The security budget problem is the core economic vulnerability of a post-merge Ethereum. Validator rewards are now funded by block space demand and MEV extraction, not a predictable inflation schedule.
liquid-staking-and-the-restaking-revolution
Blog
The Future of Ethereum's Security Budget: Who Really Pays?
The Merge ended ETH issuance to PoW miners, shifting the security 'budget' from inflation to slashing risk absorbed by restakers. This analysis breaks down the new economic model and its systemic implications.
introduction
THE INCENTIVE MISMATCH
Introduction
Ethereum's security model faces a fundamental economic challenge as its primary revenue source shifts away from direct user payments.
Protocols, not users, are the primary payers. Layer 2s like Arbitrum and Optimism and applications like Uniswap and Aave consume the majority of blockspace, making their success the new foundation for validator revenue.
Evidence: Over 90% of Ethereum's base fee revenue now originates from L2 sequencer batches and large DEX arbitrage bundles, creating a fragile dependency on a handful of high-volume applications.
key-trends
WHO PAYS FOR SECURITY?
Executive Summary: The New Security Calculus
Ethereum's security budget is shifting from pure issuance to a multi-layered model, forcing protocols to internalize their own security costs.
01
The Problem: The L2 Free-Rider Dilemma
Layer 2s like Arbitrum and Optimism derive security from Ethereum but pay a negligible fraction of the cost. This creates a $40B+ TVL security subsidy, making the base layer's $20B+ annualized security budget unsustainable as L2 activity grows.
- Economic Mismatch: L2s capture most value but externalize security costs.
- Fee Market Pressure: L1 fees are volatile and insufficient; ~85% of fees are burned, not paid to validators.
- Long-Term Risk: Security becomes a public good tragedy if not properly priced.
$40B+
L2 TVL Subsidy
~85%
Fees Burned
02
The Solution: Restaking & Shared Security Markets
EigenLayer creates a marketplace where ETH stakers can opt-in to secure new systems (AVSs), allowing L2s and other protocols to rent Ethereum's trust. This internalizes security costs.
- Capital Efficiency: $16B+ TVL in EigenLayer recycles staked ETH for additional yield and security.
- Protocol-Level Pricing: L2s like Mantle and Karak pay for security via fees to AVS operators.
- New Security Stack: Enables decentralized sequencers, oracles (e.g., EigenDA), and bridges without bootstrapping new trust networks.
$16B+
Restaked TVL
Opt-In
Security Model
03
The Contender: L2 Native Staking (Celestia Model)
Modular data availability layers like Celestia and EigenDA allow L2s to source cheap data and secure their own execution with a smaller, dedicated validator set. This decouples execution security from Ethereum consensus.
- Cost Reduction: Data costs can be >100x cheaper than Ethereum calldata.
- Sovereign Security: L2s like dYmension or Fuel maintain their own light-client-based fraud/validity proofs.
- Trade-off: Accepts weaker liveness guarantees and a new trust assumption for data availability.
>100x
Cheaper Data
Modular
Security Stack
04
The Endgame: A Multi-Tiered Security Economy
The future is not one model, but a risk-adjusted marketplace. High-value DeFi (e.g., Aave, Uniswap) will pay for Ethereum + EigenLayer security. Cost-sensitive apps will use modular stacks with Celestia + a small validator set.
- Security as a Service: Protocols will mix-and-match security providers based on SLAs and cost.
- Validator Specialization: Stakers will choose portfolios of AVSs based on risk/reward, creating a credit market for cryptoeconomic security.
- Result: Ethereum's security budget becomes a voluntary, priced service, not an untargeted subsidy.
Risk-Adjusted
Pricing
Marketplace
Model
thesis-statement
THE ECONOMIC SHIFT
The Core Argument: From Inflationary Subsidy to Risk-Tax
Ethereum's security model is transitioning from a direct, inflationary subsidy to an indirect, user-paid risk tax on cross-domain activity.
The subsidy is ending. Ethereum's security budget historically came from block rewards and MEV, a direct subsidy from protocol inflation. Post-merge, this is unsustainable; new issuance is near-zero, and MEV is contested.
Users now pay the tax. The new security budget is a risk premium embedded in every cross-chain transaction. When a user bridges from Arbitrum to Base via Across or Stargate, the fee includes a cost for the systemic risk of a reorg or liveness failure.
