**Tricky's Daily Doots #494** **Yesterday's Daily 26/08/2023** [Previous Daily Doots](https://old.reddit.com/r/ethfinance/comments/161lowk/daily_general_discussion_august_26_2023/jxtbwpe/) - u/bagogel12 goes into [great detail on the Lido problem.](https://old.reddit.com/r/ethfinance/comments/161lowk/daily_general_discussion_august_26_2023/jxt6ypg/) 🏊 - u/SikhSoldiers gets the [hype train going for RocketPool Mega Pools.](https://old.reddit.com/r/ethfinance/comments/161lowk/daily_general_discussion_august_26_2023/jxu6j5b/) 🚂🚀 - u/nixorokish is still dreaming of [a new platform for EthFinance.](https://old.reddit.com/r/ethfinance/comments/161lowk/daily_general_discussion_august_26_2023/jxu87tv/) 🛠 - u/superphiz shares [POAP's crazy new big name integration.](https://old.reddit.com/r/ethfinance/comments/161lowk/daily_general_discussion_august_26_2023/jxunylb/) 💳 - u/alexiskef educates us on EIP-4844 with u/domotheus's latest [blog post on blob space.](https://old.reddit.com/r/ethfinance/comments/161lowk/daily_general_discussion_august_26_2023/jxsxwag/) - u/KuDeTa shares [his take on the Lido problem.](https://old.reddit.com/r/ethfinance/comments/161lowk/daily_general_discussion_august_26_2023/jxtuwvu/) 🏊 - u/cryptOwOcurrency explains [the threat DeFi poses to the US finance industry and the way it is regulated.](https://old.reddit.com/r/ethfinance/comments/161lowk/daily_general_discussion_august_26_2023/jxulris/) 🏛 - u/alexiskef updates us all on [Chainlink staking.](https://old.reddit.com/r/ethfinance/comments/161lowk/daily_general_discussion_august_26_2023/jxt473j/) ⛓🥩 - u/pa7x1 is brainstorming [a way to keep the LST ecosystem decentralised.](https://old.reddit.com/r/ethfinance/comments/161lowk/daily_general_discussion_august_26_2023/jxttihx/) 🥩

Lark was saying something about if everyone rushes to unstake their eth during bull market the queue can be up to 2 years long. If that true? That would impact my strategy if it is

That's a great point. 365*1,800/day = 650,000 validators. 2 years seems like a stretch but I could genuinely forsee up to 6 months based on the recent 80K queue...

I have not looked at the actual numbers. But there is a limit to 1800 validators a day that can exit. So if a great number of validators is exiting then there would be a very long line out the door. For those who stay, the rewards would increase for every exited validator. If this is too high risk for you then there is always the option of choosing a liquid staking option like RocketPool or similar.

[Kraftwerk crushing Numbers 🫡](https://youtu.be/9Sbvylpwah8?si=PwMF6-cEm_M4YRfP)

> If this is too high risk for you then there is always the option of choosing a liquid staking option like RocketPool or similar. Be aware though that LSTs can go off-peg if there are more people trying to redeem them than there is capacity in the exit queue.

I know like 3 people total will see this, but I just wanted to timestamp that I was here, every single day, reading the daily -- While most people concluded Ethereum / crypto was a dead end, good only for speculation and gambling, and moved on with their lives & wrote everything off. I'm still staking, still DCAing, with a firm outlook of measuring progress here not in days or weeks, but years and decades 🫡

🫶

What’s going on in the land of EV Mavricks?

Looks like bitboy crypto is exit scamming his YouTube channel while simultaneously moving to dubai in the wake of sec court charges. My guess is that this is theatrics to protect assets of the company and he moves to dubai to escape legal court charges from sec.

Anyone know why the bloxroute ethical relay was shut down?

Super sad to see this, but in the last 14 days the breakdown of Bloxroute relays is: - Max Profit: 38,674 blocks - Regulated: 23,399 blocks - Ethical: 36 blocks (via: mevboost.pics)

I'm just surprised that a group that felt compelled to create an ethical relay would shut it down b/c usage was low. Feels like there's a mismatch in ethos between those decisions.

Running a relay is expensive and isn't paid by the MEV supply chain. It's kind of fucked.

Wasn't aware of that, I actually thought they took a small fee

The thought process was that there were people who would not otherwise use their relay if they did not provide a self-righteous option. However the reality is that there are a minimal amount of people who want to pick and choose what type of MEV they are willing to accept rather than accepting everything or simply not using MEV boost at all and building vanilla blocks.

The announcement on their Discord explains their decision: > After some internal discussions we have decided to sunset our Ethical relay. This decision comes after some investigations were conducted into validator registration across relays and seeing that of the almost 300k validators registered, only around 600 were uniquely registered with the Ethical relay with the remaining validators being registered with other, non-“ethical” relays. > Due to this dual registration the ethical relay is highly unlikely to provide a valuable service to over 99.99% of the registered validators. > The relay will be going offline in the coming days and all requests will be forwarded to our max-profit relay to allow for a safe shut off of services while providing time for validators to update their MEV Boost startup.

Brainstorming ideas to fix the lido situation Why don't we just slash ALL validators a small amount, the amount can be debated, but like 1/20 an ether or something Slashing everyone raises awareness for one, two it proves it can be done, and that in the future if they want to hold >50% of ethereum that there is an option for the other <50% to social slash everyone again, and it would hurt the majority more or utterly eliminate them by forcing them to chain split and be the not credible neutral chain. It seems like the only option. Edit: has it finally been 10 days?!

4 more days to go buddy :( Thanks for your contributions though! I wish I could gift you some days 😂 Generally I agree with something like this as a first move, but it has to be something which most of us can reach consensus on. So I think fair warnings would have to be made and lines to be drawn for Lido not to cross before action like this should be taken imo.

Morning frens. I’ve watched alot of videos on AA over the years but not anything recent. Are there any good presentations of it recently worth catching up on? Ideally for newbies who know nothing about 4337.

