Restaking is a ticking time bomb

Stack enough financial risk onto a blockchain system, and you’re inviting more fundamental instability

OPINION
article-image

Midjourney modified by Blockworks

share

A new kind of blockchain architecture is having its moment in the sun — but it’s also casting a long shadow.

So-called “restaking” protocols claim they’ve achieved new levels of efficiency by piggybacking on staking-based security models. But those efficiencies also entail risks — risks we don’t entirely understand.

That isn’t just risk to users of any particular restaking project, but to entire ecosystems. Ethereum co-founder Vitalik Buterin himself has warned that restaking protocols could pose “significant systemic risk.” It’s important to pay attention now, because these protocols are growing fast, and any risk is growing with them. 

In a worst-case scenario, a large enough failure could destabilize the underlying blockchain whose security is being recycled. We’ve already had a mild preview of such a catastrophe in the chaos caused by the 2022 exploit of Ankr, a restaking protocol built on the BNB network.

The risk comes from layers of derivative and synthetic financial assets that require increasing yield and liquidity to sustain the system; not to mention the unproven new infrastructure, tech and code that it all runs on. Those parallel the complex risks that caused the largest financial meltdown in living memory: the Great Financial Crisis of 2008.

The dominant motives for restaking may be added cause for anxiety. These systems pitch stakers above all on increased returns via the ability to collect multiple staking rewards from the same deposit. This again parallels the GFC: The creators of the CDOs at the heart of that blowup thought they were financial innovators increasing liquidity and returns, but they didn’t foresee the broader implications of their innovations.

Historically, a preoccupation with returns over utility has been a red flag for crypto and financial products. To paraphrase Jurassic Park’s Dr. Ian Malcolm, users and developers are so focused on whether or not they can restake, they aren’t stopping to think whether they should restake.

Shadows of the past

“Staking” is the fundamental security model of many blockchains, which requires locking up a native token like ETH as collateral. That stake becomes a kind of assurance deposit for a “validator” which submits and collates transactions to the Ethereum network. This security comes at a cost, though — you can’t use staked ETH for anything else, and your stake can be seized, or “slashed,” if you break the rules. 

“Liquid staking” protocols like Lido emerged as a work-around solution to these lockups, allowing users to stake their ETH while receiving a liquid staking derivative (LSD) token in return. “Restaking,” in turn, lets users stake these derivatives in a layer-2 system, like EigenLayer.

Some observers use a much uglier word to describe restaking: rehypothecation. It evokes the mother of all financial blowups in 2008.

Rehypothecation is when a leverage provider or other lender re-lends a borrower’s collateral to another borrower. This both increases counterparty risk to the bank’s balance sheet, because the same money could disappear from two different places, and increases systemic risk by multiplying points of failure and interdependence. That’s why it’s generally taboo for lenders, and often illegal.

Read more from our opinion section: Yes, staking actually should be regulated

The central culprit in the 2008 crisis was the use of collateralized debt obligations (CDOs, which we might also describe as liquid mortgage derivatives) as loan collateral. That is, banks were stacking loans on top of loans, while the promoters of CDOs argued they had engineered risk out of their product. When borrowers defaulted on the underlying mortgages, a huge amount of often unrelated debt had to be called in, causing a giant “freeze” in credit markets — and in turn, huge damage to the underlying assets and economy.

The technical risk

Restaking roughly amounts to lending the same capital to two different systems, and putting it at risk in both. The details of restaking protocols vary, but they all allow re-staked assets to be “slashed,” or taken away, if a validator misbehaves. Some restaking systems also require restakers to hand over control of their underlying ETH stake, which can then also be slashed.

This means that if a large enough proportion of ETH were restaked into a native staking layer, and that layer had a bad enough bug or hack, the technical security of Ethereum itself could be threatened.

