- Ethereum’s Vitalik Buterin clarifies layer-2 solutions require substantial consensus to access funds, countering theft concerns.
- Security councils govern layer-2 platforms, needing at least 75% vote for significant decisions, ensuring user fund safety.
In recent discussions on X, Mert Mumtaz, co-founder and CEO of Helius, raised concerns that major layer-2 solutions on the Ethereum network have the technical capability to “steal user funds.”
it is frankly insane that every major L2 in mainnet right now can technically steal user funds
— mert | helius.dev (@0xMert_) August 30, 2024
This comment sparked a vigorous debate among the cryptocurrency community. However, Ethereum founder Vitalik Buterin has responded, offering clarifications that paint a more nuanced picture of the security mechanisms in place.
A major nuance: the rules for stage 1 require that only a security council with >= 75% vote threshold can overrule the code, and a quorum blocking (ie. >= 26%) subset needs to be outside the company. OP and Arb both comply with this. So the orgs cannot unilaterally steal funds.
— vitalik.eth (@VitalikButerin) August 30, 2024
Buterin explained that layer-2 solutions cannot arbitrarily access or take control of user funds without achieving a substantial level of consensus.
He detailed that a security council typically governs these platforms, which requires at least a 75% vote to make significant decisions regarding governance and fund management. This structure is designed to ensure that no single entity can unilaterally make decisions that could jeopardize the assets of users.
well you don't need to assume intent on behalf of the org
the point is that the degree of difficulty makes it vulnerable to many externalities like leaks, hacks, rogue employee collusion, enforcement action, wrench etc
(I will ignore the state of proofs rn since that's a…
— mert | helius.dev (@0xMert_) August 30, 2024
Additionally, Buterin highlighted that to maintain independence and prevent conflicts of interest, a significant portion of the council members—no less than 26%—must not be affiliated with the company that developed the layer-2 solution.
For example, in the case of Arbitrum, a layer-2 solution developed by Offchain Labs, a quorum-blocking group includes members from outside the company to ensure sufficient decentralization and impartial governance.
Both Arbitrum and Optimism, prominent layer-2 solutions, adhere to these governance standards, which Buterin believes should mitigate fears regarding the potential for these technologies to misappropriate user funds.
Nevertheless, skepticism remains among some users about whether the quorum-blocking subset of the council would genuinely act independently of their associated companies.
In addressing the raised concerns, Buterin referred to the diverse makeup of Arbitrum’s governing council, asserting that the variety and clear roles of its members enhance credibility.
Cryptocurrency analyst Adam Cochran concurs, pointing out the influence that the composition of the council and the integrity of its members have on its operations.
He stressed that a council with a broad spectrum of reputable stakeholders minimizes the risk of collusion, thereby protecting user assets effectively.
The ongoing debate highlights the importance of robust governance structures in maintaining the integrity and security of the burgeoning layer-2 ecosystem within the Ethereum network.