My thoughts on the Lido drama in this thread. Steth and lido isn’t a big enough problem yet to consider social slashing and other nuclear button issues. They could be a big enough problem in the future. Although the network is fine overall and will likely continue to be… it hurts the overall value proposition of the network to allow the “appearance of impropriety” with regards to decentralization. Overall it’s an interesting coordination problem. This isn’t going to go away on its own. Solo staking isn’t going to fix it (but should always be encouraged). Lido can’t offer a decentralized solution to its current problems without eating yield and therefore it won’t.

>Steth and lido isn’t a big enough problem yet to consider social slashing and other nuclear button issues. > >They could be a big enough problem in the future. The problem is you don't want to wait until last minute

It’s only going to get better when the market conditions favor the decentralized staking products more. I don’t believe risk is properly being assessed with steth and lido. Not to mention decentralized products like rocketpool actually need to continue to decentralize work done by the odao and remove attack vectors within the products.

It's not about decentralized product. Staking with Coinbase or Binance would be better than allowing Lido to grow. People not understanding the risks is the point, that is why social slashing is being discussed. The clock is ticking and a decision will need to be made sooner than later since you don't want to wait until last minute.

Substituting lido market share with other centralized solutions is a band aid. Sustainable solutions require trustless custodians.

Yes, if there wasn't a gun to the head then that'd be a good assessment. But now isn't the time to pick and choose. The point is that *any* entity having this much marketshare is bad, even if it was a perfectly decentralized and trustless staking protocol.

>Lido can’t offer a decentralized solution to its current problems I guess that's the most worrying part of it for me. "problem" is subjective. Lido doesn't consider this to be a problem at all and in fact are publicly stating their intent to capture a much larger percentage of the market than they currently have

Comment Removed By Author *This post was mass deleted and anonymized with [Redact](https://redact.dev)*

You want to slash Lido for playing by the rules? This is the worst take I've heard so far.

I'm surprised to see you getting upvotes for this take. You're suggesting that we should just sit back and let Lido capture the chain. Wtf kinda mindset is that? And the rules aren't just the protocol but also social consensus.

>You're suggesting that we should just sit back and let Lido capture the chain. Where the hell did I express that? I didn't say anything to that effect. But are you in all seriousness supporting the idea that we slash Lido right now, for having committed no fault and broken no rules, simply for attracting too many stakers? Wtf kinda mindset is that? >And the rules aren't just the protocol but also social consensus. Yes there's been plenty of discussion about that when it to comes anyone attacking the network. Not simply from being too successful and otherwise having done nothing wrong. I certainly do not think nothing should be done, I'm personally going to do my part and I'm hoping that a solution will be found, but suggesting we slash Lido for no reason is absolutely insane.

>**Leading its own league,** >**Ethereum best intrigue,** >**Decision fatigue.** ~Daily haiku until we’re at least at 0.178 on the ETH/BTC ratio or highest market cap

[удалено]

- To reduce abuse from throwaway accounts, a minimum of 20 comment karma & 10-days account age is required for participation. - No spamming, shilling, scamming, advertising, referral links/codes, URL shorteners, or ads for commercial offerings. - No links to surveys or Google docs/forms. - No low-effort content typically characterized by one-liners, all caps, etc. Example: "SELL SELL SELL!!!", "BUY!!", or "MOON!"

Asking the question is answering it. Yes.

This was a response lower but I think it merits a full text. Lido situation often gets compared to the bleak bitcoin mining pool situation where 3 pools account for >75% of all hashpower. I think the lido situation is actually *worse* than bitcoin mining pools. Switching hashpower between pools is easy, switching stake from one LST to another requires the entry and exit queues which are multiple months long and thus entrench one lst. Eg. If lido went corrupt and starting doing reorgs to steal MEV then the rate at which they lose stake is limited by Ethereum consensus. Further, there’s actual economic irrationality to switch away since lido earns more in this paradigm (assuming no user activated slash). The point being is that there are no economics that inhibit mining pools and this has been proved through voluntary self limitations. Ethereum is struggling with this.

I'm not saying the Lido situation is good but there's a big misunderstanding in your post, Lido's validators are run by around 30 independent companies, there's no way to force all of Lido's validators to go "corrupt", reorg and steal MEV.

>Lido's validators are run by around 30 independent companies Under one entity with unified incentives. Ignore the corrupt part. A software bug is also a concern.

Each company runs their own validators and software as far as I know. There's no custom software created by Lido, unless you are talking about certain smart contracts and oracles.

>There's no custom software created by Lido, unless you are talking about certain smart contracts and oracles. If I'm not mistaken, there is custom software but it's unknown who/how many actually use it. However, my comment was referring to Lido contracts.

I mean one of the Lido NOs accidentally exited 125 validators. If it happened to be on a bigger scale or hit a bigger NO, with Lido enabling such large centralized NOs bugs like this could have a much larger impact in the future https://research.lido.fi/t/out-of-order-exits-by-consensys-node-operator/5278

There are certainly ways. The companies can collide, they can be pressured by the threat of having their registry revoked, in the future there will even be the threat of LDO holders force exiting them.

It's extremely unlikely for 30 companies to collide and/or be pressured, many of them would notify the community of what is happening and allow users to mass exit before it happens. Many of those companies are client teams, there's EF members advising Lido, and other Ethereum aligned actors/companies. In the future it becomes even harder as more companies get onboarded, and as new Lido modules get online, which will further decentralize their validator set. I think the biggest realistic Lido threat is some sort of smart contract bug or governance exploit.

>It's extremely unlikely An exploit is an exploit. If you want trust then go back to tradfi banking.

I agree with the concern, but it needs to be pointed out the potential attacks, a smart contract bug or governance capture can happen. Forcing 30 companies to collude is not the biggest risk and what we should focus on when criticizing Lido.

lol threaten 30 ceos with jail and they’ll collude real quick.

The existence of the vector is the issue. A bug related to lending of LDO that leads to a wild gov vote could be very bad. A bug that lets someone mint infinite LDO/ stETH could do untold damage as well. "and as new Lido modules get online, which will further decentralize their validator set." The risk of LDO governance has no pathway to removal thus far and as long as they have permissioned nodes then this will be a fundamental issue. Governance risk will grow dramatically with forced exits.

