ATOM’s Highwire Act: Balancing Security in a Shared Cosmos

By: VelvetMilkman

Hub Minimalism

A common tendency of decentralized networks has been to add more features to the base chain. While encouraging experimentation and permissionless innovation in various forms, the Cosmos ecosystem has taken a different approach by rejecting a formal base chain and instead maintaining “Cosmos Hub” minimalism. Minimalism encourages experimentation to take place in separately connected application specific blockchains.

Within the context of the Cosmos ecosystem, “hub minimalism” refers to a design principle that believes the Cosmos Hub should have minimal features and complexity. The purpose of keeping the Cosmos Hub’s features minimal is to enhance security, reduce the attack surface, and maintain focus on its core functionality: facilitating inter-blockchain communication and transactions.

By keeping the Cosmos Hub minimal, developers have the freedom to build completely unique features and functionalities on separate chains connected to the Cosmos Hub. These independent blockchains, also known as “zones,” have their own applications, execution environments, consensus layers, and governance structures. The Cosmos Hub acts as a common thread across zones, allowing them to exchange information and value while ensuring the security and integrity of its own chain remains intact.

Users can utilize their ATOM to participate in the network’s proof-of-stake mechanism, vote on governance proposals, and participate in economic activities.

• Security: By staking ATOM, users help secure the network and, in return, receive rewards in the form of additional ATOM tokens.
• Governance: ATOM holders can propose and vote on changes to the network’s parameters, upgrades, and funding proposals.
• Economic Activities: ATOM tokens can be used for various economic activities within the Cosmos Network. The ATOM token is oftentimes used as a medium of exchange. Users can pay transaction fees in ATOM when transacting on the network.

The minimalism movement adopted by the Cosmos Hub (the “Hub”) has understandably led many community members and casual observers to question the purpose and utility of the chain (ie, “what is the ATOM token actually supposed to do?”). You can buy ATOM, spend ATOM, vote with ATOM, and stake ATOM to earn more ATOM. Beyond those three functions, the Cosmos Hub hasn’t historically done much else. It doesn’t allow applications to be built on top of it, for example. As the longest standing Cosmos network in existence, ATOM’s only semi-utility is its ability to function as a neutral, decentralized, and exportable medium of exchange (ie, “money”) throughout the Cosmos ecosystem.

Yet, this use case is at risk. Recently, fiat-backed stablecoins have begun being minted natively in the Cosmos via Noble (USDC) and Kava (USDT); fully collateralized WBTC is being minted on Osmosis. These recent developments are a net positive for the Cosmos ecosystem but risk unseating ATOM’s position as the ecosystem’s default form of “money.” In order for the Cosmos Hub to create utility for the ATOM token and stay true to its minimalist design philosophy, several value accrual mechanisms have been proposed. The most notable experimental strategy has been the formation of a shared security alliance between the Hub and various Cosmos chains called Replicated Security. This innovative approach seeks to enhance ATOM’s utility while increasing the economic security of Cosmos chains that opt-in to the alliance.

Sharing is Securing

In the broader context of blockchain technology, the term ‘shared security’ commonly refers to leveraging the security guarantees of one decentralized system to fortify another. Shared security models offer decentralization on demand for emerging networks while offering a greater degree of connectivity to the network they’re borrowing security from.

Practically speaking, shared security onboards a subset of an existing, reputable validator set that commits to also securing emerging chains. This arrangement enables these new chains to benefit from the robustness and established trust of the primary network’s validator set. Validators are incentivized to opt-in to additional slashing criteria in exchange for maintaining the integrity and security of both the primary chain and its security consumers, effectively spreading their stewardship and trust across multiple networks.

Shared security has the potential to transcend the conventional boundaries of merely offering economic security. Its implications extend into crucial aspects of blockchain such as scalability, economic incentivization, and usability. By implementing shared security, the Cosmos Hub can enhance the Cosmos Hub’s ability to help scale its growing ecosystem; it allows smaller, emerging chains to operate without the overhead of developing and maintaining their own security infrastructure. This reduces barriers to entry, unlocking a more vibrant and diverse ecosystem of chains.

