Discussion on the Development Stages of Security in L2 Networks

In the Ethereum ecosystem, the security of L2 networks has always been a focal point of community attention. Recently, community members have discussed the developmental stages of security for L2 networks. Some proposed the concept of "BattleTested", suggesting that only L2 networks that have been running on the mainnet for over 6 months, with a TVL maintained above $100 million, and at least $50 million of that in ETH and major stablecoins, can earn this title.

Ethereum co-founder Vitalik Buterin shared his views on this topic. He divided the security development of L2 networks into three stages:

1. Phase 0: The security committee has full control and can override the results of the proof system.

2. Phase 1: A 75% agreement from the security committee members is required to override the proof system, and there must be sufficient external members participating.

3. Phase 2: The Security Committee can only intervene when a provable error is demonstrated in the system and can only choose one of the proposed answers.

Vitalik believes that the best time to transition from one phase to the next depends on the level of trust in the proof system. He proposed a simplified mathematical model to quantify this process, assuming that each member of the security committee has a 10% independent failure probability, and analyzed the likelihood of system failure at different stages.

According to this model, as the quality of the proof system improves, the optimal choice shifts from stage 0 to stage 1, and then to stage 2. However, Vitalik also pointed out that this simplified model has some limitations, such as not considering the potential correlations among members of the security committee, as well as the possibility that the proof system may consist of multiple independent systems.

Vitalik suggested that, from a mathematical perspective, jumping directly from Phase 0 to Phase 2 might be more reasonable. However, he also warned that entering Phase 2 too early could be risky, especially if it compromises the strengthening work of the underlying proof system.

He suggested that data providers like L2Beat should display audit and maturity indicators of the proof systems to help users and developers better understand the security status of L2 networks. These indicators should preferably be focused on the implementation of the proof systems rather than the entire aggregation system, in order to facilitate reuse across different projects.

Overall, Vitalik's analysis emphasizes the need to balance risk and efficiency when advancing the security development of L2 networks. As technology continues to evolve, the security models of L2 networks will also continue to evolve to meet the growing user demands and market expectations.