L2s are the tax base. Rollups like Arbitrum and Optimism do not directly pay Ethereum for security; their users do. Every L2 withdrawal or cross-L2 swap funnels a risk-tax into the validator set via L1 gas fees and sequencer/prover commitments.
Evidence: The proposer-builder separation (PBS) and EigenLayer formalize this. PBS allows validators to monetize cross-domain risk ordering. EigenLayer lets them restake to secure external systems like AltLayer or Lagrange, directly converting risk into yield.
THE FUTURE OF ETHEREUM'S SECURITY BUDGET
Security Budget: Old World vs. New World
A comparison of funding models for Ethereum's consensus security, analyzing who bears the cost and the resulting economic incentives.
| Feature / Metric | Old World: L1 Fee Burn | New World: Restaking (EigenLayer) | New World: L2 Revenue Sharing |
|---|---|---|---|
Primary Payer | L1 Users (Gas Fees) | Restakers (Capital Opportunity Cost) | L2 Users & Sequencers (Protocol Fees) |
Security Budget Source | ETH Burn (EIP-1559) | Capital Allocated from ETH Staking | Revenue from L2 Transaction Fees |
Annualized Security Spend (Est.) | $3.7B (2023 actual) | $16B+ (TVL-based opportunity cost) | $150M - $500M (current L2 revenue) |
Yield Source for Payers | N/A (Pure Burn) | AVS Rewards (e.g., EigenDA, Omni) | L2 Native Token Emissions / Profit |
Security Re-Circulation | No (Value Destroyed) | Yes (Value Recycled to Restakers) | Partial (Value Shared with Stakers/DAO) |
Max Theoretical Budget (vs. ETH Staked) | ~1-3% of Staked ETH Value | Uncapped (Liquid Restaking Derivatives) | Capped by L2 Fee Revenue |
Key Systemic Risk | Deflationary Spiral in Low Usage | Collateral Rehypothecation & Slashing Cascades | L2 Economic Viability & Token Volatility |
Major Proponents / Examples | Ethereum Foundation, Core Devs | EigenLayer, ether.fi, Renzo | Arbitrum (STIP), Optimism (RetroPGF), Polygon (zkEVM) |
deep-dive
THE BUDGET SHIFT
The Mechanics of the Risk Transfer
Ethereum's security budget is migrating from direct protocol issuance to a system where users and applications implicitly subsidize stakers via MEV and L2 payments.
The subsidy is now implicit. The post-Merge security budget no longer relies solely on ETH issuance to validators. It is increasingly funded by transaction fees and MEV extracted from users, creating a hidden tax on economic activity.
L2s are primary payers. Rollups like Arbitrum and Optimism contribute massively via L1 data posting fees and bridge security assumptions. Their sequencers capture MEV and pay for L1 blockspace, directly funding validator rewards.
Users bear the ultimate cost. Protocols like Uniswap and Aave generate the arbitrage and liquidations that validators and builders extract. Every swap or loan liquidation is a micro-contribution to Ethereum's security via proposer-builder separation (PBS).
Evidence: In 2023, MEV and priority fees constituted over 30% of validator rewards, a figure that will dominate post-ETF issuance reduction. L2s now account for over 90% of Ethereum's calldata usage, directly paying for L1 security.
risk-analysis
SECURITY BUDGET CRISIS
The Bear Case: Systemic Risks of the New Model
Ethereum's post-merge security model faces a fundamental economic challenge as block rewards decline.
01
The Fee Burn vs. Validator Revenue Dilemma
EIP-1559's fee burn directly conflicts with validator revenue, creating a zero-sum game for the security budget. High burn during congestion starves validators, while low fees post-L2 migration may fail to secure a $500B+ asset base. The system assumes perpetual demand for expensive blockspace, a bet that ignores L2 efficiency gains.
-90%
Issuance Post-Merge
$10B+
Annual Burn (Peak)
02
L2s as Free-Riders on Security
Rollups like Arbitrum, Optimism, and zkSync outsource data availability and consensus to Ethereum while capturing most fee revenue. They pay only for L1 calldata, a fraction of their total value secured. This creates a tragedy of the commons: L2s economically incentivized to minimize L1 payments, degrading the security they depend on.
10-100x
Cheaper L2 Tx Cost
>70%
Txn Share Off-L1
03
The MEV-Cartel Endgame
With staking yields suppressed, professional validators will aggressively maximize MEV extraction to remain profitable. This leads to centralization around the most sophisticated operators (e.g., Flashbots, bloXroute) and private orderflow deals. The network's censorship resistance and neutrality degrade as economic security becomes reliant on extractive, opaque markets.
