From c00ebc1dee698b13085d13907fd0eef9252dc707 Mon Sep 17 00:00:00 2001 From: Daniel Goldman Date: Mon, 19 Sep 2022 16:09:37 -0400 Subject: [PATCH] update inside arbitrum: validation (#1139) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * update inside arbitrum — clarify validators * update w/ PR suggestions Co-authored-by: Harry Kalodner --- docs/inside-arbitrum-nitro/inside-arbitrum-nitro.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/docs/inside-arbitrum-nitro/inside-arbitrum-nitro.md b/docs/inside-arbitrum-nitro/inside-arbitrum-nitro.md index f01fa94705..385ce10eee 100644 --- a/docs/inside-arbitrum-nitro/inside-arbitrum-nitro.md +++ b/docs/inside-arbitrum-nitro/inside-arbitrum-nitro.md @@ -200,7 +200,7 @@ You might wonder why we need the rollup protocol. If everyone knows the results With those preliminaries behind us, let’s jump into the details of the rollup protocol. -The parties who participate in the protocol are called _validators_. Anyone can be a validator. Some validators will choose to be stakers--they will place an ETH deposit which they’ll be able to recover if they’re not caught cheating. These roles are permissionless: anyone can be a validator or a staker. +The parties who participate in the protocol are called _validators_. Some validators will choose to be stakers--they will place an ETH deposit which they’ll be able to recover if they’re not caught cheating. In the common case, it's expected that only one validator will be staked, since as long as it's staked on the current outcome, and there are no conflicting claims, there's no need for other parties to stake / take any action. The protocol allows for these roles to be permissionless in principle; currently on Arbitrum One, validators/stakers are whitelisted (see ["mainnet beta status"](../mainnet-beta.md)). "Watchtower validators," who monitor the chain but don't take any on-chain actions, can be run permissionlessly (see ["validators"](#validators) below). The key security property of the rollup protocol is that any one honest validator can force the correct execution of the chain to be confirmed. This means that execution of an Arbitrum chain is as trustless as Ethereum. You, and you alone (or someone you hire) can force your transactions to be processed correctly. And that is true no matter how many malicious people are trying to stop you. @@ -364,9 +364,9 @@ Some Arbitrum nodes will choose to act as _validators_. This means that they wat Not all nodes will choose to do this. Because the rollup protocol doesn’t decide what the chain will do but merely confirms the correct behavior that is fully determined by the inbox messages, a node can ignore the rollup protocol and simply compute for itself the correct behavior. For more on what such nodes might do, see the [Full Nodes](#full-nodes) section. -Being a validator is permissionless--anyone can do it. Offchain Labs provides open source validator software, including a pre-built Docker image. +Offchain Labs provides open source validator software, including a pre-built Docker image. -Every validator can choose their own approach, but we expect validators to follow three common strategies. +Every validator can choose their own approach, but we expect validators to follow three common strategies: - The _active validator_ strategy tries to advance the state of the chain by proposing new RBlocks. An active validator is always staked, because creating an RBlock requires being staked. A chain really only needs one honest active validator; any more is an inefficient use of resources. For the Arbitrum One chain, Offchain Labs runs an active validator. - The _defensive validator_ strategy watches the rollup protocol operate. If only correct RBlocks are proposed, this strategy doesn't stake. But if an incorrect RBlock is proposed, this strategy intervenes by posting a correct RBlock or staking on a correct RBlock that another party has posted. This strategy avoids staking when things are going well, but if someone is dishonest it stakes in order to defend the correct outcome. @@ -374,7 +374,9 @@ Every validator can choose their own approach, but we expect validators to follo Under normal conditions, validators using the defensive and watchtower strategies won’t do anything except observe. A malicious actor who is considering whether to try cheating won’t be able to tell how many defensive and watchtower validators are operating incognito. Perhaps some defensive validators will announce themselves, but others probably won’t, so a would-be attacker will always have to worry that defenders are waiting to emerge. -Who will be validators? Anyone can do it, but most people will choose not to. In practice we expect people to validate a chain for several reasons. +The underlying protocol supports permissionless validation, i.e.,--anyone can do it. Currently on Arbitrum One, validators that require stake (i.e., active and defensive validators) are whitelisted; see ["mainnet beta status"](../mainnet-beta.md). + +Who will be validators? Anyone will be able to do it, but most people will choose not to. In practice we expect people to validate a chain for several reasons. - Some validators will be paid, by the party that created the chain or someone else. A portion of the funds from user transaction fees are used to pay validators on Arbitrum One and Arbitrum Nova. - Parties who have significant assets at stake on a chain, such as dapp developers, exchanges, power-users, and liquidity providers, may choose to validate in order to protect their investment.