Ethereum’s Layer 2 Rollups Reduce Costs, but the Risks Are Underappreciated
It’s no secret that Ethereum can be prohibitively slow and expensive. The blockchain became virtually unusable for most people at the peak of crypto’s most recent hype cycle, when something as simple as swapping one token for another could have cost upwards of $40. There’s a reason why blockchain alternatives like Solana (pitched as an “Ethereum killer”) and then Aptos (a “Solana killer”) debuted.
For those wanting to keep transactions in the Ethereum ecosystem, though, there are layer 2 rollups. They run parallel to Ethereum, augmenting its ledger and delivering lower fees without, in theory, compromising security.
This article originally appeared in Valid Points, CoinDesk’s weekly newsletter breaking down Ethereum’s evolution and its impact on crypto markets. Subscribe to get it in your inbox every Wednesday.
As they’ve grown in popularity – more than $3 billion in Ethereum user funds have been locked up on Arbitrum and Optimism, the largest rollup networks – what has been underappreciated is that they’re riskier and more centralized than most users recognize. While transacting on these networks will eventually be as safe as transacting on Ethereum’s main network, planting money on Optimism and Arbitrum today means placing a tremendous amount of trust in the integrity of their developer teams and the quality of their code.
Rollups bundle up transactions and then pass them back to Ethereum, where the entire batch of transactions is added to the ledger in one fell swoop. That can cut costs dramatically. Arbitrum and Optimism boast fees around 95% lower than those of Ethereum’s base chain.
Additionally, they are marketed as more secure alternatives to so-called sidechains and commit chains – networks that pass transactions to Ethereum with little more than a “pinky promise” that they reflect real user activity.
Unlike trust-based sidechains, layer 2 rollups have special systems to guarantee that transactions aren’t spoofed or altered before they are passed back to Ethereum's main chain.
That’s the idea, at least. While Ethereum's rollup networks aim to achieve equivalent security to Ethereum itself, virtually all existing rollups currently require that users trust the rollup’s own, centralized operators – rather than Ethereum’s vast network of operators – to know that funds are safe.
“We should get to the point where technology is mature enough that it's completely trustless and we don't need to trust any external third party,” Bartek Kiepuszewski, the founder of layer 2 watchdog site L2BEAT, said in an interview. But, he added, “we still have a long way to get there."
Optimism and Arbitrum comprise 80% of the total value locked (TVL) in Ethereum layer 2s. At their core are “fraud proofs.” If someone notices that transactions from Optimism or Arbitrum look fishy, they have time to submit one of these proofs to prove their case. This cryptographic evidence, if submitted in time, will definitively prove that the rollup has passed botched data to Ethereum.
Trusting Optimism and Arbitrum, in other words, means trusting that anyone can submit a fraud proof to call out incorrect or malicious transactions. But neither system works like this today.
On Arbitrum, only a select group of hand-picked operators are allowed to submit fraud proofs.
Harry Kalodner, the co-founder of Arbitrum builders Offchain Labs, said in an interview the team aims to make it so anyone can submit proofs within the next six months. But for now, Arbitrum users need to trust Arbitrum and its curated group of validators to know their transactions will not be tampered with.
Meanwhile, Optimism, despite having $2 billion locked in its virtual bank vault, has yet to deploy fraud proofs (which it calls “fault” proofs) at all. The network’s proof system is “currently undergoing major redevelopment,” so is currently not active, according to the Optimism website. However, they are said to be planned for a soon-to-arrive update.
Without fully baked, fraud-proof systems, Arbitrum and Optimism cannot claim they “share” Ethereum’s security. Instead, centralized actors – the chains’ builders – technically have the ability to alter how transactions are processed.
And the concerns about centralized control don’t end at Arbitrum and Optimism’s fraud-proof systems. Both also use centralized sequencers – meaning they rely on single parties to bundle up transactions and pass them down to Ethereum’s base chain.
This does not give either platform the ability to alter transactions or steal funds, but it could, potentially anyway, allow them to censor or reorder transactions to extract MEV, should they so choose. (CoinDesk has seen no evidence that either platform has ever done this, though.)
Smart contracts and upgrades
The leading rollups are not as trustless as users may believe, but so long as the teams behind Optimism and Arbitrum act honestly, incomplete fraud-proof systems and centralized sequencers are reasonable to expect so long as the platforms eventually decentralize.
But centralization is not the only reason why Optimism and Arbitrum do not have equivalent security to Ethereum itself.
As with other rollups, another security risk when using Optimism and Arbitrum is that their core codebases – the Ethereum-based smart contracts that allow them to operate – are vulnerable to hacks like any other blockchain-based programs.
Kalodner of Offchain Labs points to “smart contract risk broadly” as the key risk for rollup platforms like Arbitrum.
“I think that there's a reason why we go through a lot of audits on our code. And it's because writing secure code is quite hard. I think I'm quite convinced that our code is secure, but it took a lot of iterations of audits to get back and being confident, essentially, it's hard. You can never be 100% confident on any of this stuff,” he said.
If code is buggy, there needs to be a way for developers to quickly upgrade a rollup’s systems in order to protect users.
Today, Optimism and Arbitrum have systems that grant their teams the ability to quickly upgrade their software to fix unforeseen issues.
But upgradability leads to a sort of Catch-22 for rollup platforms.
“On the one hand, you'd like your contracts to be immutable,” said Kiepuszewski, because updates can be used to “upgrade the contract to something that is either outright malicious or is buggy.”
To explain why upgrades can be dangerous, Kiepuszewski mentioned August’s Nomad bridge attack, where a buggy upgrade enabled the theft of nearly $200 million.
“Upgrades are extremely dangerous,” said Kiepuszewski. “But on the other hand, if there is a bug and you discover it you definitely want to upgrade to a version that does not have a bug. So you've got those two conflicting needs and you have to somehow try to take both into account.”
In the long term, Optimism and Arbitrum both plan to further safeguard and decentralize their upgrade processes. Doing so in a manner that prevents malicious upgrades while still preserving security will prove difficult.
“Living on the cutting edge of technical evolution comes with great advantages in terms of features, but also certainly comes with, you know, some elevated degrees of risk,” Kalodner said.
The rollup race
Optimism and Arbitrum, the largest rollup platforms by far, are by no means the only layer 2 teams that have been forced to make compromises in order to develop safely and quickly.
Moreover, while it is difficult to know whether everyday users are aware of their current risks, the teams behind both projects have been relatively forthcoming when it comes to disclosing risk.
“Some teams are more upfront about the risks. They do inform their users that the system is, so far, not yet decentralized – they've got a lot of training wheels,” said Kiepuszewski.
But not all teams have been so honest, he added. “I'd say that some teams have a different marketing strategy and it's almost like fine print somewhere in the documentation.”
Moreover, said Kiepuszewski, “We’ve found over the years that there's a lot of discrepancy between documentation and actual code.”
As Ethereum’s rollup race heats up, definitions are only becoming blurrier for end users.
Upcoming “zero-knowledge” rollups from Polygon, Scroll and Matter Labs will theoretically offer a large number of benefits over the incumbents, but their added complexity could leave them even more vulnerable to hacks and centralization, at least in the short term.
Precisely what these vulnerabilities are, however, is not always made clear from the outset.
What is clear is that while Ethereum’s rollup-centric roadmap may finally be taking form, it will be a while before using these platforms will be as safe and decentralized as using Ethereum’s main network.