This is why the drive to maximize yield is a security risk. Restaking services have largely imposed “caps” on the share of ETH they accept for restaking, but these are voluntary, and the drive for yield would logically lead to 100% of ETH being restaked somewhere. Eventually, a restaking service will emerge without the scruples to hold to voluntary caps, and the entire Ethereum system will have a new risk vector.

The financial risk

But even leaving aside that doomsday scenario, restaking increases systemic financial risk. This was illustrated in the rather obscure 2022 Ankr exploit. In that incident, a hacker gained control of a key that allowed them to mint a reported 6 quadrillion aBNBc tokens, or “Ankr Reward Bearing Staked BNB.” Because these tokens nominally represented a claim on underlying BNB, this was tantamount to printing fake BNB.

As the hacker sold off their counterfeit BNB, they crashed the price of liquid staking tokens across the ecosystem, with names like BNBx and stkBNB. The hacker also used fake aBNBc as loan collateral to extract stablecoins from a project called Helio, leaving that protocol in indebted shambles. The damage to those unrelated projects took roughly a month, and a lot of work, to fix — a tiny version of 2008’s CDO-fueled credit-market freeze.

The social risk

Vitalik Buterin focused on a different restaking risk in a May 2023 blog post. His main concern was that the failure of a large restaking-based layer-2 could trigger demands for a “fork” of the underlying system to fix the problem, which he called a threat to Ethereum’s “social consensus.” 

In short, Vitalik was worried that victims of a big enough restaking blowup could demand a bailout. That risk has only become more acute as restaking grows. EigenLayer now holds roughly 8% of all staked ETH, a large enough body of users to make a credible threat of forking Ethereum.

In essence, Vitalik’s fear is that a restaking layer-2 could become, in yet another echo of 2008, “too big to fail.”

Crypto security is about both finance and tech

Even though I’m chief information security officer/chief technology officer of a blockchain security firm, I’m as worried about the financial risk of restaking as I am about the technical risk. That’s because blockchain security is an entirely new sub-discipline of security where technical and financial risk are constantly, intimately tied.

In the case of staking derivatives, the instability caused by the hack of a big enough restaking protocol could easily lead to technical instability on the underlying chain. One vector of contagion would simply be fear, as stakers seek to exit what suddenly looks like an unstable asset. In many systems, and Ethereum in particular, such a catastrophic rush to unwind positions would create a massive fee spike for all users. This could push token prices down further, creating a vicious liquidation cycle.

This illustrates how the unique strength of blockchains also entails unique risk. The interaction between financial incentives and decentralized digital security is fundamental to the basic operation of blockchains. With restaking, the inverse may prove true as well: Stack enough financial risk onto a blockchain system, and you’re inviting more fundamental instability.



Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the On the Margin newsletter.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Salt Lake City, UT

MON - TUES, OCT. 7 - 8, 2024

Blockworks and Bankless in collaboration with buidlbox are excited to announce the second installment of the Permissionless Hackathon – taking place October 7-8 in Salt Lake City, Utah. We’ve partnered with buidlbox to bring together the brightest minds in crypto for […]

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

AERODROME TEMPLATE.png

Research

Aerodrome is a "MetaDEX" that combines elements of various DEX primitives such as Uniswap V2 and V3, Curve, Convex, and Votium. Since its launch on Base, it has become the largest protocol by TVL with more than $495B in value locked, doubling Uniswap's Base deployment.

article-image

The former Valkyrie CEO chats with Blockworks about what she has her eye on as Cypherpunk Holdings’ new leader

article-image

Thursday’s CPI report shows prices are coming down more quickly than analysts had anticipated, renewing hope that central bankers will cut rates in the fall

article-image

If we tokenize all assets in a speculative rush, the risk of creating illiquid markets and trapped value will manifest on a large scale

article-image

Plus, Trump is headed to the heart of Bitcoinlandia with a speaking appearance at the Bitcoin 2024 conference

article-image

Meanwhile, stocks rally after Jerome Powell finishes his Capitol Hill tour

article-image

Plus, Blinks have reshaped many people’s understanding of what blockchains are capable of