Staking, Restaking, and LRTfi: Composable Capital Efficiency and Neutrality (Part I)

LongHash Ventures
11 min readFeb 22, 2024

--

We would like to thank Justin Drake from Ethereum Foundation, Amir Forouzani from Puffer, Rok Kopp from EtherFi, Zhuling from Bedrock, Alan Curtis from Rio, Brianna and Sreeram from EigenLayer, Pablo Villalba from Diva, Daniel Dizon from Swell, Kratik Lodha from Renzo, Matthias Ang from SSV, and Max from Obol, for their generous comments and contributions.

Contents of this article:

  1. Composable Capital Efficiency and Staking as Crypto-Native Benchmark Rate
  2. Technical Deepdive of Staking, Restaking, and LRTfi
  3. Solving Centralization and Externalities in Re/staking

In this article, we dissect the technical aspects of staking and restaking, while exploring the tension between composable capital efficiency and the value of decentralization. Why capital efficiency? Capital efficiency invites yield-seeking behavior. And PoS chains rely on game theoretic incentives to protect their integrity. A rational node operator would run the most profitable version of client software. By the same token, a rational staker would stake their tokens to maximize their yields and token composability. Successful protocol design would incentivize participants to find Nash equilibrium where protocol security is preserved and where values of decentralization and neutrality are upheld. Studying composable capital efficiency across the staking stack points towards that global Nash equilibrium.

Link to Part II: https://medium.com/@longhashvc/staking-restaking-and-lrtfi-composable-capital-efficiency-and-neutrality-part-ii-47c0a0e60213

In our landscaping, the Primary Layer is maturing in Ethereum, Solana, and Polygon, while Bitcoin and Cosmos staking are evolving. In Ethereum, the end game could look one of two ways: oligopoly if Ethereum values are upheld, where top players reach as close as to 33% without breaching it, or, enshrinement of LSTs if Ethereum values are not upheld. In Cosmos, ICS is in its first inning, and in Solana, staking is at 90%.

The Secondary Layer of restaking is igniting a race to the top with capital flowing towards the highest yield, especially towards LRT pools. Blast and Manta, as the first staking-enshrined L2s, fired the shot heard round the world, instantly bootstrapping over $1B in TVL. Where the supply is abundant and hungry, the expected yield from AVSs and restaked L2s is unclear at best. Further, restaking in Bitcoin, Cosmos, and Solana are all at the Cambrian stage.

At the Tertiary Layer, synthetic stables, yield optimization, and yield tokenization are directions that add to innovative diversity. At this layer, capital efficiency and risk eclipse composability. Unlocking the widest composability with the lowest risk would be key to success in this layer.

Composable Capital Efficiency and Staking as the Crypto-Native Benchmark Rate

Composability is the hallmark of web3 — frictionless, low-minimum, self-custody. In contrast, yield stacking faces high friction in traditional finance. For example, collateralizing treasury bonds for borrowing incurs multiple friction points — third-party custodians, case-by-case judging of LTV ratio, and high minimum to justify the labor costs involved, just to name a few.

The advent of LSTs unlocks the composability of consensus layer yields to execution layer DeFi activities. Such composability enabled DeFi summer in 2020. Fast forward three years, composability now feels so natural that it’s almost taken for granted. We have come to expect frictionless yield stacking to boost capital efficiency. For example, we expect to stack yield by minting LP tokens for staking (superliquid staking) or minting LSTs to deposit into LP positions.

Self-custodial, low minimum, and frictionless — these features are unique to web3 and highlight the potential for efficiency gains for the broader financial market. Imagine if you could tokenize your stock holdings and use it to LP into stock exchanges. Imagine if you could tokenize your real estate equity and easily put it to restaking yields. Through LSTfi, we get a glimpse of what composability could mean for traditional finance.

“Through LSTfi, we get a glimpse of what composability could mean for traditional finance.”

Fundamentally, there are five types of yield sources in crypto, and they are stackable — in other words, composable. The IOU token of one yield source can be used as the input token of another yield source.

Of course, risks go hand in hand with yields. Of the five fundamental yields, staking yield is the safest. Merely 226 node operators out of 959 thousand node operators have been slashed since Ethereum staking began. On the other hand, while sovereign treasury bonds are often touted as the least risky, most recently Italy, Spain, Portugal, Ireland, and Greece (not to mention serial defaulter nations Venezuela and Ecuador) have defaulted on their bonds. Even the gold standard, US bonds, had ‘defaulted’ when it went off the gold peg in the 1930s to service debt with uncapped fiat printing. The default of treasury bonds is tied to a nation’s ability to pay off its debt. Its risk level is more similar to ‘lending yield’ risk than ‘staking yield’ risk. Whereas sovereign bond yield is based on future expectations of debt servicing, staking yield is tied to the current level of network usage.

