Ethereum Foundation Danny Ryan: Thoughts on Key Issues for Ethereum in 2023

Original Title: ++Reflection++ ++2023++

Original Author: Danny Ryan (Ethereum Foundation Researcher)

Compiled by: Qianwen, ChainCatcher

After Ethereum completed what I believe to be the most important upgrade in blockchain history, our forward direction successfully shifted to extraction and primary scaling upgrades, facing many key tasks and upgrades in the coming years. At this time, "Ethereum killers" waver in the uncertainty of the bear market, Bitcoin culture and technology struggle in a void, but Ethereum demonstrates unprecedented strength as we continue to build, refine, think, and make an impact.

The technical roadmap ahead is long and complex, but I am not worried about our execution and timeline. Because we have proven our ability to deliver at a high level and confirmed that the Ethereum ecosystem is moving in the right (and difficult) direction, making Ethereum more resilient at all levels. Industry fraud is rampant, but Ethereum stands firm. Even deep in the bear market, Ethereum continues to foster builders and innovation. In an increasingly turbulent global landscape, Ethereum has found ways to make an impact in key areas.

My reflections will focus more on survival issues—such as the health of the L1 ecosystem, capture, cartel, alignment with Layer 2, and so on.

1. Technology: The Road Ahead is Long

Ethereum has proven that it can not only achieve significant technical goals but can largely do so in a decentralized manner. The merge is a unique achievement—no other project has accomplished such complex technology, high-level execution, and global decentralization.

The transition to PoS took longer than we anticipated. When I first started working at EF, Aya Miyaguchi asked me in the spring of 2018 when we would complete the PoS work. My answer was "8 months," but for many reasons, it ultimately took us longer to achieve it. However, we have established a multi-layered, multi-client, resilient ecosystem and protocol that can enhance staking decentralization to levels that other blockchains cannot even reach.

Just take a look at Vitalik's roadmap document, and you will realize that before the protocol is "complete," we still need to go through many long and complex years (5 years, 10 years). We should not be complacent about the delivery of the merge protocol, but rather leverage this momentum, expertise, tools, and processes to address the many challenges that still exist.

But what does "complete" mean here? It reflects in various aspects—finding sufficient end status. Clearly answering what constitutes sufficient functionality, sufficient security, sufficient decentralization, and so on. The key is to be clearer conceptually and technically about what needs to be optimized and what the minimum thresholds are. Clarifying these aspects will help us determine priorities and make the right trade-offs between complexity/functionality in the coming years, and I will also discuss how this benefits us in the solidification process.

Current Technical Concerns

1.1 Evolution of PoS

There is extensive research and explanatory material being built around aspects such as Proposer-Builder Separation (PBS), LMD-GHOST confirmation rules, Single Slot Finality (SSF), Single Secret Leader Election (SSLE), Proof of Custody (PoC), Proof of Execution (PoE), and early RANDAO reveal reductions, evolving Ethereum from PoS to its final, most secure, and sustainable form.

Most of the above relates to reducing or eliminating gameability, addressing the pain points of cartel existence, the tragedy of the commons (editor's note: a social trap involving conflicts between individual interests and the public good in resource allocation), and credit assumptions—strengthening the protocol even in extremely adverse conditions. While the network will eventually be able to recover, it is still essential to ensure that the protocol can handle the widest range of attack scenarios without interference.

1.2 DAS in Practice

Data Availability Sampling (DAS) is a beautiful mathematical solution to the data availability problem. However, instantiating it efficiently and robustly in practical p2p network construction is not easy. In 2022, many teams joined the effort to solve this problem—both academic and practical engineering—but much work remains to be done to achieve a sufficient solution.

This problem is not tricky, but the scope of design is quite large, making it difficult to quickly reach an appropriate balance between complexity and robustness. If we are willing to compromise on decentralization and robustness, DAS can reuse existing network components and work properly in suitable cases. Given that attacks on this network structure would completely undermine the chain's validity, not only must we design a workable system, but we must also design a system that is as resilient as other aspects of the protocol.

EIP-4844 lays the groundwork for scaling data and provides us with parameter data-gas limits that adjust as DAS handles more load. I believe we should cautiously increase this parameter, such as setting the data-gas limit far below theoretical limits, running DAS in parallel for a period to achieve complete 4844 downloads, and achieving extremely high network redundancy.