Shared security attempts to address critical aspects of economic incentivization. Theoretically, emerging chains can redirect resources (typically allocated for security infrastructure development) towards innovation and growth. This creates a more efficient allocation of resources within the ecosystem. Realistically, the motivation of shared security is to signal social alignment with the security provider’s community. Shared security offers an economic benefit to the primary network and its validators and receives kickbacks for extending their security services, creating a symbiotic economic relationship. Once the shared security ecosystem has matured, we expect bootstrapping to streamline and remove several of the bottlenecks that currently exist.

Shared security also simplifies the end-user experience. Users can engage with multiple chains within the ecosystem, assured by the uniformity and reliability of the security model (assuming the entire validator set supports another chain). This not only enhances user confidence but also promotes greater adoption and interaction across the network.

Shared security represents a paradigm shift in the blockchain landscape. Its influence on blockchain architectures will remain a key focus in the coming years. An economically sustainable shared security framework can become a core value proposition of crypto-economies — if properly designed and executed. We believe shared security will realize interchain partnerships, further emphasizing the need for continued research into technical feasibility and economic sustainability. By fostering an interconnected network of chains that support and reinforce each other, shared security paves the way for a more resilient, scalable, and user-friendly blockchain ecosystem.

Replicated Security

The launch of Replicated Security (RS) marked the dawn of the Cosmos Hub’s shared security experiment. RS actualizes the theoretical concept of Interchain Security (ICS) by enabling the practical application of shared security across different blockchains within the Cosmos ecosystem. It is the first instance where the security of one blockchain (the Cosmos Hub) is approved through token voting and extended to secure otherwise independent blockchains.¹ The launch of RS operationalizes the idea of interconnected blockchain security. However the RS framework serves as more than just a security feature; it’s a strategic initiative to increase the utility of the ATOM token, with the goal to elevate its intrinsic value and importance across the ecosystem.

RS allows the Cosmos Hub to lend its active validator set to other chains within the Cosmos ecosystem. This not only enhances the security of these emerging chains but also solidifies the Cosmos Hub’s role as a central, stabilizing economic force in the ecosystem. RS increases the utility of ATOM by enabling other blockchains with lower security guarantees to tap into ATOM’s valuable economic security. It also onboards one of the most reputable validator sets in Cosmos.

A “consumer chain” is a blockchain that is secured by the validator set of a “security guarantor,” in this case the Cosmos Hub. Generally speaking, consumer chains enter into a service level agreement (SLA) with the provider chain.² In RS’s case, the Cosmos Hub (service provider) agrees to provide economic security to the consumer chain (service user) in return for compensation.

RS requires every validator running on the Cosmos Hub to operate a new validator node for the consumer chain, replicating the active validator set of the Cosmos Hub. Today, the current validator set secures ~$2.7B worth of ATOM across 180 validators.³ When a new consumer chain is approved, the Cosmos Hub agrees to include additional slashing conditions to the validators securing the Cosmos Hub. If an operator misbehaves or performs poorly on a consumer chain, the responsible validator (and its delegates) have their staked ATOM slashed on the Cosmos Hub.

In return for providing block production services, the consumer chain agrees to compensate the Cosmos Hub. While the terms of each SLA may vary, thus far most proposals have followed a similar playbook. The consumer chain typically proposes to share a minority share of protocol revenue with the Cosmos Hub in exchange for economic security.⁴ Protocol revenue typically comes from three main sources: transaction fees, MEV, and inflation (if applicable).⁵

RS creates a new value accrual mechanism for the ATOM token. Its innovative design enables the Cosmos Hub to capitalize on the economic value staked to its validator set and offers a creative new way for blockchains to form economic and social alignment with the Cosmos Hub. In totality, the Cosmos Hub and consumer chains form the Atom Economic Zone (AEZ). The creation of the AEZ and subsequent launch of RS is the first meaningful step taken by the Cosmos Hub community to create utility for the ATOM token. If successful, shared security has the potential to boost the entire ecosystem, improve the ATOM token’s utility, and create one of the most valuable services across the Interchain.

