In March, the Cosmos community unanimously passed the vote to add shared security, known as replicated security in Cosmos, to its chain and launched in the same month in the v9-Lambda Upgrade. (Codebase here)
Currently, Neutron, a smart contract platform geared towards DeFi, is going through a community vote to launch with replicated security setup. (Proposal here)
In Neutron’s case, The Cosmos Hub will receive 25% of transaction fees and miner extractable value (MEV) from the Neutron chain, as well as 7% of the supply of its NTRN tokens.
Shared Security Basics And Value
A shared security model is a concept used in some blockchain networks, mostly multichain setups, where multiple blockchains or sidechains share the same security infrastructure, such as consensus algorithms and validators. This model helps to enhance the security and interoperability of the participating chains.
The reason why such is the case is that nascent blockchains typically have very few validator nodes on the network to rely on for proposing and validating blocks and reaching consensus. This is to say, it is easier for attackers to control a greater portion of the network and enter false transactions onto the blockchain.
Some possible attacks against validators include:
Sybil attack: An attacker creates multiple fake validator identities, attempting to gain control over a significant portion of the network's validation power. In a Sybil attack, the attacker aims to influence the consensus process, manipulate transaction validation, or execute double-spending attacks.
Long-range attack: In this attack, a malicious validator creates a fork in the blockchain, starting from a point far from the past. They then attempt to make this fork the dominant chain by manipulating consensus, effectively rewriting the transaction history. Long-range attacks are more challenging to execute in networks with strong finality guarantees and checkpoint mechanisms.
Eclipse attack: In an eclipse attack, the attacker isolates a validator or a group of validators by controlling all their network connections. This prevents the targeted validators from receiving or broadcasting accurate network information, allowing the attacker to manipulate consensus or execute double-spending attacks.
Bribery attack: An attacker offers financial incentives to validators to act maliciously, such as voting for a specific block or withholding their votes. This can lead to collusion between validators and disrupt the consensus process.
DDoS attack: A Distributed Denial of Service (DDoS) attack targets validators by overwhelming them with a large volume of network traffic, rendering them unable to communicate with the rest of the network. This can disrupt the consensus process and potentially allow malicious validators to take control.
Validator front-running: In this attack, a validator exploits their privileged position in the network to manipulate transactions for personal gain. For example, a validator may reorder transactions within a block to benefit from arbitrage opportunities or censor specific transactions to gain an advantage in a decentralized market.
Rogue-key attack: An attacker compromises a validator's private key, gaining control over their staking tokens and voting power. This can lead to the attacker manipulating the consensus process or executing other malicious activities on behalf of the compromised validator.
With more nodes on the network, or relying on a greater number of nodes, there is less risk of attackers controlling a portion of validator nodes.
Where are they implemented?
As mentioned above, shared security is typically employed in multichain setups. Below are where shared security is implemented.
Polkadot & Kusama
Polkadot is a heterogeneous multi-chain network that uses a shared security model to provide security to its parachains.
Kusama is a scalable, multi-chain platform designed for high-risk, experimental projects and early-stage deployments. Often referred to as the "canary network" or the "cousin" of Polkadot, Kusama shares many similarities with Polkadot in terms of architecture, design, and shared security. However, Kusama is more focused on innovation and rapid development, featuring faster governance mechanisms and lower barriers to entry.
The shared security model in Polkadot and Kusama is implemented through the Relay Chain, parachains, and various roles of network participants.
Relay Chain: The Relay Chain is the central chain of the Polkadot and Kusama ecosystems. It is responsible for coordinating communication between parachains and providing security to the entire network. The consensus mechanism used by the Relay Chain is Nominated Proof-of-Stake (NPoS), which is a variation of the traditional Proof-of-Stake (PoS) consensus mechanism.
Parachains: Parachains are individual blockchains that connect to the Relay Chain, benefiting from the shared security model. Parachains are heterogeneous and can be designed to fulfill specific use cases. They can also communicate with one another through the Relay Chain, which enables cross-chain transactions and information sharing.
Network Participants: Polkadot's and Kusama’s shared security model rely on different roles performed by network participants, including Validators, Collators, Nominators, and Fishermen.
Validators: Validators are responsible for validating and finalizing blocks on the Relay Chain. They are selected by the NPoS mechanism and must stake the native DOT token as collateral. Validators ensure the security and proper functioning of the network.
Nominators: Nominators are DOT holders who participate in the security of the network by staking their tokens to back trustworthy validators. By doing so, they share in the rewards and risks associated with the validators they support.