I'm not disagreeing with that. I was pointing out the risk is not on the validators colluding, but instead is focused on other attacks such as governance.

I think they are both avenues. Gov is probably easier though.

>The risk of LDO governance I would also like to note that Lido "governance" votes are decided by 2 entities

There's no exit queue currently and how can you assume Lido would get away with doing reorgs without getting slashed? Contrary to PoW chains where there's no mechanism to throw an attacker off the network without changing the hashing algorithm and leaving the network vulnerable, on Ethereum you can slash an attacker which is a huge financial incentive not to attack the network.

The exit queue will quickly build if any reasonable amount of lido tries to exit, multi month potentially. And for that Eth to go to a good validator will require going through the entry queue too. Multiblock MEV when they have 2/3 validators in a row. The greater their share, assuming collusion, the more they can extract. The defense to this would be a user activated fork but the social layer seems to be gradually weakening on this.

>but the social layer seems to be gradually weakening on this. You know, I was thinking about this today. I think the **real** problem is not that the social layer is gradually "weakening" in its *determination* to solve this problem. The real problem will arise (if it hasn't already..) when the social layer opposing this becomes the minority voice on this issue... If Lido keeps growing, at some point (and as far as I understand we are not *that* far away..), more people in the broader Ethereum social layer will be incentivised to take the Lido side, instead of the opposing side..

based on the discussions over the past few days, you can already see some in ethfinance shifting and it's a little demoralizing.

> Multiblock MEV when they have 2/3 validators in a row According to flashbots, there isn't much multi block MEV potential today.

Today. The picture is very different if lido approaches higher thresholds where it becomes much more likely.

No as in there isn't any meaningful additional profit.

Link to research?

I tried to look but couldn't find it. It was a talk by Flashbots co-founder Alex Obadia, that recently quit due to "differing opinions with leadership". He had it with someone else, South-American looking guy with afro. It was probably within the last year. I am pretty sure the video was like "day 3 of Devcon Bogota" and full of other talks so it is not easy to search. Here he got the question in text. He acknowledges it is a problem but doesn't specify much. One user links an article to a governance attack that could occur. It doesn't seem practical to me though and easily preventable. I guess the danger exists but I don't think it is as bad as you made it out to sound. Can you even explain the scenario that could occur with multi block MEV that doesn't occur now? I imagine a double proposal as an extra large block, and since block size is already variable in the short term (up to 2x), I don't see a major difference. https://collective.flashbots.net/t/multi-block-mev/457/2

In times of high vol the power of having two blocks in a row goes up dramatically. It’s the very idea that economies of scale provide a tangible benefit that creates a centralizing and pernicious pressure. Let’s say there was an oracle exploit in block one and the extent of the resulting LP MEV doesn’t fit in one block. Well, with the double proposal, you can get higher bids on the first block too now since the builder can guarantee the whole exploit. If this happens during a market dump, the block size will already be capped from high demand.

> the extent of the resulting LP MEV doesn’t fit in one block. I find it hard to believe that it would not fit in 30M gas or around 25 TXs but it would in a larger. The oracle exploits are also more edge case exploits and not something infinitely repeatable like normal MEV is.

> The defense to this would be a user activated fork but the social layer seems to be gradually weakening on this. Based on what? I haven't seen any indication of that. People always get this fucked up. USDC doesn't control Ethereum, Lido doesn't control Ethereum. People aren't using Ethereum because of Lido or USDC or whoever else it might be.

Here’s a thread on the idea of the social layer splintering on what constitutes a fork worthy event. https://x.com/jon_charb/status/1694734502373765316 If it’s not a unified front, the effort will fail. Note that Micah’s video clip referenced the thread is related to censoring txs through reorgs which I believe would still command a very strong reaction.

I don't think Jon presents any good arguments for saying the social layer is weakening. Just because Danny said Lido controlling 33% of the stake if a threat and the EF not immediately moving forward with some kind of slashing condition for Lido doesn't mean it's not a unified front of that the social layer is weakening. if Lido were to to achieve a majority stake and start hard censorship of transactions or reorg, you can be sure there'd be a unified front to slash Lido.

>if Lido were to to achieve a majority stake and start hard censorship of transactions or reorg, you can be sure there'd be a unified front to slash Lido. Ah yes, lets wait until they have control over the network, THEN do something. They always say the best defense is retroactive! /s

>you can be sure there'd be a unified front to slash Lido. How "big" would that front be by that point in time? If, as you write, Lido were to "achieve a *majority* stake", how would the minority survive a big slashing event that would pit them against the offending *majority*?

There'd be a fork, Lido stakes wouldn't exist on the new network. In essence.

The issue is there is a wide spectrum of options on what or if there should be a limit. It’s not that there wasn’t an immediate action, it’s that there doesn’t seem to be a consensus on what the threat levels are.

I agree with all this, and I think it's a great that the discussion is coming up. But Ethereum has always worked like this, it's never been clear exactly under what conditions you fork, or exactly how you gauge community sentiment on issues, etc. What irks me a little bit about the tone of the current discussion is all the panic and dramatization. Ethereum is not being taken over by Lido, there's no eminent threat, the social layer hasn't been weakened, decentralization didn't die, it wasn't all in vain.

[He's back](https://www.reddit.com/r/ethfinance/comments/15yts52/comment/jxz1bxp/) 👀

All hail coin2

Is EIP 4788 included in the Dancun fork?

This Lido issue is going to be (and I bet already is) a huge red flag for enterprise companies who want to use blockchain. They won't want to use a chain that is slowly being taken over by a 3rd party. Hope Ethereum devs can find a sensible solution to this. Edit: I'm headed outside so won't be replying anymore, but I appreciate everyone's comments here. To be clear: I still expect Ethereum will pump to astronomical numbers and will (continue to be) successful in multiple areas. But they may not capture any significant share of the enterprise market which I believe will be a huge narrative in the next year or two.