In our opinion, the most interesting (and overlooked) aspect of RS is its timing to market. RS is the first of several new shared security frameworks preparing to launch. It offers other teams an opportunity to learn from its early success as well as any missteps and changes subsequently made. Observing its benefits and challenges will have an impact on the future of ICS and shared security more broadly. RS’s evolution over the coming months and years can help shape subsequent shared security models in Cosmos (Mesh Security) and in other ecosystems (such as EigenLayer in Ethereum). From economics to technical implementations and governance, the data points and lessons taken away from observing RS can help inform ecosystems designing their own shared security solutions. Should RS succeed, it will have played an integral part in redefining the way in which blockchains are secured.

The remainder of this article serves as a strong endorsement for the concept of shared security through the lens of Replicated Security. We highlight the advantages it offers and identify some of the challenges facing the current version of RS. Addressing these challenges and sharing insights with the broader community is key to identifying and proactively addressing lesser-known obstacles down the road.

The Benefits of Shared Security — Replicated Security

One could argue that the endgame for the Cosmos Hub is to secure the Cosmos ecosystem; RS is the first step towards making this vision a reality. Whether through simple RS or through another shared security model, any system that maintains liveness for multiple blockchains simultaneously and reduces the cost to networks (in aggregate), has the potential to create and distribute significant value to its stakeholders.

If the Cosmos Hub can successfully roll out new features and add flexibility to its RS model in a responsible and thoughtful way, the Cosmos Hub will solidify the value proposition of ATOM and quickly become the economic center of trust and security for the Cosmos ecosystem.

The benefits of shared security extend beyond the potential financial gain for the Cosmos Hub and its stakeholders. The remainder of this section identifies three active participants within Replicated Security’s economy and describes how each party stands to gain from its success. We start by focusing on consumer chains, followed by validators and ATOM tokenholders.

Benefits for Consumer Chains

Consumer chains, secured by the Cosmos Hub, stand to significantly benefit from RS. Some of these benefits include:

1. Cosmos Hub Alignment: Ties with the Cosmos Hub provide consumer chains with economic security, facilitating a stable environment for economic growth. This alignment boosts investment confidence, enhances reputation, and signals the Cosmos Hub’s belief in the consumer chain’s long-term potential.
2. Trade & Economic Partnerships: We expect to see the Hub’s continued support of newly launched consumer chains. Providing economic resources (such as liquidity) to bootstrap DeFi applications and technical assistance grows the pie. Economic support fosters stronger relationships, akin to bilateral trade agreements, promoting network effects and collective success.
3. Technology and Innovation: Sharing the same validator set sparks innovation, exemplified by features like Atomic IBC. Shared security could extend to shared resources, encouraging developers on consumer chains to collaborate on new features while enhancing the AEZ’s collective development capacity.
4. Automated Validator Recruitment: Consumer chains benefit from the Cosmos Hub’s experienced validators, eliminating the need for intensive recruitment efforts.
5. Lower Overhead Costs: Replicated Security has the potential to dramatically reduce consumer chains’ economic security budget. By submitting proposals directly to ATOM token holders for approval, these chains can offer one-time incentives like token airdrops instead of bearing the ongoing costs of running independent security systems. This approach not only lowers the financial burden to early chains, but also aligns the interests of consumer chains with those of ATOM holders. For new chains, RS eliminates the need for high inflation rates traditionally used to attract validators, offering a more sustainable economic approach. Aligning with ATOM holders’ interests allows these chains to secure robust security support while maintaining a lower security budget. This efficient and cost-effective strategy marks a shift in how blockchain security is managed within the Cosmos ecosystem.
6. Changeover Optionality: Consumer chains enjoy the optionality to join or leave the AEZ, allowing them to assess and adapt to the evolving benefits and costs of participation. This flexibility is crucial for chains to optimize their engagement with the AEZ.
7. Network(s) Effect: The integration of consumer chains within the AEZ cultivates a unique “shop local, think global” ethos among users, fostering a preference for utilizing services within the consumer chain network. This inclination is further strengthened as consumer chains directly contribute to the prosperity of ATOM token holders, naturally encouraging the use of their products and services.

Benefits for Validators

The Replicated Security framework extends the validators role beyond providing stable, secure, and high-performing infrastructure for the Cosmos Hub; they’re also expected to support a growing number of consumer chains with varying degrees of complexity. Governance proposals detailing the terms of the SLA must pass on respective chains. Once the requisite proposals pass, validators are responsible for launching the consumer chain. Two-thirds of the validators by stake-weight must be live for the consumer chain to begin producing blocks.