$1B+
Annual MEV Extracted
>60%
OFAC-Compliant Blocks
04
Stablecoin Issuers as De Facto Patrons
If organic fee revenue fails, Ethereum's security may become dependent on USDC and USDT transaction fees—a single point of failure. Regulatory action against major issuers or a mass migration to alternative settlement layers could trigger a death spiral in validator revenue, forcing emergency protocol changes.
$130B+
Stablecoin Supply
~40%
Of L1 Gas Use
05
The Inelastic Supply Shock Problem
Validator exits are rate-limited (e.g., ~8 per epoch), preventing a rapid market correction during a revenue crisis. A sustained yield drop below the cost of capital could trap 32M+ ETH in an unprofitable staking contract, disincentivizing new entrants and creating a slow-motion security decay that's hard to reverse.
32M+ ETH
Staked
~27 Days
Full Exit Queue
06
Proposer-Builder Separation (PBS) as a Stopgap
While PBS (e.g., via EigenLayer) aims to democratize MEV, it institutionalizes the revenue split between builders and proposers. It doesn't create new demand; it just reshuffles existing value extraction. If L2 adoption flattens L1 fee demand, PBS merely reallocates a shrinking pie, failing to solve the underlying budget deficit.
0
New Demand Created
100%+
Complexity Added
counter-argument
THE REAL COST
Refuting the Optimists: Is This Actually Efficient?
The 'security budget' is a misnomer; it is a regressive tax on L2 users that fails to scale with adoption.
The L2 tax is regressive. Optimism and Arbitrum users pay for Ethereum security via L1 data posting fees, but this cost is a fixed toll per transaction, not a percentage of value. A $10,000 swap and a $10 NFT mint incur nearly identical base security costs, making the system inefficient for high-value activity.
The 'budget' does not scale. The security fee is a function of L1 gas price and calldata size, not the economic throughput of the L2. As adoption grows, the total fee revenue to Ethereum validators increases linearly, but the economic security per dollar secured plummets, creating a dangerous dilution.
Evidence: A $1B daily volume rollup like Arbitrum Nova pays ~$30k/day in L1 fees. This represents a 0.003% security fee on throughput, orders of magnitude lower than the ~0.3% fee a traditional custodian charges. The security is cheap because the cost is socialized across all users, not priced per risk.
takeaways
ETHEREUM'S SECURITY BUDGET
TL;DR for Protocol Architects
The post-merge era shifts the security burden from miners to stakers and users, creating a new economic game.
01
The Problem: MEV is the Real Subsidy
Validator revenue is increasingly dominated by MEV, not base issuance. This creates a security dependency on extractive, often toxic, transaction ordering. The network's safety is subsidized by LPs and retail traders via arbitrage and liquidation bots.
- ~90% of validator profits can come from MEV in high-activity periods.
- Creates perverse incentives for validator centralization and censorship.
~90%
MEV Revenue
$1B+
Annual Extract
02
The Solution: PBS & SUAVE
Proposer-Builder Separation (PBS) and protocols like Flashbots' SUAVE aim to democratize MEV. They separate block building from proposing, creating a competitive market for block space.
- PBS enshrined in Ethereum roadmap via ePBS.
- SUAVE creates a decentralized mempool and executor network to minimize negative externalities.
- Goal: Convert toxic MEV into a transparent, redistributable fee.
ePBS
Ethereum Roadmap
100%
Censorship Resistance
03
The Payer: L2s & Restaking
Rollups and restaking protocols are becoming the primary security budget contributors. They pay for security via L1 data/DA fees and EigenLayer restaking yields, effectively monetizing Ethereum's trust.
- Arbitrum, Optimism, Base pay millions in daily L1 fees.
- EigenLayer allows staked ETH to secure AVSs, creating a new yield source.
- Future: Security becomes a service sold to other chains.
$5M+
Daily L2 Fees
$15B+
TVL Restaked
04
The Endgame: Fee Market Dominance
Long-term security relies on sustainable fee revenue exceeding issuance. This requires massive, inelastic demand for block space from DeFi, NFTs, and Identity.
- EIP-1559 burns base fees, making ETH deflationary under high demand.
- The Scalability Trilemma: L2s must scale without cannibalizing L1 fee revenue.
- Ultimate payer: The end-user of high-value, trust-sensitive applications.
>10M
TPS Required
Net Negative
ETH Issuance
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall