Why Restaking Models Are a Double-Edged Sword for Security

A single validator's stake securing multiple AVSs creates a systemic contagion vector. A slashing event on one network can cascade, liquidating collateral across dozens of others. This creates a fragile, interconnected system where failure is not isolated.

• Single point of failure for multiple protocols.
• Cascading liquidations can exceed the original slashing penalty.
• Risk assessment becomes a multi-body problem for stakers.

Protocols like Karak and Renzo abstract risk by creating dedicated vaults for specific AVSs. This compartmentalizes slashing risk and allows for tailored security budgets. Stakers choose their risk/reward profile per pool, preventing uncontrolled contagion.

• Risk siloing limits blast radius of any incident.
• Explicit yield curves for each AVS's security demand.
• Modular security allows AVSs to bid for capital without global risk.

Liquid Staking Providers (LSPs) like Lido and Rocket Pool become meta-validators in restaking. Their decisions on which AVSs to support wield enormous influence, creating a new form of governance centralization. The ecosystem's security becomes dependent on a few large LST governance tokens.

• Kingmaker risk: LSPs dictate which AVSs succeed.
• Governance attack surface shifts to LSP token holders.
• Liquidity fragmentation as LSTs choose different AVS sets.

EigenLayer allows for native restaking (direct from consensus layer) and Babylon focuses on Bitcoin restaking, reducing reliance on LSP intermediaries. This preserves validator agency and decentralizes the curation of AVSs. Direct staker-to-AVS relationships reduce meta-governance layers.

• Validator sovereignty over AVS selection.
• Reduced intermediation lowers centralization vectors.
• Cross-chain security from Bitcoin's established capital base.

Restaking rewards attract mercenary capital that will flee for better yields, creating volatile security budgets. An AVS's safety becomes a function of DeFi farming trends, not long-term commitment. This undermines the "cryptoeconomic security" premise.

• Security follows APY, not protocol utility.
• TVL crashes during bear markets cripple new networks.
• Incentive misalignment between stakers and AVS longevity.

Networks must design for sticky security through mechanisms like longer unbonding periods, vested rewards, or reputation-based systems seen in Cosmos. This aligns staker longevity with protocol health. The goal is to transform capital from a hot commodity into a committed resource.

• Long-duration staking with escalating rewards.
• Reputation scoring penalizes rapid exit.
• Security-as-a-Service with SLAs, not just yield farming.

A single fault in a major AVS like EigenLayer or EigenDA can trigger slashing that propagates across the entire restaking ecosystem. This creates a contagion risk where a failure in one service jeopardizes the security of dozens of others.

• Correlated Failure: A bug in a widely used AVS slashes the same stake securing other networks.
• Liquidation Spiral: Slashed LRTs (e.g., ether.fi, Renzo) could trigger mass liquidations in DeFi, collapsing collateral loops.

Restaking creates a powerful, centralized cartel of node operators (like Figment, Chorus One) who control the validation of hundreds of AVSs. This centralizes veto power and creates a single point of governance capture.

• Oligopoly Control: A handful of operators can dictate terms or censor transactions across the AVS stack.
• Yield Extraction: Operators can demand higher fees from AVSs, stifling innovation and passing costs to end-users.

Liquid Restaking Tokens (LRTs) like eETH and ezETH create a dangerous perception of liquidity. In a crisis, the underlying staked ETH is illiquid and subject to unbonding delays, while the LRT's peg could collapse.

• Peg Fragility: A major AVS slash could break the LRT/ETH peg, similar to the UST depeg.
• DeFi Contagion: Billions in LRTs used as collateral (on Aave, Compound) could be instantly devalued, causing systemic liquidations.

The security model of an AVS is only as strong as its weakest dependency. Operators must now manage dozens of complex, untested codebases, exponentially increasing the attack surface for exploits.

• Operator Overload: Human operators cannot adequately audit or monitor the security of 50+ AVS clients.
• Weakest Link: A minor, obscure AVS with a bug can become the entry point for draining the shared security pool.

By concentrating validation power, restaking creates a clear target for regulators. A single legal action against a dominant operator or the EigenLayer foundation could freeze or dismantle the security for the entire ecosystem.

• Jurisdictional Risk: Operators in compliant jurisdictions could be forced to censor transactions.
• Foundation Risk: EigenDAO governance could be coerced, turning the protocol into a regulatory tool.

Restaking abstracts security into a commodity, divorcing it from the underlying chain's social consensus. This creates a market where security is bought by the highest bidder, not aligned with Ethereum's long-term health.

• Security Mercenaries: Validators prioritize AVS yield over Ethereum's liveness, creating misaligned incentives.
• Race to the Bottom: AVSs compete on cost, pressuring operators to cut corners on infrastructure and monitoring.

Correlated slashing events can cascade across the EigenLayer ecosystem, liquidating the same capital backing multiple AVSs (Actively Validated Services). This creates a systemic risk multiplier, not a diversification benefit.\n- Key Risk: A single bug in a major AVS could trigger mass, correlated slashing.\n- Architect's Task: Design slashing conditions that are non-correlated and asynchronous to other services.

Restaked ETH is not held by sophisticated node operators but by liquid restaking tokens (LRTs) like ether.fi and Renzo. These LRTs become massive, centralized points of failure. Their governance and withdrawal logic is now a critical security dependency for every AVS.\n- Key Risk: LRT governance exploit or bug compromises security of all integrated AVSs.\n- Architect's Task: Audit and diversify LRT dependencies; demand non-custodial or trust-minimized staking pools.

Restaking turns cryptoeconomic security into a cheap, rentable resource. This leads to a race-to-the-bottom on slashing costs as AVSs compete for the same capital. The result is marginally secured networks where the cost to attack is a fraction of the value secured.\n- Key Risk: Security budget becomes detached from the economic value of the service being secured.\n- Architect's Task: Build native economic security or hybrid models; treat restaked security as a temporary bootstrap, not a foundation.

To attract capital, LRTs promise liquidity via their own tokens. This creates a withdrawal queue risk similar to traditional finance bank runs. During stress, AVS operators may be unable to exit positions to meet slashing obligations, breaking the security model.\n- Key Risk: Liquidity illusion undermines the credible threat of slashing.\n- Architect's Task: Model security under withdrawal queue congestion; prefer AVS designs with slow-slashing mechanisms that are resilient to liquidity crunches.