Validators technically have the final say in the decision to launch new consumer chains. Validators are intended to act as a final check before launching new consumer chains. In practice, it’s unclear whether validators are willing to ignore the community’s express desire to support an approved consumer chain. As the Replicated Security model evolves, it will be interesting to monitor how these dynamics will play out.

Validators within the Cosmos ecosystem play a pivotal role in the Replicated Security model, balancing increased responsibilities with significant benefits:

1. Enhanced Revenue Streams and Inbound Opportunities: In the Replicated Security framework, validators experience a significant shift towards operational efficiency and broader network engagement. This new spin on the “Validator-as-a-Service” (VaaS) model under Replicated Security allows validators to concentrate on core operations, reducing the burden of extensive network evaluations. As long as validators are forced to support all consumer chains approved by the Cosmos Hub, this should minimize validators’ evaluation process.⁶ This streamlined approach not only leads to increased revenue opportunities but also expedites the integration of new consumer chains into the AEZ.
2. Increased ATOM Demand and Token Value: As more consumer chains adopt ATOM as its gas token, the success of Replicated Security will drive greater demand for ATOM and continue to build its case as the default “money” across the Interchain. RS also offers ATOM stakers the ability to earn additional rewards from the revenue share agreement the consumer chain has approved.
3. Early Validator Financial Subsidies: The Cosmos Hub has a diverse range of validators in its active set, many of whom have been validating on the chain since its inception. The increased operational costs incurred to spin up a new standalone chain can create financial stress on operators with financial constraints. To relieve some of these financial pressures, the Atom Accelerator DAO is working with capital-constrained teams to continue to support normal operations on the Cosmos Hub and ensure their increased overhead costs are covered during the initial rollout of Replicated Security.
4. Greater Opportunities and Automated Cash Flows: Today, the RS onboarding process is still manual. Although dev-ops engineers are experienced spinning up validators, the actualization of RS envisions 100s to 1000s of consumer chains. Such a process will require automated onboarding of consumer chains and improvements that reduce operators’ overhead costs. Automated onboarding will achieve both of these goals and will create the opportunity for the Hub to build a sustainable, repeatable business model for its validators.

Benefits for ATOM Holders

In the Replicated Security model, ATOM stakers emerge as the primary beneficiaries, especially when factoring the relative risk-reward ratio. Their commitment to staking ATOM fortifies the economic security of the Cosmos Hub and facilitates the extension of this security to consumer chains across the AEZ. This pivotal role places ATOM stakers at the heart of the Cosmos ecosystem, positioning them to capture a considerable share of the revenues generated by Replicated Security.

Key benefits for ATOM stakers include:

1. Additional Rewards: Replicated Security offers ATOM stakers additional rewards by supporting early-stage consumer chains. Proponents have suggested that ATOM stakers can earn “venture-style returns” from consumer chain airdrops and subsequent staking rewards. This unique opportunity provides exposure to various aspects of the Cosmos ecosystem, enhancing the value of their investment without additional capital.
2. Diversified staking rewards: The nature of staking rewards for ATOM holders is evolving. While currently dominated by ATOM, over time the basket of token rewards is expected to diversify, offering ATOM stakers a variety of assets from different consumer chains.
3. Influencing the Cosmos Hub Roadmap: Voting on consumer chains gives ATOM holders the ability to shape the future of the Cosmos Hub and the AEZ. Liquidity provisioning proposals also help bootstrap successful consumer chain launches.
4. Direct Impact on ATOM’s Value: The onboarding of new and exciting consumer chains to the AEZ is anticipated to spark renewed interest in the Cosmos ecosystem. This influx of developers and projects is likely to drive up the demand for ATOM, giving ATOM stakers a significant role in enhancing the token’s value by approving high-potential consumer chains.
5. Supporting Ecosystem Growth: Every successful addition of a consumer chain to the AEZ strengthens the business model of Replicated Security, making it more appealing to potential partners. This success also reduces the technical and financial risks for new chains considering joining the AEZ, setting a standard for future integrations.
6. Active Role in Due Diligence: ATOM stakers are not just passive beneficiaries; they actively participate in the due diligence of prospective consumer chains. Through involvement in forums and SLA negotiations, they can ensure that only high-quality, value-additive chains are integrated into the AEZ, further enhancing the overall worth and integrity of the ecosystem.