Compared to many other competitive upgrades, the order in which DAS will be rolled out is still up for debate—statelessness is another obvious major competitor. My intuition is that DAS will need more time to mature, focusing on non-scaling upgrades in the 12 months following 4844 (statelessness, security improvements, PBS, etc.), while observing the mainnet and potentially integrating with more advanced gossip technologies (like episub) before raising the data-gas limit from the initial parameters.

2. MEV—Pandora's Box

One of the core themes over the past 24 months has been Maximum Extractable Value (MEV)—not only its impact on the application layer but also on Layer 1 consensus and security. It's like opening Pandora's box. MEV turns what we thought (and hoped) were simple things into complex matters composed of incentives, attacks, and more. MEV brings centralizing effects to the validator community, with rewards for cartels much greater than before, directly incentivizing reorganization and introducing a new wave of PvP players, complicating the simple user-validator model.

MEV has a certain impact on the things that need to be accomplished before Ethereum can achieve "completion." The protocol must recognize the existence of MEV; otherwise, these incentives will undermine network stability and potentially destroy the network. This requires implementing some mitigations, such as Proposer-Builder Separation (PBS), MEV burn, SSF, and anti-censorship measures within the PBS context.

Should we quickly implement MEV mitigation measures (after all, the threat is real), or spend more time researching the problem first and then propose solutions? I am hesitant. I worry that despite our leaps in understanding this problem area, the research is still in its infancy, and what we can build today may not meet Ethereum's long-term needs.

I feel that perhaps we cannot "take our time" because the inherent incentive mechanisms in the MEV space have led to a slew of solutions, networks, and products that are often rapidly adopted and impactful. If we do not act quickly, third-party solutions and activities will define, shape, and even potentially threaten our existing key norms.

2.1 Complexity

This issue is tricky. Ethereum is complex and will only become more complex. I worry that this dynamic system may become too complex now or in the future for us to handle, reason about, or ensure its security.

In all possible scenarios, modularity is crucial for managing system complexity. We have "fallen into" the separation of execution and consensus, with many complexity issues being obscured because we use libp2p at the (consensus) network layer and robust, audited/verified libraries at the cryptographic layer.

This way, each component can be corrected individually, and the relevant individuals and teams can specialize more, ultimately aggregating into a more complex whole.

Moreover, the capacity of the core protocol should not exceed the levels required in any domain, as this would introduce unnecessary complexity.

3. L1 Coordination Game

3.1 Development of L1

Over the past 5 years, we have made leaps in our ability to perform complex upgrades to the protocol, with the number of participating teams and individuals increasing fivefold, becoming more resilient in both software and thought. Not going it alone remains key to the healthy development of the protocol.

The client ecosystem at the consensus layer, the diversity of expertise, and the diversity of use cases are significant advancements. The client ecosystem at the execution layer initially faced many asymmetry issues and required more time to reach similar levels of expertise and reliability. But I believe we are ready in 2023 to change the phenomenon where 80% of the mainnet is dominated by GETH. In fact, the merge is a turning point here.

3.2 Incentives

At the peak of the bull market, I and many others were very focused on the incentives for working on Ethereum L1, whether compared to Ethereum's application layer and L2 or to other L1 competitors. All alternatives have token incentives, which have high upside potential and highly liquid products.

During the bull market, the valuations of liquidity products were very high. Therefore, we faced actual personnel turnover, along with a more subtle and growing dissatisfaction stemming from the vast difference between working on critical infrastructure and building on top of it. I am not sure if I articulated this clearly at the time, but in hindsight, people felt both bitter and dissatisfied about the immense wealth accumulated by L1 teams. Regarding L1 alternatives, some claimed that this misaligned incentive mechanism is a fundamental factor in blockchain development, and L1 alternatives will always drive the suppression and elimination of old L1s. These arguments were naive even at the time, but their impact and negative sentiment continue to grow.