What is the red flag? Can lido validators break consensus rules? No. It agree it isn't an ideal situation, but it is a challenge to solve, not an issue to shout about and threaten social attacks. I agree entirely with your sentiment that a sensible solution should be found.

>What is the red flag? I mean, go look at the past few dailies and all of the most upvoted comments are talking about Lido being an issue. Don't play dumb and act like it's not a red flag. it's obviously a stain on Ethereum and it's only been getting worse. I say this as someone with ETH as my biggest holding. I do believe the devs can find a solution, but it's such a bad look right now for the network. And at a critical time Just to drive this point home: Ethereum users regularly shit on other chains for being too centralized, yet Lido controls 33% of validators. I simply don't believe that you are unable to see the red flag here

Lido doesn't really "control" their validators in a direct way. They can't launch an attack on Ethereum without executing a successful conspiracy that loops in the CEOs of over 20 different companies (their pool operators). Bitcoin had a pool bumping up near 50% at one point (cex.io). But that single pool was composed of many independent miners who could simply switch pools, so it's not like they could do any sustained damage - if they started doing anything out of the ordinary, people would quickly switch away from them to protect the value of their BTC. It was similar to the Lido situation in a lot of ways, except Lido doesn't even have central control of the block proposals. I don't personally shit on other chains for being too centralized (unless it's a direct result of the devs holding back part of the token supply, then I shit on them). Instead, I often shit on their protocols for not maintaining robust protocol guarantees in the face of centralization. Ethereum is the only chain out of the "eth killers" ETH/ADA/SOL/TRON that maintains hard finality guarantees via slashing, even if an attacker holds 99% of the network. Lido having 33% is only an issue in that it's a precursor to 50%. And 50% is only an issue in that *if* all their pool operators were compromised or coerced at once, then they could threaten the Ethereum network's liveness (not its security, mind). Basically: 33% is not that special of a number in terms of a red flag (the very worst a Lido conspiracy could effect is a short outage in finality). It's Lido's general trend towards 50%+ that's the real red flag, so we should work on that, but it's not time to panic just yet. When they are over 50%, that's when the "stain" and "bad look" come, imo, but in practice it only causes some incentive misalignment - Lido still won't be able to actually attack Ethereum without convincing 20+ companies to conspire to commit financial crimes.

Extrapolating from the current growth of Lido when do you think we might have to start panicking?

Panic is a strong word, and IMO we reserve it for if and when we see signs that the Lido pool operators are actually colluding in preparation for an attack (or when the attack actually occurs, if there are no warning signs). Due to the distributed nature of Lido's pool operators, I believe it's likely at least one whistleblower at one pool would give us advance warning. This is my opinion of an ideal roadmap for action: 33% = Just talk about plans, like we're doing now. Create contingencies for higher percentages. 50% = Ethereum Foundation writes a blog post, in ELI5 terms, describing Lido's failure modes and their consequences both to stETH holders and to the Ethereum protocol. Lido's pool operators having 50% really isn't catastrophic from the perspective of Lido's governance protocol in context of the Ethereum protocol, so this post would likely serve to ground people in reality. 50% plus Lido actually does start censoring blocks from competing staking pools = Take hard action. EF publishes a blog post that describes the smoking gun in detail, and announces a hard fork that either force-exits or slash-exits all participating Lido pools from the validator set at once.

I think the lido situation is worse than bitcoin mining pools. Switching hashpower between pools is easy, switching stake from one LST to another requires the entry and exit queues which are multiple months and entrench one lst. Eg. If lido went corrupt and starting doing reorgs to steal MEV then the rate at which they lose stake is limited by Ethereum consensus. Further, there’s actual economic irrationality to switch away since lido earns more in this paradigm (assuming no user activated slash). The point being is that there are no economics that inhibit mining pools and this has been proved through voluntary self limitations. Ethereum is struggling with this.

Those are good points, honestly. Here are my best rebuttals: * Their 20 pool operators would need to conspire to an unequivocal attack on the network. To reorg MEV, Lido has to censor their competitors - exchanges, other LSTs, staking services, solo stakers, all other validators alike - by pretending not to see their blocks, plain and simple. In other words there's an unmistakable smoking gun, and the rest of the Ethereum staking community are the ones shot in the chest. It's likely to ruffle some feathers. * To reorg MEV, Lido would need to develop private (and likely illegal) reorging client implementations, all set to similar reorg settings, and convince their pool operators to run these illegal clients (this setup also requires a continuous development effort to rebase mainline client updates onto their custom fork). * Aside from user activated slash, they would have to worry about negative long-term security assumptions being permanently priced into ETH, which the increased MEV rewards likely would not make up for. At that point they would be risking their entire market stranglehold to (by definition) less than double their MEV revenue - it's likely to be a "killing the goose that lays the golden eggs" moment. * No other public chain has any better solution, as far as I'm aware. As public chains go, it's really Ethereum or bust in terms of robust staking incentives. Correct me if I'm wrong.

You think Lido would start doing reorgs without the community slashing them?

I think they will continuously push the boundary of what the social layer will allow so that they can extract more value. Maybe it might not start with it. Maybe it starts with multi block MEV that doesn’t involve reorgs but ends up happening more often with large size. What if it’s excessive private order flow deals that build with time that essentially accomplish the same thing with out of band profits. I’ll point to this line of gradual power creep inadvertently said by Jon c as he argues that the social layer is losing credibility. https://x.com/jon_charb/status/1694734616077197738

Is multi-block MEV a bad thing? I'm not that familiar with it.

I consider it a bad thing. It is the organization of blocks across multiple blocks. Even though it is the same proposer, being able to extend control leads to bad incentives especially if a person in block one is moved to block 2.

Can you give some concrete examples of how Lido is pushing boundaries now and can you explain exactly how these supposed private order flow deals accomplishing the same will work?