Current Challenges and Limitations of Replicated Security

The existing iteration of Replicated Security, initially referred to as “Simple Replicated Security” and now known as “Interchain Security v1,” represents the most basic version of shared security. In this model, the Cosmos Hub acts as the leader-chain with a mutable validator set, while one or more consumer chains replicate this set. A key requirement of this approach is that every validator on the leader-chain also validates for the consumer chains.

This system effectively turns the Cosmos Hub’s validator set into a Validator-as-a-Service (VaaS) enterprise. Consumer chains compensate for access to a pre-approved, actively managed set of validators from the Cosmos Hub. Validators, in turn, are obligated to support consumer chains that have passed governance voting, contingent on achieving the 66.7% validator agreement threshold.

While Replicated Security has sparked considerable excitement within the Cosmos community, it’s not without its challenges. The current version faces several technical, operational, and financial limitations that merit close examination and thoughtful consideration for future iterations.⁷ Addressing these limitations is crucial for the evolution and refinement of the Replicated Security model within the Cosmos ecosystem.

1. Comprehensive Onboarding Process: There’s a lack of detailed guidance for consumer chains looking to join the AEZ. While technical resources like Architecture Decision Records (ADRs) and the Consumer Chain Guide exist, they fall short in providing comprehensive onboarding steps, including practical and social steps teams should account for when joining. Clear documentations would address these points with specific examples and inform teams of the process to become a consumer chain.
2. Proposal Standardization: There’s a need for standardizing the structure and content of proposals submitted by consumer chains. This would involve creating a template or guidelines for proposals to ensure consistency and comprehensiveness, making it easier for validators and voters to evaluate and compare them effectively. This documentation is noticeably absent from the Consumer Onboarding Checklist.
3. Governance and Evaluation Guidelines: Developing clear guidelines and tools for the Cosmos Hub community to evaluate consumer chain proposals is crucial. This includes outlining key criteria, metrics, and benchmarks that should be considered in the decision-making process. Without guidelines, our decisions are based on vibes.
4. Reporting and Accountability Standards: Establishing requirements for periodic reporting by consumer chains post-approval would enhance transparency and accountability. Guidelines on what data points and metrics consumer chains should report would keep the community informed about their progress and contributions to the AEZ. Quarterly reports seem like a fair, baseline expectation.
5. Best Practices Documentation: There’s a need for comprehensive best practices documentation that covers both the technical and operational aspects of onboarding consumer chains. This documentation should provide clear instructions, case studies, and examples to assist teams in navigating the process smoothly.
6. Resetting Expectations: Effective decision-making in Replicated Security is hindered by a lack of clear tools and guidelines, leading to mismanaged expectations. Currently, stakeholders in the Cosmos Hub, including validators, voters, and consumer chains, face challenges in discerning optimal decisions due to insufficient information. For instance, consumer chains seeking Replicated Security are often unclear about the costs involved, while voters struggle to assess the value of the economic security they provide. Similarly, validators find themselves uncertain about their exact roles and responsibilities in the consumer chain approval process.⁸
7. Rushing Market Launch: The rapid deployment of Replicated Security, driven by the urgency to establish a leading model and facilitate the launch of consumer chains like Neutron, has led to a minimum viable product that may not fully address all stakeholder needs, particularly validators.
8. Validator Opt-In/Opt-Out Mechanisms: The current model does not offer validators the flexibility to choose their level of participation, potentially leading to an oversupply of economic security for consumer chains.⁹ ¹⁰
9. Replicated Security Dilutes the Underlying Value of Economic Security: We’re supplying consumer chains with far more economic security than they need today. Replicated Security has earned ~$51K in revenue since its inception (129 days) and currently generates ~$395 per day (see charts below).¹¹ All things being equal, the Cosmos Hub is on course to generate $57K of revenue through Replicated Security by year end, an annualized amount of $114K per year.
   The revenue generated is split between validators and ATOM stakers. Cosmos Hub validators receive 25% commissions on rewards earned through Replicated Security and stakers take home the remaining 75%. As a reminder, revenue earned for securing consumer chains is supposed to be distributed across 180 active validators totaling ~$2.7B of staked ATOM. The 2023 revenue generated divided across the economic security being supplied results in $0.00003353 of revenue generated for every dollar of economic security supplied by the Cosmos Hub. Said differently, each staked ATOM will earn $0.00037955 in 2023 (before being split 75:25 between the staker and validator, respectively).¹² ¹³ ¹⁴
   It’s clear that Replicated Security’s existing economic model is allocating excessive resources to secure consumer chains. We are actively diluting the value proposition of economic security by offering an excessively large amount more than consumer chains want or need. Appealing directly to tokenholders creates FOMO amongst stakers without offering them insight into how much they stand to earn and simultaneously ostracizes validators who recognize the compensation they will earn is insufficient to maintain operations. The longer the Cosmos Hub subsidizes full economic security to consumer chains without ensuring they’re paid a sustainable fee for block production, the less valuable shared security will be viewed in the eyes of ATOM stakers and prospective consumer chains.
10. Economic Viability and Sustainability: Under the current model, RS’s long-term viability is in jeopardy. There are real costs incurred whenever 180 operators decide to support a new blockchain. Forcing them to support new networks without some reasonable assurance of breaking even is not sustainable.