Now there are many positive trends in L1 development incentives. The protocol guild's year-long pilot has raised over $12 million for more than 120 members across 20 teams. The funding experiment for traceable public goods may at least demonstrate that some applications and L2-dependent software are available and secure. Other funding mechanisms, such as Gitcoin and clr.fund, continue to innovate to support public goods across the ecosystem. Additionally, other funding experiments at the social level have great potential, such as optional staking transaction fee/MEV split contracts (for example, 1% of your staking transaction fees go to your client).

3.3 Capture

There are now many resource-rich, well-operated entities that are not only interested in the success of the Ethereum protocol but also wish to control Ethereum. They currently do not seem to exhibit malice, but they do have a significant influence on the protocol's development. To this end, L2, VCs, exchanges, and dapps have joined the process of L1 governance and development. We are in a unique period where stakeholders related to Ethereum are increasing and becoming clearer. However, many areas of the protocol are still inadequate by any standard and have not yet been solidified. This poses significant risks in the coming years.

A few years ago, these interested, mature/resource-rich entities did not exist at all or did not consider "helping" and joining. They were mainly various independents in dialogues among EF, client teams, and the core protocol. If, in a few years (3? 5? 10?), parties come forward to offer help, the protocol may become more solidified, and interested parties will face less risk when providing assistance.

In fact, for entities that rely on the health and stability of the Ethereum network, ownership of critical infrastructure may be a long-term necessity. Currently, ownership of infrastructure means having a say in an early protocol. Ultimately, the malleable components of that protocol will become smaller and less significant, referring to elements around the core such as network protocols, lightweight client communication, content delivery networks, etc. However, there are still significant interests at play in this regard, and less solidified, chaotic, human upgrades may still manipulate the protocol.

Given the increasing number of interests, there is a desire to find a balance that allows non-client developers/non-researchers to have a voice in governance. Attempting to gatekeep for everyone is difficult because, in fact, there has never been a real standard—if you show up and do the work with integrity, you will be welcomed. New entrants have increasingly complex backgrounds and motivations, which can even affect core maintainers as conflicts of interest multiply—investors in applications/L2, representatives of DAOs, advisors from venture capital firms, enterprises, and providers of various products; not to mention the growing attention to cryptocurrencies from the global landscape and the influence of various geopolitical relationships.

I firmly believe that any formal structure beyond "developers write code, users run software" poses a long-term existential threat to Ethereum. I have seen calls within the community to establish structures similar to political parties or lobbying interest groups. The more structure there is in this process, the easier it is for these structures to be abused (captured) and become less likely to be removed (anti-solidification).

Reaching consensus is not easy, but we are working towards a more robust protocol that is sufficiently solid, secure, and resistant to capture. I suggest that we add as few additional governance structures as possible in the next 5 years, focusing more on some softer aspects, such as ideological consensus, building a strong culture that focuses solely on task upgrades, and facilitating two-way communication between developers and scaling communities in less formal forums. In other words, the governance process is a beast that can be managed but not directly controlled. Individuals can influence outcomes here through guidance and thought, and if things truly go off course, they can speak up loudly, but Ethereum governance is an independent organism that no single party can control at present.

3.4 Client—Buy or Build?

Even if the development and upgrade process of the protocol is confined to the "developers write code, users run software" model without adding new formal structures, engaging with and maintaining clients remains the entry point for anyone entering the dialogue and process.

As we saw in 2022, this can be accomplished through purchasing (Arbitrum -> Prysm) or building (Paradigm -> reth), each with its own challenges, legitimacy, and sustainability. For example, purchasing a client is relatively straightforward, but legitimacy may be sacrificed, and the sustainability of impact is extremely low—clients are composed of individuals, and before individuals leave or defect, the acquiring company may only change priorities and viewpoints. Building a client is much more challenging but is more legitimate and lasting. In 2023, both experiments are worth watching.

Ethereum's development and governance rely on a security-first, ideologically aligned development culture. My assessment is that in the current configuration, one or two wildcard client teams or individuals would find it difficult to change the path or feature set in what we call "capture," as the entire team's ability to evaluate the pros and cons of suggestions is limited and constrained by their own ideologies to determine priorities and direction. What I worry about is the emergence of situations where new entrants deviate from "consistency" with others in the client team, or where some existing, ideologically aligned client teams leave, or more client teams are acquired or created by entities with less ideological alignment in the coming years.

