Why Modular Security Is a Contradiction in Terms

Rollups inherit security from their DA layer, but users cannot feasibly verify data availability themselves. This creates a single point of trust failure.

• Celestia and EigenDA operate as external trust hubs for $10B+ in rollup assets.
• Fraud proofs are useless if the necessary data is withheld.
• The security of the entire rollup is now the security of its least secure bridge or DA watcher.

A sovereign rollup's ability to change its underlying stack (DA, settlement, proof system) is a feature that doubles as a catastrophic risk vector.

• A malicious or coerced sequencer can fork the chain to a malicious DA layer, stealing funds.
• This is a governance attack executed at the infrastructure level, bypassing on-chain voting.
• Projects like dYmension and Sovereign Labs enable this; security depends entirely on sequencer honesty.

Modular chains require bridges for composability, but these bridges are high-value, centralized targets. LayerZero, Axelar, and Wormhole become de facto security layers.

• Bridge security is not inherited from the connected chains; it's a separate, often weaker system.
• A bridge hack compromises all assets on the destination chain, regardless of the rollup's own security.
• This recreates the very problem modularity aimed to solve: centralized choke points.

Rollups settled on Ethereum L1 rely on its social consensus for ultimate finality. In a catastrophic scenario, the L1 can forcibly reorg or censor the rollup.

• This is a feature (sovereign-grade security) but also a bug (loss of sovereignty).
• The "modular" chain's state is ultimately subject to the political will of the settlement layer's validators.
• This creates a hidden dependency where modular security is an illusion, merely leased from a monolithic base.

Outsourcing security to a provider like EigenLayer or Celestia creates a meta-game of economic trust. Validators are incentivized to slash on one chain to maximize rewards on another, creating systemic risk. The security of your chain is now a derivative of a staking pool's yield optimization strategy.

• Security becomes a commodity, not a sovereign guarantee.
• Correlated slashing risk across the modular stack.
• Economic security != liveness; a cheap DA layer can still censor you.

Using an external DA layer like Celestia or EigenDA means your chain's history is held hostage. If the DA layer fails or censors, your rollup halts. Fraud proofs are useless without the data to verify them. This reintroduces the very trust assumptions modularity claims to solve.

• Verification requires perpetual data access.
• DA layer downtime = chain downtime.
• Long-term data storage is an unsolved, costly externality.

A modular chain is a distributed system with multiple failure points: sequencer, DA layer, settlement layer, bridge. Each new dependency adds latency, cost, and attack vectors. The bridging layer between components (e.g., LayerZero, Axelar) often becomes the most trusted—and vulnerable—piece.

• Security = weakest link in a multi-party system.
• Cross-domain MEV and arbitrage exploits proliferate.
• Upgrade coordination across independent teams is a governance nightmare.

Modular chains fragment liquidity and state across isolated environments. Moving assets between rollups and L1s via bridges like Across or Circle CCTP introduces settlement risk and delays. This kills composability, the core innovation of DeFi, and makes the system feel like a network of banking silos.

• Capital efficiency plummets with locked liquidity in bridges.
• Atomic composability is impossible across modular zones.
• User experience regresses to multi-step, trust-required swaps.

Re-staking and shared security pools like EigenLayer promise to amortize costs but dilute capital efficiency and create correlated failure modes. The security budget is a zero-sum game.

• Capital is Finite: A validator's stake securing $10B+ TVL on Ethereum cannot simultaneously secure another $10B+ TVL on a rollup without increasing total risk.
• Correlation Catastrophe: A slashable event on one AVS (Actively Validated Service) can trigger a cascading liquidation crisis across all others, a systemic risk modeled but not yet tested at scale.

Without guaranteed, verifiable data, fraud proofs are useless and validity proofs are impossible. Modular chains that outsource DA to a separate layer are only as secure as their weakest link.

• The Celestia Bottleneck: A ~$2B market cap DA layer cannot provide credible crypto-economic security for a $100B+ rollup ecosystem. The cost of bribing its validators is trivial by comparison.
• Ethereum's Monopoly: Only Ethereum's ~$40B staked provides a high enough cost-of-corruption to secure the largest L2s, making "modular" security a regression to a single, expensive hub.

Every bridge and messaging layer between modular components is a new vulnerability. The security of the entire system is the product of each component's failure probability.

• Bridge Hacks Dominate Losses: Over $2.5B was stolen from cross-chain bridges in 2022-2023. Protocols like LayerZero and Axelar add trusted assumptions and multisigs that become prime targets.
• Weakest Link Governance: A modular stack with 5 independent governance systems (Execution, Settlement, DA, Bridging, Sequencing) has 5x the attack surface for a governance takeover compared to a monolithic chain.

Solana, Sui, and Monad demonstrate that high-throughput monolithic design avoids the security fragmentation of modular stacks. Their security model is simple, atomic, and complete.

• Atomic Composability = Safety: A transaction across 10 protocols on Solana succeeds or fails as one unit, with 400ms finality. No risk of funds stuck in a failed bridge attestation.
• Unified Security Budget: All $4B+ of SOL staked secures the entire state and execution, with no dilution to external validators sets or DA layers. The math is straightforward and inescapable.