99.76% of Lido tokens that have currently voted, are against a self-limit on the amount that can stake on Lido, a liquid tokenized staking protocol.
That translates to 63 million tokens voting against, and just 153,000 voting in favor, out of 312 million circulating with the vote having another week to run.
Yet it appears it will clearly be a no, with this being an ‘official’ vote in as far as the Lido Twitter handle announced it.
That’s despite Lido controlling 30.5% of all staking eth, down from 31.2% last month. Yet this aspires to be a decentralized solution, making the matter of ‘control’ somewhat complicated.
The project claims to be non-custodian, with the smart contract owning the ethereum validator. But, someone has to run and maintain that validator, with the validator set currently being a hybrid and permissioned design.
Hybrid in as far as there’s a Lido Node Operator Subgovernance Group (centralized) which decides what entities can run a validator with the DAO approving or rejecting the list.
Yet Lido states each node operator controls only 2% of the total amount staking through Lido, something we can’t quite verify except through an audit.
They’ve just added a number of new node operators, including Nethermind, an eth1 client, and Prysm as well as Sigma Prime, eth2 client developers.
Their longer term ambition is to use Distributed Validator Technology (DVT) to pool together trusted node validators with untrusted nodes – as in anyone can join – to decentralize further the node operation.
They plan to use a score as well to incentivize performance by allocating more staking share, or less, with end stakers – the steth holders – eventually to control the withdrawal of the staking funds in presumably a non-custodian way once the unlock goes live by next summer.
Lido Project Against Self-Limit
And so the project itself was against imposing such limitation with it stating back in April:
“Only a liquid staking protocol that has reached a significant scale can generate the fees necessary to maintain a good validator market, support the ecosystem, and ultimately protect the blockchain itself from centralizing forces.”
This support is provided through a 350 million LDO treasury reserve held by the project, currently worth $200 million.
Some of that is presumably used to pay these node operators, including the eth2 client developers, with it unclear just how much they get exactly.
Eventually such payment will be through keeping some of the staking profits, with the same potentially usable to give LDO a floor of sorts.
The more stake, the more LDO has value, and so a no vote should have perhaps been expected, but the 33% threshold can bring down the network if something goes wrong and all of it is affected.
So far nothing has gone wrong, but there is no value so far because the staked eth is locked, as is the reward. Therefore there has been no real audit yet.
They of course have been audited, including by Sigma Prime which is developing eth2, but whether the Nakamotos have carried out a successful audit, we do not know yet as presumably they’d let us know only once the withdrawals are available.
As such, arguably there should be a self limit here just from the practical consideration of waiting to see what bug, if any, might be exploited once withdrawals are allowed.
From that perspective, this is already far too big with four million eth deposited, but Lido argues that there’s a network effects race and they can’t afford to lose because conceptually the whole system of staking itself would become a problem if say a centralized exchange was dominating.
It’s good that it’s Lido, they argue, and to their credit, this is the only decentralized – or aspiring – project that has become more popular than the centralized alternatives.
Bitcoiners tried, to no avail, to get decentralized mining pools going. There’s DAI as a stable, that gets beaten by Tether. There’s decentralized exchanges, like dYdX, that are competing but not quite dominating.
Their point therefore condenses to better bugs or 33% threshold risks than the far bigger risk of actual centralization by exchanges ruling eth, which would be a conceptual problem rather than ‘just’ a risk.
When the Protocol is the Centralization
“To me Lido is just like a collective of honest indoor shrimp farmers gathering together to fight against the mega-shrimpfarming conglomerate,” says a Lido-nian before adding:
“It’s the exact same struggle. This unnecessary battle between aligned collectives is distracting us from our real goal. I’m against the limits because they favor the big shrimpers.”
Yet is Lido a big shrimp is the question, though of a different sort where the matter is not abuse of trust – depending on just how decentralized are some bottlenecks like the DepositSecurityModule – but more the fact that it is one contract or set of contracts or design and a bug may affect the whole 33% of staking eth.
This is a question for stakers themselves ultimately. They have their funds at stake and they can of course be lost, including completely, through slashing or some systemic exploit no one knows of.
But it is also a question for the ethereum network and it is a fairly simple question: is Lido part of the protocol like the Geth client node, and thus is a potential Lido bug the same as a Geth bug where the network just upgrades with no controversy?
The answer is a lot more difficult than the question and in practice it has to amount to a yes because if 33% of the stake is down and the network has frozen and the solution is upgrading to fix some Lido bug with no time to debate any of that, then presumably that’s what will have to be done.
Except that potentially brings too important to fail problems, and so the only reasonable argument Lido can have to not self limit is to claim they won’t fail, a claim they can’t make because they’re just too young yet and not tested with withdrawals on.
So whether they limit or not is irrelevant. Ethereans need to know that crossing the 33% threshold comes with systemic risks, risks which in the case of Lido might not apply as they aspire towards decentralization, but they might apply because we just don’t know yet.
And so stakers presumably will themselves want to keep under that threshold, with the alternative here not necessarily being centralized options, but clones of Lido.
There’s the much hyped Rocket Pool, and the overt and overdone hype has done it significant disservice, but if Lido is decentralized then even we here at Trustnodes should be able to clone it in an afternoon.
It would then be a bit more difficult to get the tnETH into something like Compound or indeed DAI collateral, but it shouldn’t be that difficult with the reward being a minimum of $200 million… erm, TNido tokens. Minimum because once withdrawals are enabled, tested, and deemed more reward than risk, the popularity of staking should increase.
The Lido dominance therefore will probably be temporary with it the case both in eth and in bitcoin in the early days, that one pool dominated beyond 51% simply because the competition had not caught up.
That may repeat as Lido has designed a very fine, complicated, and a pretty cool system with it not really their fault that there happens to be a 33% threshold, and if they’re totally decentralized such threshold might not necessarily apply. But, from what they state at least some of their node operators will always be permissioned, or at least for the foreseeable future.
So it is not clear whether this can reach the level of tokenized solo staking, and even in that case, conceptually at least, they’re all using the same protocol – the same Lido package – which potentially makes it a systemic risk.
This is the same argument and even requirement for client diversity. Stakers should not even use Windows operating systems or Macs because more than 33% of stakers probably do already, so if there’s some fault or exploit somewhere in that OS, they’ll get slashed and potentially lose all their money.
With there of course being the question of just how much security is too much security, but why does anyone care that it is Lido OG rather than the Lido Linux flavor anyway, why take the risk? Especially before withdrawals are enabled and we get the full test.
We disagree with the vote therefore. They should cap to promote competition from likewise projects, rather than centralized entities, but there is the question of whether there’s a certain number of entities willing to be node operators, and thus whether a team going off to Lido2 would make that much of a difference.