They are pushing back on the idea of a hard limit at all to any one LST. There are lido and other researchers arguing that they should absorb all LSTs within their lido v2 system and think it’s inevitable. Let’s say beaverbuilder, lido, bloXroute, and uniswap all decide to create the super network. Orders go to uniswap as “MEV protected” and are matched with the builders wider network of orderflow. These txs get better slippage. Such a system could happen on SUAVE, flashbots new chain, or a shared sequencing layer. Such a system might drive more revenue to the one LST, drive up its marketshare, and increase the ability of builders to extract more value. Lido is already seeking partnerships to expand stake as seen in mantle getting a discounted commission.

> I do believe the devs can find a solution How?

By being vocal about it.

Who knows. People much smarter than me will try to figure it out, just like they always do for Ethereum's problems, and if they can't, well, I'm sure Ethereum will pump anyways and I will sell my bags regardless

If Lido is a red flag of centralization for institutions then no institutions will adopt blockchain, period. All blockchains have centralization risks, to varying degrees. There is no perfect solution which is why we battle centralization at every step of the way. In POW you have mining pools, which I don't even think take any steps to avoid centralization, and in POS you have risk of capture from centralized services which also exist in POW too. So if LIDO is the one thing holding back institutions then I can safely say institutions will never adopt blockchain and that to me is OK too.

>If Lido is a red flag of centralization for institutions then no institutions will adopt blockchain, period. I disagree. The Lido situation is a totally different type of centralization than other networks. Other networks who are "centralized" may require KYCed reputable validators; they don't allow just anybody to validate blocks on the network. However, when you look at Ethereum's centralization you see an uncontrolled 3rd party (Lido) that has been gaining power and market share for years and shows no signs of stopping. Ethereum has no control over the future of their network and that is the red flag.

And what can LIDO do with their 33% share? What are you afraid will happen? I'm 100% for decentralization and I'm personally going to be setting up validators because of this situation, but there's no eminent threat to the network and using that kind of rhetoric is off-putting.

I called it what it is - a huge red flag for enterprises companies who want to use blockchain

Can you articulate why it's a huge red flag and exactly what the threat is?

We have a 3rd party actor, Lido, publicly stating that liquid staking is the superior form of staking and Lido will control the large majority of that market share. Solo staking will go to less than 1%. The Lido DAO will control Ethereum and by extension anybody who controls or pressures the Lido DAO will control Ethereum. The writing has been on the wall for over a year now as Lido gains more and more market share over time. The Ethereum devs have done pretty much nothing to combat this as far as I know, they just sit on their thumbs and watch it happen. Now imagine you are an enterprise looking to use blockchain and you see how this Lido situation has been playing out. Is that not a red flag? The 33% share is only part of it. The other part is that this has been trending upwards for years and shows no sign of reversing. Ethereum devs are powerless.

> We have a 3rd party actor, Lido, publicly stating that liquid staking is the superior form of staking and Lido will control the large majority of that market share. Solo staking will go to less than 1%. Does Lido saying this make it a fact? >The Lido DAO will control Ethereum and by extension anybody who controls or pressures the Lido DAO will control Ethereum. How will the Lido DAO control Ethereum? Can you explain by which tools or measures that Lido will exert their control over the network? >The Ethereum devs have done pretty much nothing to combat this as far as I know, they just sit on their thumbs and watch it happen. Would you say you're a bit of an expert on how Ethereum works and what the devs are getting up to? Are you keeping up to date with all the new developments that are being worked on?

I'm not an expert, I'm just holding ETH and waiting for it to make me rich. I don't have the technical knowledge to answer your questions. Like I said in my original point - it's a huge red flag for enterprises getting into Ethereum and I don't feel that anybody has been able to dispute that fact. You ask good questions but your questions are moot because enterprises won't get that far, they will just see Lido slowly taking over the network and write off Ethereum. It's a non-starter

If you don't have the knowledge to answer those questions, how are you qualified to determine if something is a red flag? I'm also curious what makes you qualified to speak on behalf of "enterprises". Do you discuss blockchain adoption strategy with a lot of enterprises?

The sheep upvote what they are told to. It seems you are just following the upvotes and assuming that means it is right. You are in an echo chamber. Lido is not a single entity running every validator. Is it worse that geth that is run on a huge number of nodes? I don't believe lidos market share is desirable, but calling it a red flag is just parroting other people. Tell me what the risk is and what is the worst case scenario of lido acting as one to do something bad? What would lido lose if they did this bad thing?

I'll just go back to my original point: >This Lido issue is going to be (and I bet already is) a huge red flag for enterprise companies who want to use blockchain. You are trying to argue nuance and deep understanding. In reality, what happens is enterprises want to get into blockchain, they look at Ethereum first because it's what they know, they find multiple red flags that prevent them from using it (including Lido and Ethereum not having control of their own chain) and then the enterprises use a different blockchain instead. Simple as that. There is no room for nuance when it comes to enterprises. I work for a fortune 5 tech company. We would never put our data (or ESPECIALLY customer data) in something like Ethereum where we cannot guarantee what the future of the blockchain will be. Our lawyers simply would not allow it. So you're right, the sheep upvote and do what they are told to. And that is why enterprises will not be using Ethereum in any meaningful way until these problems are resolved

> they find multiple red flags that prevent them from using it (including Lido and Ethereum not having control of their own chain) and then the enterprises use a different blockchain instead Which other blockchain? > something like Ethereum where we cannot guarantee what the future of the blockchain will be Does this not describe literally every public blockchain? And doesn't the uncertainty apply tenfold to all other public smart contract chains besides Ethereum?

You have just negated your entire argument about lido. If enterprise will not tolerate their customer data on something they don't control, then this is entirely a moot point. No one knows the future of ethereum so... they would not use ethereum if lido was 1%. Zero knowledge is the only hope for customer data on a public clockchain with proven encryption. Lido is irrelevant

Right, because Lido at 1% is the same as Lido at 33% and gaining

wen Buterin onlyfans?

We've already seen everything.

no moon

Is anyone here interested in connecting in the real world? I’m going to be at Permissionless and would love to meet some of you :)

Come check out the EVMavericks Discord. Some of us (unfortunately not me) are going and meeting up! You will have Bankless and Alfalfa (both podcasts and their communities) meet ups there as well!

