Why Ethereum Layer-2s Aren’t As Safe As You May Think

Key Takeaways

• While the growth of Ethereum L2s is encouraging, it’s important to understand that they have several unique risks.
• For this reason, it’s false to assume that the security of L2s is the same as Ethereum mainnet.
• Centralisation and security risks are the most pressing concerns for Ethereum L2s. These risks relate to things like who has special upgrade rights, where transaction data is stored, and more.
• Encouragingly, many L2s have plans to progressively decentralise. However, it’s unclear how long this will take to achieve.

L2 Security ≠ Ethereum Security

Ethereum L2s sure are growing fast. Today, many of them have their own tokens and, in total, they process around 30M transactions per day and are responsible for nearly $10B of value locked.

But did you know these networks aren’t as decentralised as you may think?

Indeed, these networks are still centralised and pose a relatively high risk to users. As such, many falsely assume that using an Ethereum L2 network is the same as using Ethereum. This is not true, at least for now.

Value locked in all Ethereum L2s, since Nov. 2019 (Source: L2BEAT)

What constitutes an L2?

There’s still no widespread agreement over what being “secured by Ethereum” actually means. Similarly, debate over the definition of an L2 is ongoing.

To keep it general, when an L2 claims that it’s “secured by Ethereum,” it means that all transactions are settled to Ethereum without censorship or modification.

However, these networks do not inherit all of Ethereum’s decentralisation and have weaker security guarantees in other areas, such as upgradability and relying on central operators to patrol the network (explored further below).

L2s remain in development with unique risks

While these very new networks are “secured” by Ethereum to varying degrees, many still have centralised controls and other security risks. Simply put, L2 security ≠ Ethereum security.

Centralisation & Security Risks

Centralisation and security risks are closely related and are the two most pressing concerns for Ethereum L2s. Without getting too technical, I dive into a few of the most common centralisation and security risks. (These risks vary between each L2.)

Relying on multiple controllers

Early in a project’s lifecycle, a multi-sig will exist. (A multi-sig is like a vault where multiple keys are needed to make a change or move funds.) Multi-sigs pose a significant security risk if they are compromised. Arguably, they are a point of failure in the unlikely event a government seizes, changes or takes control of a particular L2.

Who can “upgrade” the chain?

Many Ethereum L2s still have “back door” access to unilaterally upgrade the chain. These networks are still early and have significant upgrades to pass through, so there needs to be a way to upgrade the chain for performance or new features. For now, this special authority is seen as a necessary evil. After all, in the case of an emergency (e.g. hackers are exploiting a critical bug), having the ability to fix the bug quickly could prevent a heavy loss of user funds.

The risk here is that if L2s can’t quickly decentralise, they may face regulatory pressures to, for example, force a chain rollback if an L2 user violates OFAC sanctions.

Example: Optimism almost crashed before it started, with the team patching an exploit that could’ve produced ‘infinite money’.

Confirming accuracy (prover)

A more technical word for this is ‘state validation’, but it just means who is in charge of confirming all transactions are correct and no one is cheating.

A ‘prover’ proves these transactions are correct before posting them back to Ethereum. It’s critical that this process is publicly verifiable and not controlled by a central party.

Example: Many provers are in development (e.g. OP Mainnet, Base, Mantle)—meaning it’s highly centralised and users rely on the operators to be truthfully checking no one is cheating—or only whitelisted actors perform this role (e.g. Arbitrum One).

Offchain data storage

To produce cheap gas fees, certain scalability solutions will make tradeoffs by storing some data offchain. This increases security risk as the funds can be lost if this offchain data becomes unavailable.

Some will store data offchain and only post updates to Ethereum (called ‘validiums’). Likewise, some L2s plan to use other services (e.g. Celestia) to store data before posting to Ethereum. For many, these do not constitute ‘Ethereum L2s’ but something in the middle.

Example #1: Immutable X trusts a permissioned 8-member committee to store transaction data offchain. (See section 5.1.3 of the Immutable X whitepaper (v1.2) for more on this.)

Example #2: Arbitrum Nova accepts an extra trust assumption in exchange for lower fees by relying on a 7-member committee of trusted entities (e.g. Google, OpenSea, Reddit) to store data offchain and provide it on demand.

