navbg

Modular Security Day: A Collaborative Exploration of Fraud Proofs and the Future of Rollups

The RollupAugust 5, 2024, 7:29 PM

A Call for Collaboration to Improve Fraud Proofs at Modular Security Day hosted by Cartesi, moderated by donnoh.eth of L2beat

Featuring:

  • Gabriel Coutinho de Paula
  • John Adler
  • Mark Tyneway
  • Justin Ðrake
  • Ed Felten

First question is for Ed about Bold protocol, with regards to the issue that bold is trying to fix (Sybil attacks). The question is on the tradeoff.

Ed says they are very serious about their threat models with a set of claimed properties.

This is basic level for rollups…

He continues to talk about the curves of optimization for the risk/reward of attacking Arbitrum.

The current bond requirement on Bold is 3,600 ETH, it’s so high b/c attackers can buy “unit of delays” which need to be deterred.

Question is how much is needed?

There’s a difference in a tournament style - attacker who stakes more can cause more delay.

In bold style approach, the attacker can only cause a 7 day long delay (plus or minus a little) regardless of the staking amount by attacker.

Cartesi is doing tournament style.

Gabriel claims their ideal outcome is to have one single participant be able to be the honest node / staker which the rest of the nodes can agree on AND for that person to be able to not have a massive capital requirement.

Ed says, well with a more valuable chain the requirement has to be higher.

The two come to a mutual consensus with regards to their trade offs.

I definitely have some papers to read. Lol.

Next, the focus is on Optimism. Mark says they aren’t really seeing delay attacks happen and they are focused on the minimal viable idea in production.

He invites delay attacks. Ed says a party can attack optimism with 0.008 ETH with one claim.

Mark says at every 3 hour interval of attackers trying to attack, the cost of corruption effectively doubles so it would be quite expensive. Tbh seems like Ed and Arbitrum has thought more deeply about this with Bold, but like Mark said, optimism has a viable working setup.

Ed chimes in and says it’s ridiculous that Optimism’s approach is to just ship something and say attack it.

Mark says “attack it then” and then Ed goes “I have an ethical problem with attacking a protocol on mainnet”

Mark says “do a bug bounty” then Ed says he already has. Lol

Mark says the end goal is to create a software stack that commoditizes the ability to launch a stage two rollup (according to L2beat).

Luca asks John if Celestia is moving away from fraud proofs towards ZK.

He says…well, yes and no.

Celestia currently runs fraud proofs to ensure the erasure coded data has been properly verified.

John says he’s confident that a fraud proof setup with a single round is the best way. A non-interactive FP.

One claim, one arbitration and it’s over.

You can think of it as a court case without appeals. One final ruling.

Definitely has trade offs.

Ed looks funnily uncomfortable but also agreeing with a lot of what John is saying.

John continues to say that for Celestia the single round FP makes a ton of sense for the usecase above.

He then says they are heading towards ZK proofs.

Slight change of direction into to challenge periods…

Ed says Vitalik is the cause of the 7-day withdrawal window. He says his threat model is that an attacker can only attack for 7 days.

John says attackers can censor for longer than just a week but after a week they would be socially slashed.

The group is saying that they need to come to consensus on a shorter withdrawal window.

John says this is something the L1 needs to come to consensus on.

We’re getting to the end and the guys are discussing are we wasting time spending time talking about fraud proofs when ZK is so close.

Optimism is already saying they are moving to ZK in their roadmap. Arbitrum will probably as well.

Thanks for reading, hope you enjoyed