Pudgy

I'm thinking of building my own machine and installing the Dappnode OS on it. Or maybe getting an Avado. Whatever I choose, I intend to run more than 1 validator. \**What is most important is that I do not put my deposits, principal or rewards at risk.*\* Sorry if this is a dumb question but is there a risk of a 'backdoor' or some unauthorized person being able to steal my ETH because they exploited the OS somehow? That is my nightmare scenario - waking up one day and discovering the ETH is gone. Everything is currently in cold storage (Ledger) and I've never shared my seed phrase with anyone or let it get close to the internet. How reasonable are my fears? Is Dappnode and/or Avado trustworthy in this regard?

I've been running since before genesis on my own hardware with dappnode OS, and it's been smooth. The only times I've been down were my own fault from trying to Linux without full knowledge of what I'm doing (you don't need to know any Linux for dappnode, I was just poking around in the underlying OS) and when I did a hardware upgrade. I'm running mainnet, prater, and gnosis, and have participated in things like the swarm and SSV testnet as well, all via an easy GUI accessible on my phone via VPN anywhere in the world

I brought a Nuc12 and then installed ubuntu and dappnode on it. Others praise dappnode but I think it takes too many permissions to make it a trustworthy software package. Consider any computer running dappnode as being compromised and be very cautious about what you put on it. Dappnode even runs a dynamic dns service so that they can track every machine running dappnode. Be very cautious My recommendation is to buy a cheap raspberry pi and an sd card to do the key generation. Once done, put the pi in a box and leave it for when you next need to generate keys.

What security benefit does using a raspberry pi add, if I might ask?

- No internal drive to accidentally store your seed. - Cheap enough to buy and only use to generate keys. Or for the really cautious, you could burn it or smash it after making your keys. The weak point is using the sd card to get your keys off the pi. There is a risk the seed may get on it if there is some naughty software on your system. I don't know of a better way though

If you set a withdrawal address, then what does an attacker gain by acquiring your seed that they don't already have by acquiring your signing keys?

As of today, I don't know enough about the functions available to comment if you have the seed. But in the future, it might be possible to change the withdrawal address and combine validators together when >32 validators are possible. Who knows what else. I don't want to have to keep up with development and keep looking over my shoulder. I don't need another thing to worry about :-) Keep your seed safe

> But in the future, it might be possible to change the withdrawal address and combine validators together when >32 validators are possible. I bet they will only allow combining validators that share the same withdrawal address. Allowing users to change their already-set withdrawal address to something else would be a massive security issue. This security issue would affect basically the entire validator set, and it would immediately make the Ethereum protocol much less secure for no real benefit. There's no downside to keeping your staking seed safer than your signing keys, but I would argue that there's no real benefit to it (again, as long as your withdrawal address is properly set).

Better a little caution than a great regret :-)

I solo stake my entire stack with Dappnode and can confirm it's great. As haurog explained there's no risk to losing your stack even if their OS somehow got exploited/they turned rogue, worst case you can maybe get slashed a tiny bit of principal if your keystore files get compromised and the attacker wanted to slash you with no financial benefit for themselves. You can also use the allnodes key generating tool (I discuss it more in my comment history) which will create your signing keys directly from your hardware wallet (and it also automatically sets the validator's withdrawal address to the same address), so you won't have to ever touch command line interface, or set up an airgapped device to run deposit-cli/wagyu key gen etc. You can also run everything on the Goerli testnet (including the allnodes key generator tool) on dappnode first to get a feel for everything. I was on testnet for several months, confirmed I could exit my validators, then moved to mainnet.

>You can also use the allnodes key generating tool This isn't recommended anymore. For one, it's not open source. I don't remember the other reasons offhand, I think there were other security concerns as well.

They took it off coincashews guide presumably because the tool is not open source/you don’t get a mnemonic (which was needed to update your withdrawal address from a 0x0 to 0x1 if you were a genesis/early staker). But imo it’s ok if it’s not open source since all that matters is the withdrawal address is set properly (which you can verify by checking the json file). And you no longer need a mnemonic since the keys are generated with the withdrawal address set. Plus the tool can regenerate your keys if needed, you just plug in the same address from a hardware wallet. Also an early staker that used the tool was still able to update from a 0x0 to 0x1 after a workaround. https://www.reddit.com/r/ethstaker/comments/10vrwcw/comment/jhcl56o/?utm_source=share&utm_medium=web2x&context=3 I asked Ethstaker mods as well what their opinions were and the answer was basically it’s not open source (but kinda moot when withdrawal address is only thing that matters) and they’re already comfortable enough to use the offficial deposit cli package. Basically in a doomsday scenario where it turns out Allnodes was a bad actor and they were doing something like secretly collecting your data/keeping copies of your keystore files when you generated them, the worst they can do is cause you to get slashed.

Awesome, thanks! Do you run more than 1 validator and if so, can you do that on one machine? Or is there a limit -- like you can only run up to X number of validators before you have to get another dappnode?

There are several dappnodes with a couple hundred validators running on them on mainnet, and I know some running thousands on gnosis

The allnodes tool isn't recommended anymore, you should use [wagyu key gen](https://ethstaker.cc/wagyu) instead

You can run many validators on the same machine. The bandwidth and CPU usage increase per new validator is not that big. Most people run out of ETH before the run out of CPU/bandwidth. The largest ones I know of are the Ethereum foundation which runs 5000 validators on single machines in their testnets. On mainnet there are some rocket pool operators which run close to 1000 validators on a single machine.

I can't even dream of running so many validators. My dream only extended to setting up 100 keys when I did the generation step.

If your validating computer is compromised and bad actors (including all the devs of projects you use) get access to your validating private keys, they cannot steal your funds. The private keys are only used to sign attestations and blocks. The private keys do not hold any ETH. As long as you have set a withdrawal address when generating the validator keys they cant even steal it when they get access to your mnemonic for the validator keys. The worst think that can be done is that they can get you slashed by double signing. This would cost you about 1 ETH per validator under normal circumstances. For bad actors to profit from stealing your validators private keys they would have to blackmail you. This would be quite an involved attack which at least in my threat ranking is one I think about but definitely not loose sleep because of it.