The multi-client spirit and ecosystem is one of Ethereum's superpowers, bringing greater resilience, legitimacy, and security through the introduction of diverse software and perspectives. This is one of the ways Ethereum brings various intellects and thoughts, and is one of the main feedback loops that make Ethereum strong. I do not recommend imposing restrictions on joining such informal client teams. On the contrary, I suggest keeping the doors open and explicitly welcoming more highly unified client teams in the coming years. It would be even better if we could simultaneously strengthen the geographical and jurisdictional diversity of Ethereum client teams while doing this, as there are still some regions globally that are overrepresented and underrepresented. Deepening global client representation will make Ethereum more resilient while further expanding its intellectual sources.

4. Solidification

Bitcoin has tainted the concept of solidification. Solidified Bitcoin is viewed by the Ethereum community as a useless protocol, maintained by a group of people with religious fervor, who do not follow any rational path that does not glorify Bitcoin's perfection or disparage other designs. This indeed raises a question—whether this is due to the particularity of the solidified thing (in this case, Bitcoin) or due to the act of solidification itself. My intuition is that the religious anti-intellectualism stems from Bitcoin's inadequacies. The Bitcoin protocol is insufficient to meet its demands, and thus the rationale of its supporters has become distorted to support its solidified state.

I believe that a protocol capable of fulfilling its tasks (in our case, being secure, scalable, and sufficiently capacious) can coherently argue for the solidification of its outcomes. Therefore, the surrounding community does not need to fall into religious fervor to defend this choice. Moreover, in our case, I believe that the liquidity and scalability supported by solidified protocols allow the community to explore and optimize at higher levels, thus maintaining intellectual engagement.

That said, some community members worry that without a continuously evolving protocol, Ethereum will lose its allure, no longer be esteemed by intellectuals, and many things that make it so special and vibrant will lose their luster. I believe that as long as the second layer provides sufficiently rich support, we can reap benefits—solidifying on a secure foundation while still supporting active intellectual exploration and optimization at higher levels within the ecosystem. At least, that is our dream.

4.1 Is Solidification Foolish?

But is solidification a foolish practice? Can it really be achieved in the context of Ethereum? And how can solidification be useful? Must solidification be absolute, or can we "comparatively solidify" to gain most of the value? Ultimately, is sufficient intent for solidification enough to protect us—does the imminent threat of solidification keep the process on the critical path, ensuring alignment and strengthening the immune system against special interest groups and capture?

I do worry that achieving solidification in any relatively near future is unrealistic. Because there is still a long list of upgrades and security improvements to be completed—sharding, PoS evolution (SSLE, PBS, etc.), security improvements (SSLE, guardian games, proof of execution, etc.), statelessness, ZK-EVM, post-quantum cryptography, and so on. Given the complexity of the tasks at hand and the general speed of rollout, the time required will be no less than 5 years, or even 10 years. I worry that advancements in cryptography and emerging issues will cause this list to continue to grow and change in the foreseeable future.

So, if this is an endless process, will the pace of change at least slow down? Perhaps a more effective definition of solidification is that it is a trend rather than an end result— it should become increasingly difficult, requiring more justification, effort, and time to incorporate any changes into the protocol. The protocol will not really solidify; our best effort is to keep the dialogue with solidification ongoing. If we are always trying to solidify or be in a more solidified state rather than always expecting, yearning for, or seeking change, then the dialogue around solidification will lean towards skepticism about change. Sufficient skepticism may be enough to protect the protocol, even as the protocol evolves (slowly).

In this year's reflections, I am beginning to believe that this dialogue with solidification is not only our best effort but also a way to ensure that Ethereum does not develop in a way that is unable to respond to the future in an unpredictable manner. But I also believe that solidifiers—those who tend to slow down, who prefer to change certain components only when absolutely necessary, and who fear that increasing complexity and change will impact the upper layers—are a very small part of today's core L1 process and the larger community.

This camp and idea have not yet grown strong enough to become a necessary immune system within the protocol. While there are many respected voices in this camp to ensure the existence of minimum thresholds, the arguments and merits of "protocols tending towards solidification" must be articulated in the coming years so that the balance does not tilt too far in the other direction during this complex and ever-changing critical period.