Validators have begun to raise the alarm.¹⁵ Some have suggested changes to its current format. If Cosmos Hub validators determine they cannot sustainably support a consumer chain, they have the option to discontinue support. A consumer chain halts if greater than one-third of validators (by stake weight) choose to stop operating their validator.¹⁶ We want validators to support the community’s preferences. In order to work in a collaborative fashion, we need to ensure their voices are heard and we find ways to address their concerns.¹⁷

If we want Replicated Security to succeed, we must find a viable path towards sustainable economic outcomes for the Cosmos Hub validator set. Increasing costs without understanding how validators stand to benefit from this model creates misaligned incentives and could become an existential risk to Replicated Security’s future.

Conclusion

As we examine the journey of Interchain Security and Replicated Security, it becomes apparent that these innovations represent some of the most significant steps to evolving the role of the Cosmos Hub. The inception of Replicated Security sets the stage for a transformative era in the Cosmos ecosystem. However, it’s important to acknowledge that the rapid deployment of Replicated Security, while ambitious, has led to certain oversights and challenges.

Despite these hurdles, the potential success of Replicated Security stands as a massive opportunity for both ATOM and the broader Cosmos ecosystem. Its success would not only reinforce the value proposition of the ATOM token but also elevate the interchain landscape with enhanced security and economic alignment.

In my forthcoming article, I will explore a viable path forward for Replicated Security. My next post aims to address many of the current concerns and provide actionable insights for refining this innovative model. The focus will be on establishing Replicated Security as a platform suitable for early-stage and mature chains, ensuring value and sustainability for all stakeholders.

The journey of Replicated Security is a testament to the evolving nature of blockchain interconnectivity. As we continue to observe and participate in its development, it is crucial for the Cosmos community to remain adaptable, responsive, and forward-thinking. Embracing the lessons learned and working collaboratively towards solutions will enhance the Replicated Security framework and pave the way for a more robust future for the Cosmos ecosystem.

Acknowledgements: special thanks to Chunda, Dougie, Elijah, Felix, and for comments and suggestions on earlier drafts of this piece.

footnotes:

¹ Replicated Security is not the first shared security framework, which belongs to Polkadot. The architecture of Polkadot best resembles a combination of Replicated Security and Ethereum’s roll-up centric roadmap.

² A service-level agreement (SLA) is an agreement between a service provider and a customer. Particular aspects of the service — quality, availability, performance, and accountability — are mutually agreed between the service provider and the service user.

³ As of December 15, 2023 (source: https://www.mintscan.io/cosmos)

⁴ At the time of publishing, two consumer chains exist: Neutron and Stride. In exchange for providing security to Neutron, the Hub receives 25% of its transaction fees and MEV revenue (Neutron does not have inflation). In exchange for providing security to Stride, the Hub receives 15% of liquid staking rewards, 15% of STRD inflationary staking rewards, 15% of MEV revenue, and 15% of transaction fees on Stride’s chain.