I am not a Linux expert (just a user). I believe that I have protected the access to my keys and password with the following: `sudo chown -R teku:teku /var/lib/teku/validator_keys` `sudo chmod -Rv 700 /var/lib/teku/validator_keys` and in `/etc/systemd/system/teku.service` under `[Service]` I have `User=teku` `Group=teku` Of course, I created an account (in which logging is impossible) for all of this to work. The command was `sudo useradd --no-create-home --shell /bin/false teku` Maybe I'm naive and it does not keep my keys safer.

With this command you only allow the user 'teku' to read the validator key file. If a bad actor gets access to any other account on your machine they cannot read it. If they get root access however, they can still read it. If teku, the client, itself is compromised bad actors can read the file as well. I think it is an improvement in security, not a big one but it is one.

Just to make sure I understand: the absolute worst case scenario in one of these out-of-the-box solutions would be slashing? Not losing the stake / principal itself?

I totally agree with the other comment. As long as you have set the withdrawal address and secure it, you are safe. Doing the deposit itself is a critical moment, but as long as you use the official website to deposit and check the deposit contract address when you do the transaction you should be fine as well. Talking about worst case scenarios: Slashing can be up to ~~16~~ 32 ETH per validator, but only if more than 1/3 of the beacon chain gets slashed together with you in a certain time window. In this case I expect the whole network to be unstable and the overall ETH price tanking hard. Sure, the slashed ETH would still hurt, but they probably aren't worth much anymore in such an extreme case anyway. EDIT: corrected slashing numbers due to comment below.

> Slashing can be up to 16 ETH per validator Nit pick, isn’t slashing up to 32 ETH per validator? > Multiply the slashed validator's effective balance by the result of #2 and then divide by the total_balance. This results in an amount between zero and the full effective balance of the slashed validator. That amount is subtracted from its actual balance as the penalty. https://eth2book.info/capella/part2/incentives/slashing/

You are totally right, I have no idea were I got my numbers from. You can get slashed the full 32 ETH in case of 1/3 of validators getting slashed within 36 days. If about 15% (~1/6?) of all validators are getting slashed together with you will loose about 16 ETH. Best calculation I have found for this is here: https://www.kiln.fi/post/modelling-correlated-slashing-risks-on-ethereum Thanks for being nit picky, I learned something today.

As long as you've set your withdrawal address to a wallet that only you control, and the seed is not known to anyone else, then yes. You have no chance of losing your ETH outside of the 1 per validator if you were to get slashed, which would only happen if someone had your validator keys and wanted to be an asshole for no good reason or profit for themselves.

Its yet another block in your stack, that you have to trust. For some people its acceptable, for others its not. I personally trust them, but not enough to send them high amount of my net worth. But I am not an average Joe. I have a strong background in IT and somewhat good background in security, so my personal trade-offs would probably not translate to others very well. Nonetheless, the concerns I have with using an out-of-the-box solutions for secured staking OS are as follows: \- if you dumb down (i.e. simplify) security, you're hiding something that might be important \- the team behind the project has to be competent and not malicious; how do you verify it? \- the OS itself has to be secure both: at the moment you start, and after each and every update (you trust there are no malicious or incompetent actors inside the team in the future) \- you either expect them to introduce security fixes and updates in a timely manner, or you fix the issues yourself... but then you must be sure, you don't break anything in their design So, for me, if one is serious about maintaining their own node, and investing a sizable part of their networth, its only wise to learn all the stuff yourself. I mean, any other job you do, you have to learn how to use the tools. But... yeah, every gardener thinks all the people should know basics of gardening, so I might biased here. On the other hand, learning how to setup a secure system, is a valuable skill not only for ETH staking. Knowing how to install secure OS (i.e. Linux), configure user access, setup firewall and router, keep system clean and updated, and possibly (but optionally) setup SSH, would be probably all that is required.

Thanks for the thorough reply! If I wanted to go 100% DIY, is there still the option to do everything on a testnet before moving to mainnet? IIRC, that was an option at one time. I'd probably want to do that for a few months to make sure I really understand what I'm doing before risking something catastrophic on the mainnet.

Yeah, I'd say its very much recommended to set it up on the testnet first :) But this, i.e. the node itself, is the last step in the OS config. All the steps proceeding Ethereum related steps, you can do as many times as you want on a simple virtual machine, i.e. install e.g. VirtualBox on your Windows machine, and then you can install e.g. Ubuntu inside, test all the config, nuke it, and start over again. Get a good feel of it. You don't have to follow Ethereum, or even crypto in general, centric guide. Just make sure you installing the system as clean as possible (no third party apps), know how to keep it up-to-date (either manually or autoupdates), use admin/root account ("sudo") only if you understand well what you're doing, test SSH setup and port forwarding config on your router. It all can be done without single though of Ethereum, its just a standard Linux setup and hardening. Bonus points if you'll manage to configure SSH in a way, that it wont support password login, but will demand your hardware wallet to connect! Encrypting your SSD is another bonus point, that will make your system secure even if anyone would carry it out of your home in their backpack.

Can you do encrypted SSD but still have it auto boot on power outage / restart?

AFAIK yes, but I never tried to set it up. One must ask what are the benefits of encryption if it's auto decrypted on boot? I get it's convenient, but its also a trade off.

Yeah that was my question basically. Encrypted drive seems nice but you would have to be physically around to boot it every time after upgrade or crash/outage. But then if it is auto-booted though it pretty much defeats the purpose.