Because of such, we consider staking as the crypto-native benchmark rate.

Atop staking sits the capital efficiency engine that drives the yield-stacking rocket. We have begun to see innovations such as staking-enshrined L2s a la Blast and Manta, cross-domain restaking a la Picasso and Babylon, and LST looping a la Gravita.

The composable nature of LSTs would drive further innovation in yield-stacking designs.

Staking, Restaking, and LSTfi/LRTfi

Staking is the security foundation of POS chains and the risk-free benchmark rate in web3.

Justin Drake ascribes ETH to two purposes, Economic Security and Economic Bandwidth. LSTs and LRTs allow the same ETH to participate in both, by composing with various DeFi and restaking activities.

Where economic security is concerned, decentralization and neutrality must be safeguarded in PoS chains to mitigate potential collusion. It’s a balancing act to game-theoretically design the protocol in a way that preserves decentralization and neutrality. We’ll come back to this tension soon.

First, let’s visit the stack, using Ethereum as an example of PoS chains. The primary layer allows users to stake their ETH, and get back LSTs such as stETH, cbETH, wbETH, and rETH. In the secondary layer, the LSTs or ETH can be restaked to provide security to other staked services, and get back LRTs such as eETH, uniETH, and pufETH. The tertiary layer then composes LSTs and LRTs with various DeFi activities for yield stacking.

To understand the incentives driving adoption, we answer three questions:

  1. Which combination of strategies would produce the highest yield? This pertains to capital efficiency.
  2. Which output token allows access to the deepest liquidity and participation in the widest set of DeFi activities? This touches on composability.
  3. Which strategy is the safest source of yield? This concerns risk mitigation.

As such, composability and capital efficiency are the primary adoption-driving factors, while risk is a boundary condition that caps the choice set.

Primary Layer — Staking

At the primary layer, validators deposit native tokens such as ETH, ATOM, and SOL to secure the PoS networks and get transaction fees as rewards.

Because staking is the least risky form of yield generation in crypto, over time, we expect Ethereum (23% staked) to catch up to Solana (90% staked) and Atom (70% staked), which represents hundreds of billions if not trillions in market expansion.

There are three categories of staking: centralized, quasi-decentralized, and decentralized. Centralized and quasi-decentralized staking trades custody for convenience and composability. Decentralized staking, referring to solo staking, is the most secure for the protocol, but is challenging to maintain and lacks composability. In theory, a self-custodial node could issue LSTs too, but no rational thinker would buy it due to the lack of composability.

Posting Bonds

In plain vanilla solo staking, validators create two pairs of keys, one as validator key and one as withdrawal key, then send 32 ETH to Eth 1.0 deposit smart contract. The base fee gets burnt and transaction tips get sent to validators. Only 8 validators per epoch or 1800 per day can get activated.

Staking pools such as Rocket Pool, Diva, and Swell, allow independent node operators to support staking pools comprised of deposits from stakers. From the perspective of an operator, the lower the bond, the higher its capital efficiency, because they could earn a share of the commission from deposited ETH. At its essence, lowering bond requirements allows greater leverage.

  • Rocket Pool: 8 ETH Bond
  • Stader: 4 ETH Bond
  • Puffer: 1 ETH Bond

In some estimates, node operators can earn up to 6–7% in ETH rewards and up to 7.39% in staking pool token rewards.

In Polygon, validators are permissioned. Validators must apply to join the validator set, and can only join when an approved validator unbonds. In Solana, validators can join permissionlessly and Solana Foundation provides clusters for validators to choose from. Solana also officially tracks the number of validators in superminority that together hold over 33% of SOL staked.

In CEX staking, the mechanism of bond posting is opaque. Retail stakers could front up to the full amount of bond and the centralized node operator could shift all potential penalties to retail. However, stakers also automatically benefit from smoothing, which in most cases, generates a higher yield than solo staking.

Getting Rewards

Every 2–3 days, Ethereum Beacon chain sweeps the validators and distributes rewards. Besides the consensus layer, validators can also get execution layer rewards through priority fees and MEV. Protocols such as Jito in Solana is taking advantage of MEV to boost its LST yield.

MEV-boost redistributes MEV from block builders to validators, which in turn can distribute rewards to stakers. Ultimately, MEV burn may be implemented to return value to ETH holders. At its essence, MEV redistribution is a philosophical question around fairness. But for now, MEV can be used to boost staking rewards.

