple as one would think. It depends on exactly how censorship is enforced and also on how the subjects respond. Vitalik estimated the required threshold to be between 20-50%.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store