⁵ In the case of PoS networks, token inflation is more akin to a form of monetary policy and a mechanism for securing and maintaining the network. The newly created tokens can be seen as a cost to the network but operators view it as a form of compensation or earnings for their participation. These rewards are not “revenue” in the typical sense (i.e., revenue-generating). Instead, they represent a share of the newly created tokens that are distributed to network participants as an incentive for helping to secure the network.

⁶ If an opt-in model is approved down the road, most validators will continue to perform the same level of due diligence as they otherwise expect to.

⁷ There have been recent proposals to update Replicated Security’s current model, most notably Partial Set Security (PSS). PSS attempts to solve some of the high level issues surrounding the high cost of making every validator on the Hub run every consumer chain. However the initial proposal still requires the top 33⅓ validators to run infra for every consumer chain and incorporates a complex double-delegation system in which validators that opt-out of running a physical node for consumer chains can delegate to another validator running a physical node. While a promising start, the proposal might struggle to gain widespread acceptance among operators, who may be hesitant to expose themselves and their delegates to the increased risks and complexities associated with the slashing conditions tied to another validator’s misconduct or subpar performance.

⁸ This situation underscores a critical need for clear and comprehensive decision-making resources. Without well-defined expectations and an understanding of the roles and responsibilities within the Replicated Security model, stakeholders are at risk of making poorly informed decisions. The assumption that the market will self-regulate without structured guidance, especially in these early stages, is unrealistic and potentially detrimental. The diverse experiences and levels of understanding among stakeholders only compound the issue, creating a landscape rife with ambiguity and complexity.

⁹ A recent proposal was published on October 13, 2023 discussing “Partial Set Security.” Partial Set Security is “a reimagining of Opt-in Security… which would allow only a subset of Hub validators to run a physical node for each consumer chain, while still allowing each consumer chain to be secured by the full stake of the Hub.” This article does not address this initiative, however upon first glance I have two thoughts: it’s an important step to provide more flexibility and is more complex than I’d like to see.

¹⁰ It’s still unclear how many consumer chains need (or want) to replicate the entire validator set of the Cosmos Hub. The Cosmos Hub’s active 180 validator set currently secures the Cosmos Hub with over ~$2.7B of staked ATOM. Supplying each consumer chain with $2.7B of economic security, seems like we’re overdoing it and unnecessarily high. Currently Stride has ~$88.63M of TVL being liquid staked, 54% of which is ATOM and Neutron’s TVL sits at just over $49M. Does either consumer chain really require 30–50x its TVL to secure itself today? My guess is that Replicated Security is supplying far greater economic security than most consumer chains would realistically demand from the Hub if they had the choice. Providing too much security is also not optimal in certain situations (data as of: December 16, 2023).

¹¹ Source: https://www.datalenses.zone/chain/cosmos

¹² All revenue recorded from consumer chains is not normalized to today’s prices. To the extent someone were to hold their rewards, they would see appreciation or depreciation proportionate to the change in the fair market value of the underlying token. But still, neither of these tokens has 10,000x’d, so we’re still talking about fractions of a penny per ATOM.

¹³ Assume an investor staked 100,000 ATOM (currently valued at $1.13M). For the year ended 2023, the investor would roughly earn $28.50 from two consumer chains.

¹⁴ The largest validator in the Cosmos Hub, Coinbase Custody, has ~22.3M ATOM (valued at $253M) delegated to its validator. For the year ended 2023, Coinbase Custody stands to earn ~$2,116 for operating two consumer chains.

¹⁵ Additional resources include: Consumer Chain on-boarding and centralization — Chorus One research and Kam’s article on Interchain Security: Risks & Economics

¹⁶ As of December 17, 2023, the 7 largest Cosmos Hub validators account for 35.05% of the chain’s stake, suggesting any consumer chain is at the mercy of a small handful of validators.

¹⁷ During the discussion phase of Prop #187, several comments pointed to the existential risks Replicated Security would one day face if validators were insufficiently compensated for their services. One post states, “…a low-performing consumer chain can be stopped by ⅓+ of the validators simply turning off their nodes.”