4.2 Alignment of L2 with Ethereum

One of the benefits of an L2-centric roadmap is that it allows L1 to leave various design decisions (cross-domain communication, virtual machine selection and optimization, parallelization, state management, etc.) to the "market," rather than painstakingly selecting and implementing specific (and likely suboptimal) solutions. This idea market above Ethereum L1 can not only find good solutions in the short term but can also adapt to the world's growing and changing needs over the coming decades. Need parallelization? You can try a new L2.

Want a better virtual machine to support necessary formal verification? L2 can adapt to this change, or new L2s will emerge. This anti-solidification is built on a relatively solidified base layer, indeed achieving the best of both worlds.

As for the health of this market—Ethereum's L2 ecosystem is doing quite well. Several different optimistic EVM routes are underway, many different EVM-compatible/equivalent zk-rollups are racing to market, and some peculiar, more experimental rollups are emerging from the edges (like Fuel). Some believe that this exploration has become somewhat mired—focusing solely on EVM—hoping for more dramatic changes that break away from L1 structures—Solana-rollups, highly parallelized rollups, etc.—but the market can still adapt to the successes or failures of current ideas. EVM seems to be a moat, and within that moat, most people are building.

Given that all eggs are in the L2 basket, one thing I worry about is the alignment of L2, both in the short and long term. There are two main issues—(1) L2 is parasitic and will ultimately fork into L1; (2) L2 is the standard for Ethereum, where users interact but do not believe in Ethereum's values—decentralization, resistance to censorship, support for public goods, radical cooperation, and so on.

The former is more of an existential question—does being anchored in Ethereum's security zone really have value? This is essentially the argument of the L2 roadmap—that these scalable environments inheriting Ethereum's security and native bridging are valuable to users, and therefore valuable to the developers, companies, and communities building and maintaining them.

I believe in this argument—achieving sufficient cryptoeconomic security is difficult, and in an increasingly competitive environment, most blockchains will inevitably fail to reach sufficient levels. Cryptoeconomic security is a limited resource and is a function of the ongoing economic demands of these systems. Therefore, while I do expect some L2s to "abandon" Ethereum and try to leave—some may succeed, others may fail—I do not believe this will happen on a large scale, and a few L2s leaving will not break the theory of cryptoeconomic security as a service.

As for (2), I have more concerns. L2 will inevitably become the primary touchpoint for the vast majority of users. In most cases, they will exist within L2, interact within L2, and bridge between L2s, as these L2s are both secure and affordable. Thus, L2 becomes the face of Ethereum. Is this way perhaps secure, but is it decentralized, resistant to censorship, adhering to Ethereum's values, and constantly reimagining the world? At this point, the answers to these questions are clearly not affirmative.

Venture capital firms are stepping into the L2 space, tokens are being distributed haphazardly to insiders, and most governance models are oligarchic, upgrading arbitrarily without notice. Not to mention that most L2s make sacrifices in their security models to go to market, hoping to iterate towards decentralization (e.g., no fraud proofs, single sequencers, unclear emergency exit mechanisms, etc.).

There is an interesting balance here. L2 can and hopes to invest more energy in marketing and business development, competing with alt-L1s that are very aggressive in this area. This allows Ethereum L1 to remain neutral in this regard, while the layers above try numerous customer acquisition and onboarding technologies. But whether L2 will default to retaining Ethereum's brand, values, and soul is not obvious.

Managing a healthy L2 ecosystem is crucial and requires multifaceted efforts to achieve—researching and promoting secure structures, realizing L2's value (showing its essence rather than how it is portrayed), and exploring governance risks, security trade-offs, poor token distribution, value adjustments, and other emerging issues whenever possible.

Moreover, we cannot only focus on the negatives; we must also celebrate the positive, secure, and consistent parts. Today's Ethereum community has tremendous power in setting norms that will define the development of the L2 movement over the coming decades. We must ensure that L2 not only inherits Ethereum's security but also its legitimacy.

Summary

This article reflects the author's extremely short-sighted and biased views. There are many issues, even many success stories, that the author of this article did not realize or did not have time to include.

In short, Ethereum is stronger than ever. The community has achieved astonishing results in building core infrastructure, scaling through community layers, and fostering community development. However, significant challenges and enormous risks still exist.

Ethereum remains vibrant. Please do your part to maintain this state.