Validator rewards are notoriously spiky. Because of the inherent randomness in validator selection, rewards can be uneven. In Ethereum, deterministic randomness involving a hash and a seed from the previous block is used to select the next validator.

To this end, Rocket Pool provides a smoothing pool on an opt-in basis. Smoothing pool would accumulate the rewards from the validators that opt in. As a rule of thumb, if the validator has fewer minipools than the number of nodes in the smoothing pool, it is more likely to get greater yield from the smoothing pool. For projects such as Lido, the smoothing function is built into the smart contract.

In CEXes, smoothing is automatic, wherein stakers can expect a consistent yield over time.

Slashing

Slashing is an extremely rare event. Merely 226 node operators out of 959 thousand node operators have been slashed since Ethereum staking began.

A validator could receive penalties when they 1) Fail to produce a block, or 2) Fail to produce an attestation when expected. The penalty is small. Generally, the validator can make back its yield in the same number of hours that it went off for. On the other hand, slashing penalties are more severe.

Slashing happens when one of three conditions is met. 1) Double Signing: Signing two different beacon blocks for the same slot. 2) Signature Wrapping: Attestor signs an attestation around another one. 3) Double Signing: Signing two different attestations with the same target. A validator would include evidence of wrongful doing in a block to socialize with the validator set, and when all validators sign off on the evidence, slashing commences.

In the event of slashing, the following repercussions can occur

  • Initial Penalty: 1/32 of its effective balance slashed
  • Correlation Penalty: up to the effective balance could be slashed, if there are many violations within a short span. Quadratic slashing deters collusion.
  • The boot: the validator is entered into withdrawal within 8192 epochs (36 days)

DVTs are designed to reduce slashing risks and boost staking pool security by protecting validators from failing to produce a block or an attestation. DVTs implement distributed key generation (DKG), multi-party computation (MPC), and threshold signature scheme (TSS) over a redundant set of validators.

SSV is implemented as a DVT network that is a fully permissionless, decentralized, and open-source public good, and is currently in trial for protocols such as Lido. Obol runs Charon, a non-custodial middleware between the validator client and consensus client communication. Diva uses its own DVT implementation to power its LST in a permissionless manner, where anyone can run a node. Puffer’s Secure-Signer is a remote signing tool backed by an Ethereum Foundation grant designed to prevent slashable offenses using Intel SGX currently. Puffer’s Secure-Signer manages validator keys on behalf of the consensus client.

At face value, from a capital efficiency standpoint, running multiple clients via a DVT is a drain on computational resources. In implementation, the same hardware may participate in multiple sets of DVTs. Importantly, DVTs boost protocol security so that if a set of node operators goes offline or behaves erratically, the staking pool can continue to function correctly.

Cosmos Interchain Security has an interesting approach to slashing (proposal #187). Because ICS is nascent, a governance vote takes space to arbitrate all potentially slashable events. While this was intended to prevent any security contagion from consumer chains to the hub, governance leaves decision-making in the hands of human arbitration instead of code, at least for now.

Withdrawal

In Ethereum, 4 exits are allowed per epoch. Because of the mismatch in entry and exit throttle, 8 validators per epoch and 4 validators per epoch respectively, there can be a long queue for exits. Once a withdrawal is initiated, validators must wait for 256 epochs.

In Solana, delegation is enshrined. Standard delegation to a staking pool requires a cooldown period to withdraw. However, via staking pools, liquid staking does not require a cooldown in withdrawal.

Looking onwards

As Ethereum staking ratio increases, network usage held equal, base yields should asymptotically approach 1.8% which is the floor set by the Ethereum Foundation, but increases in gas costs and MEV might counterbalance this to some degree.

Usually, opportunity costs would prompt stakers to stop staking when yield drops below the next available yield source. However, LSTs mitigate the opportunity cost, as holders can participate in both Economic Security and Economic Bandwidth. Therefore, stakers are likely to continue to deposit despite low returns and use their LSTs to participate in DeFi for additional yields.

Another phenomenon due to lowered Eth staking yield is centralization. Solo Stakers will find their yield continue to diminish and at one point flip hardware costs. There are some methods of mitigation in order to encourage more solo staking. We’ll come back to detail solutions to the problem of centralization and externalities.

(end of Part I)

In Part II, we cover Restaking, LRTfi, and Solutions to Centralization and Externalities: https://longhashvc.medium.com/staking-restaking-and-lrtfi-composable-capital-efficiency-and-neutrality-part-ii-47c0a0e60213

Sources:

--

--

LongHash Ventures

We specialize in bootstrapping Web3 ecosystems. We invest in Web3 protocols and our LongHashX arm partners with ecosystems to accelerate Web3 founders.