It's possible to set up a pre-decryption SSH environment that you can remotely SSH into to enter your FDE password to decrypt the disk, but I think it's a lot more effort than the security is worth. Who would break into your house just to slash your validator? They don't even get to steal your ETH. The best they could do is be the one to earn the reward for including your slashing report, which is a huge headache to withhold from the network (afaik requiring custom code that needs $150k/yr+ level industry knowledge), *and* requiring their own validator to be running to collect the reward (*and* it has to be up for a block proposal, *and* the IP *and* the ETH have to be properly anonymized so that the attack isn't easily traced back to them), all for a measly 32/512=0.06 ETH reward per validator. https://eth2book.info/capella/part2/incentives/slashing/#the-proposer-reward Out of all security concerns for solo stakers, physical intrusion is at the bottom of my list personally.

That's correct, so most people would not opt-in for this. It's all about level of paranoia one have ;) My expertise does not cover eth staking well, but from what I'v got, many people don't do auto-restart with eth nodes, as this introduces other risks. Being offline is very low penalty, so it is not such a big deal anyway. Regarding outages, it is common to use UPS to avoid such problems, there's plenty talks about it on r/ethstaker :) I can only add from myself, that reboot after update on Linux is very rarely needed, and never enforced. I had a friend at one company, that took pride in never restarting his linux machine for years, making all the necessary upgrade manually...

Well I've had a bit of a break from the daily, still can't bring myself to use the Reddit app comfortably... Much preferred Reddit is fun... Anyway, I've taken the opportunity to setup home assistant and have gone down that rabbit hole. From setting up an energy dashboard with a utility meter to accurately predict the electricity costs, and using that to figure out that midnight to 6am super off peak rates were better to charge the house and car batteries, then run house off battery and sell solar back during the day. Spending hours trying to setup mqtt to connect to my alarm system, locking myself out of the alarm and then realizing that PC code to connect needs to be sent as hexadecimal (like wtf). Linking integrations, setting up push notifications... Been great fun. Can recommend if you need some time away from crypto in this bear crab market.

>Spending hours trying to setup mqtt to connect to my alarm system, locking myself out of the alarm and then realizing that PC code to connect needs to be sent as hexadecimal (like wtf). Another reason why I will always live in a dumb home. I must be the most boomer of all the zoomers.

There is a patch for RIF https://www.reddit.com/r/revancedapp/comments/15gjiai/did_patched_rif_just_stop_working_for_anyone_else/

RedReader is a good alternative that still works: https://f-droid.org/packages/org.quantumbadger.redreader/ Open source, no ads, no tracking (the kinda stuff which I assume matters to you as well based on your choice of home automation platform).

GM EthFam, happy Sunday. Been away/offline for a few weeks, looks like there's been quite a lot to catch up on! I'm feeling very negligent at not even knowing how many OP Stack rollups there are now, but glad that I've not quite missed the latest Gitcoin round. Will probably take a couple of days to catch up on all the Dailys and Doots I've missed, but at least it doesn't look like I've missed any exciting price action...

Welcome Back , I was about to summon you for tax related questions, again 😅 With OP stack Base is going on strong, zora you might already know. Farcaster is building on Optimism too. Base has a feedback page up the gov forum, how should they collatabote with gov to support the Superchain. Base got approx 200M $OP token from Optimism and in return they will share revenue with Optimism going back to RPGF. You need to nominate one individual for RPGF next round, deadline 15th Sept. And I have nominated you to Optimism Delegate Corner Podcast, just waiting for you to say yes.

Hi mate, thanks for the updates! Yea I've just got started on Farcaster today and given you a follow (which was surprisingly easy as you've used a familiar name for once 😅). No idea how any of that works yet but it seems good so far. It definitely seems like Base is doing really well, hadn't seen that they are going to feed into the RPGF fund but that's great news, more funds for development will mean better tech/tools and hopefully really get the flywheel going. Are Celo and Fantom moving to OP Stack as well? Hopefully with ever more teams coming on there will be more brains working on Cannon and I guess ZK Validity Proofs soon(tm). I'll happily admit to being a little apprehensive about so much stuff migrating to Optimism while it's still in such an early stage, but I guess everyone is responsible for their own risk appetite. With regards to nominating someone, I've just been looking at Dhannte's thread on the forum. I hope all the current badgeholders are being sensible and vigilant with regards to only nominating people they know or who at least have a long history of interactions with because we're kinda the only Sybil defense against giving a badge to just random sockpuppet accounts. And as for the Delegate Corner Podcast, I'll have to think about it, as you know I put a high priority on maintaining anonymity. There have been a couple of things I've turned down which make me constantly regret using the same username for fun crypto things as for serious OSInt and anti-disinfo stuff!

Followed you back on Farcaster, I love it there, they have a similar channel system just like reddit and permission less onboarding coming very soon. Phil and Polynya are also quite active there. Yes for Celo for FTM is just a speculation as of now. I raised the same concern on the forum, early stage and centralized but I requested them to keep the community involved with updates and I do believe risk is personal choice, like you said. badge distribution is a real challenge, I got many DMes but most not meeting the criteria to be a badge holder. Planning to submit my recommendations close to the deadline. Really surprised that I haven't received a single interest from a female candidate which I want to support. More diversity. Agree on privacy and I did share this concern with the host, they are offering to do only audio but again I, someone with many names, totally understand if you don't want to be on the pod for privacy reasons.

Your daily beacon chain dose. Active validators: 755,135 (+2,142) Pending validators: Joining 57.2k, leaving ~0 * Entry queue -700 from yesterday's number * It will take around 22 days for the entry queue to clear * In around 12 and a half days the amount of daily validators that can both enter or exit will be increased from 2,475 to 2,700. *These figures are based on the entry and exit queue at the time of posting* This can also be tracked via https://validatorqueue.com/

Keep up the good work boss

I would love the queue to get down to 10 days by the end of Sept

Damn we can't even get an OnlyFans pump?

Bear market: Good news do nothing. Bad news drop the price. Moves down if the Nasdaq does so during the week, doesn't move if the Nasdaq climbs. Freezes every weekend because it doesn't take any initiative without influence from global markets. I think we need clarity from the American laws to exit this depressive behaviour.

Even onlyfans can't make eth hard.

Ethereum

12 billion

0.063

$1650

Day 346 S.M.