Sequencer centralisation

L2s have actors (i.e. sequencers) whose role is to order (i.e. sequence) users’ transactions, batch them, and submit them to Ethereum mainnet. Today, the role of the sequencer is performed by a single party.

While most L2s have a way to circumvent a sequencer, the reality is that basically all users trust the sequencer to act honestly and to order their transactions fairly. A malicious or faulty sequencer could delay the inclusion of user’s transaction by a short period of time.

Example #1: The Optimism Foundation currently runs the sole sequencer on OP Mainnet. Plans exist to progressively decentralise the sequencer.

Example #2: The Arbitrum Foundation currently runs the sole sequencer on the Arbitrum One and Nova chains.

Failure of core systems

Overall security issues are also present if either core systems, the sequencer, or the provers incur problems. Likewise, sometimes, the L2 chain itself may have problems. It may mean users cannot withdraw funds back to Ethereum L1.

Example: In early September, Base had issues producing blocks for nearly an hour.

What Does This Mean For You?

It’s not all doom and gloom. You can protect yourself against these risks in certain ways.

• Follow the L2s closely: These networks will have significant updates that could affect you. For example, a recent Starknet upgrade resulted in certain users essentially being blocked from accessing their wallets. (This was later reversed after community backlash.)
• Often, there is an escape hatch: In the case of an upgrade to a chain that may vote to steal funds, you’ll often get a limited window of opportunity to withdraw.
• Don’t go ‘all in’ on L2s: Very new L2s are likely more buggy and, therefore, riskier to deposit into and use. More established L2s are safer but still have a lot of unique risks compared to Ethereum mainnet. Ultimately, it’s important not to keep all your funds on them, especially newer L2s.
• Understand the unique risks of the L2s you use: One of the best ways to protect yourself is to understand the risks of the particular network you’re using. The most useful information is often in the network’s documentation.

Can These Risks Be Overcome?

Certain L2s and their native tokens could fail if these centralisation and security risks are not overcome. For what it’s worth, most L2s and other scalability solutions are taking steps to address these risks. Below are some examples.

• Base’s decentralisation plans were recently shared. Also, on the same day, Coinbase detailed its neutrality principles for Base.
• Arbitrum transitioned upgradability powers towards community governance in March. Proposed upgrades must be approved by the Arbitrum DAO. While an elected security council does exist for emergency situations (e.g. to fix a critical vulnerability), the DAO can vote to dissolve it at any time.
• More relevant info: The state of Arbitrum’s progressive decentralization
• Immutable launched the testnet of Immutable zkEVM, its own fully backed Ethereum network.
• Polygon Labs shared plans in June to increase the extent to which its Polygon PoS sidechain leverages Ethereum’s security. In March, it also launched Polygon zkEVM, a solution that most people would agree is an Ethereum L2.
• More relevant info: Polygon 2.0: Governance
• Optimism released a major upgrade (‘Bedrock’) in June. Among many other benefits that Bedrock provided, it was necessary to be able to implement a prover to decentralise the role of who confirms the chain’s accuracy. The Optimism Foundation is overseeing an 11-stage roadmap to fully decentralise the Optimism protocol, and will eventually dissolve.

Optimism roadmap to decentralisation (Source: Optimism)

The next couple of years loom as critical for these L2s as they shed their training wheels and decentralise core operations. If they can overcome security risks and successfully decentralise, the beneficiaries should be L2 networks and their native tokens, as well as Ethereum in general.

How to Guage These Risks or Decentralisation

Unfortunately, there is no standard framework for measuring the risks of L2s. That said, more people are starting to use a framework by L2BEAT to assess the maturity of a given L2. This framework includes the following 3 stages:

• Stage 0 (full training wheels): The operators are effectively in charge of running the rollup. Examples are Base and OP Mainnet.
• Stage 1 (limited training wheels): Transitions the governance of core operations (e.g. proving) by smart contracts; however, a security council might remain in place. An example is Arbitrum One.
• Stage 2 (no training wheels): The final stage where community-owned smart contracts fully manage the rollup. No L2 is at this stage.

L2BEAT’s summary dashboard, ordered by TVL (Source: L2BEAT)

See what stage each L2 is currently at by viewing the ‘Risk Analysis‘ section of L2BEAT. Click on any L2 for a more comprehensive risk analysis.