Collators: Collators are responsible for maintaining parachains and creating block candidates to be included in the Relay Chain. They collect parachain transactions, execute them, and generate proofs to be validated by the validators.
Fishermen: Fishermen are network participants who monitor the network for misbehavior and report it to validators. They have the incentive to do so, as they receive a portion of the slashed stake if they successfully report a malicious actor.
Read more here.
Avalanche
Avalanche is a decentralized, high-throughput, and scalable blockchain platform designed for creating and launching custom blockchain networks, digital assets, and decentralized applications.
Avalanche's shared security model is implemented through its unique consensus protocol called Avalanche Consensus, which is based on the Snow family of protocols. The consensus mechanism incorporates elements of both Nakamoto Consensus (used in Bitcoin) and Classical Consensus (used in traditional distributed systems).
Consensus Protocol: The Avalanche Consensus protocol is a leaderless, metastable consensus mechanism that provides robust security and rapid finality. Instead of relying on a single leader to propose and validate blocks, the protocol uses a random sampling of network validators to achieve consensus. This design allows for high throughput, low latency, and a high degree of decentralization.
Subnetworks: Avalanche is organized into subnetworks, which are custom blockchain networks built on the Avalanche platform. Each subnetwork can have its own validators, consensus mechanism, and token economics. This structure enables shared security across the entire ecosystem, as validators can secure multiple subnetworks simultaneously.
Validators and Delegators:
Validators: Validators are nodes that participate in the consensus process, proposing and validating blocks. They stake the native AVAX token as collateral to ensure their commitment to the network. Validators can secure multiple subnetworks, allowing them to maximize the utilization of their resources and contribute to the shared security model.
Delegators: Delegators are AVAX token holders who do not run a validator node themselves but delegate their tokens to existing validators. By doing so, they support the security of the network and share in the rewards earned by the validators.
What's unique about Avalanche's shared security model is its innovative consensus mechanism, which enables high throughput, rapid finality, and strong security without compromising decentralization.
Additionally, the flexible subnetwork structure allows for the creation of custom blockchain networks with unique features, while still benefiting from the shared security provided by the Avalanche ecosystem. This combination of performance, security, and customizability makes Avalanche a powerful platform for building and deploying a wide range of decentralized applications and digital assets.
Read more here.
Cosmos
Cosmos is a decentralized ecosystem of independent, scalable, and interoperable blockchains, aiming to solve the problems of scalability, usability, and interoperability in the blockchain space.
The Cosmos shared security model is implemented differently from the likes of Polkadot and Kusama, as it primarily focuses on creating a network of interconnected, sovereign blockchains called zones.
Cosmos Hub: The Cosmos Hub is the central blockchain in the Cosmos ecosystem, and its primary purpose is to facilitate communication and interoperability between the various zones. However, unlike Polkadot or Kusama, the Cosmos Hub does not provide shared security for all connected blockchains. Each zone in the Cosmos ecosystem is responsible for its own security and consensus mechanism.
Zones: Zones are individual, sovereign blockchains built using the Cosmos SDK, which is a modular framework for building application-specific blockchains. Each zone can have its own consensus mechanism, governance model, and token economics, making them highly customizable and adaptable to specific use cases.
Tendermint Consensus: Tendermint is a Byzantine Fault Tolerant (BFT) consensus algorithm used in the Cosmos ecosystem. It is designed for high performance and security, making it a popular choice for zones built with the Cosmos SDK. Tendermint allows zones to have their own set of validators, who stake tokens to participate in the consensus process.
Inter-Blockchain Communication (IBC) Protocol: The IBC protocol enables communication and asset transfers between sovereign blockchains within the Cosmos ecosystem. While it does not provide shared security, the IBC protocol is crucial for enabling interoperability, which is a core feature of Cosmos.
What's unique about Cosmos's approach to security is that it emphasizes the sovereignty and independence of individual blockchains. Each zone is responsible for securing its own network, allowing for a more flexible and customizable approach to security. This is in contrast to the shared security models implemented by Polkadot and Kusama, where the Relay Chain provides security for all connected parachains.
Read more here.
Final Thoughts
Security is a crucial component of blockchains with risks of attackers controlling the network thus rendering its primary function as a distributed ledger useless.
Shared security is important as chains can rely on a shared set of validators and consensus and thus have fewer worries to concern about.
This not only reduces the entry barrier for prospective layer-1 projects but also, by extension, encourages the proliferation of different blockchain configurations to be set up allowing for a more vibrant multichain universe going forward.