Why Incentive Audits Are Critical for Restaking

Top-tier operators like Figment and Staked can form implicit cartels, centralizing validation power and extracting maximal MEV. This undermines the decentralized security premise of networks like EigenLayer and Babylon.

• Risk: >33% of stake controlled by a few entities creates liveness/consensus risks.
• Consequence: Reduced censorship resistance and potential for coordinated downtime.

A single slashing event on an Actively Validated Service (AVS) like EigenDA or Omni Network can trigger liquidations across hundreds of operators simultaneously. This creates systemic, non-correlated risk for the entire restaking pool.

• Mechanism: Faulty oracle data or buggy middleware triggers mass, automated slashing.
• Scale: A $1B+ TVL pool can face >10% instantaneous devaluation.

During a crisis, the 7-day+ exit queue for EigenLayer becomes a liquidity death spiral. Panicked LST withdrawals (e.g., stETH) depress collateral value, triggering further liquidations in DeFi protocols like Aave and Compound.

• Feedback Loop: Falling LST price → More liquidations → Longer exit queues.
• Result: Protocol insolvency spreads from restaking layer to money markets.

Operators are incentivized to opt into the highest-yielding AVSs regardless of risk, creating a "Yield > Security" equilibrium. This leads to over-subscription of complex, untested services, increasing the attack surface for the whole system.

• Behavior: Operators chase >10% APY from nascent AVSs over secure, low-yield options.
• Outcome: The network's security is gated by its riskiest, most incentivized component.

Operators running MEV-Boost on Ethereum are financially incentivized to reorg chains for profit. This directly conflicts with the liveness guarantees required by AVSs like Hyperlane or AltLayer rollups, which assume honest block production.

• Conflict: $1M+ MEV opportunity can justify delaying or censoring AVS transactions.
• Failure: AVS state attestations fail, causing slashing for honest operators.

In permissionless AVS networks, rational operators will minimize work while collecting rewards, relying on a minority of honest nodes to perform computations. This leads to under-provisioned security and increased latency for end-users.

• Dynamic: Why run a costly EigenDA node if 90% of others are doing it?
• Result: Service degradation and increased vulnerability to 51% collusion of the few active nodes.

Unchecked incentives create correlated slashing risk across the entire EigenLayer ecosystem. A single AVS failure can trigger a domino effect, wiping out billions in TVL and eroding the security of all dependent protocols.

• Correlated Failure: Misaligned penalties cause mass, simultaneous slashing.
• Systemic Contagion: Risk propagates from one AVS to the entire restaking base.
• Capital Flight: Loss of confidence triggers rapid, destabilizing withdrawals.

AVS operators are incentivized to restake with the highest-yielding, often riskiest, services first. This creates a tragedy of the commons where security is a public good no one pays for adequately.

• Adverse Selection: Capital chases yield, ignoring underlying risk.
• Security Dilution: The safest AVSs are under-secured.
• Pricing Failure: Market does not accurately price slashing risk.

AVS protocols design rewards to attract capital, not to ensure long-term security. Restakers (LST holders) bear 100% of slashing risk for a fraction of the reward, creating a fundamental principal-agent problem.

• Risk-Reward Skew: AVS captures upside, restaker absorbs catastrophic downside.
• Opaque Models: Staking rewards often obscure true risk-adjusted returns.
• Governance Capture: AVS tokenomics can prioritize protocol growth over restaker safety.

Audits must move beyond code to model economic attacks. Use agent-based simulations (like Gauntlet, Chaos Labs) to stress-test incentive parameters under extreme market conditions and adversarial behavior.

• Stress Testing: Model 3-sigma events and coordinated attacks.
• Parameter Optimization: Calibrate slashing penalties to actual cost of corruption.
• Dynamic Adjustments: Build mechanisms for real-time parameter updates based on network health.

Implement a risk-rating framework (like credit ratings for AVSs) that forces transparency. This allows restakers to allocate capital based on verified security, not just advertised APY, creating a market for safety.

• Standardized Metrics: Quantify slashing conditions, operator concentration, and code maturity.
• Capital Efficiency: High-score AVSs attract capital at lower reward rates.
• Systemic Monitoring: Continuous scoring detects emerging risks across the ecosystem.

Break the monolithic risk bundle. Force AVSs to attract security individually via explicit, granular opt-ins. This eliminates involuntary risk exposure and makes the cost of security explicit for each service.

• Granular Risk: Restakers choose which AVSs to secure, not a blanket approval.
• True Pricing: Each AVS must justify its security cost to the market.
• Contagion Firewall: Isolates failure to consenting participants only.