Shared security is a misnomer. The term suggests risk distribution, but the economic and technical reality is risk concentration. Capital and validation power pool into a few large staking providers like Lido and Coinbase, creating systemic single points of failure.
tokenomics-design-mechanics-and-incentives
Blog
Shared Security is a Misnomer—It's Risk Concentration
A first-principles analysis of how restaking protocols like EigenLayer centralize Ethereum's staked capital, creating correlated slashing risk and systemic fragility rather than distributing security.
introduction
THE REALITY
Introduction
Shared security models in crypto concentrate, rather than distribute, systemic risk to a handful of dominant validators.
The validator set is the attack surface. Protocols like EigenLayer and Babylon abstract security from underlying chains like Ethereum, but they inherit the centralization vectors of their base layer. A liveness failure in the dominant staking pool compromises all dependent systems.
Evidence: Over 33% of Ethereum's stake is controlled by Lido DAO, crossing the theoretical censorship threshold. This concentration means the security of hundreds of rollups and restaking apps is functionally secured by a single, complex DAO governance structure.
thesis-statement
THE RISK MODEL
The Core Argument: It's Correlation, Not Distribution
Shared security is a misnomer; it describes risk concentration, not risk distribution.
Risk is concentrated, not shared. The term 'shared security' implies risk is distributed across participants. In reality, risk is concentrated on a single validator set or consensus mechanism, like Ethereum's L1 or a Cosmos Hub. All dependent chains inherit the same systemic vulnerabilities.
Correlation defeats diversification. A failure in the core security provider, such as a critical bug in the EigenLayer AVS code or a 33% slashing attack on Cosmos, cascades to all attached chains. This creates a single point of failure for dozens of 'secured' networks.
Evidence from restaking. The rapid growth of EigenLayer's Total Value Locked (TVL) demonstrates demand for pooled security. However, this concentrates billions in economic security on a single, novel cryptoeconomic primitive, creating massive correlated risk for all Actively Validated Services (AVSs) like AltLayer and EigenDA.
key-trends
RISK CONCENTRATION
The Three Flaws of the 'Shared Security' Narrative
Shared security is a marketing term that obfuscates the systemic risk created by concentrating economic value and validator sets.
01
The Problem: Single-Chain Failure Modes
Shared security models like Cosmos IBC or Polkadot parachains create a single point of failure. A critical bug or governance attack on the hub/relay chain can cascade to all connected chains.\n- $50B+ in assets can be compromised from one exploit.\n- Validator slashing on the root chain penalizes unrelated app-chains.
1
Root of Failure
50B+
TVL at Risk
02
The Solution: Isolated Security Budgets
High-value applications must maintain their own security budget, decoupled from a shared pool. This is the Ethereum rollup model.\n- Solana and Sui operate with independent, dedicated validator sets.\n- A rollup's security is a function of its own sequencer stake and the Ethereum L1 finality, not other rollups.
100%
Sovereign Budget
0
Cross-Chain Contagion
03
The Problem: Economic Misalignment
Shared security pools token incentives, creating misaligned staker economics. Validators secure chains they don't use for yield, not utility.\n- Polkadot DOT stakers secure parachains they may not transact on.\n- This leads to security-as-a-commodity, not security-as-a-necessity, reducing validator vigilance.
Low
Validator Skin-in-Game
High
Yield Motivation
04
The Solution: Purpose-Built Validator Networks
Networks like Celestia provide data availability, delegating execution security to rollups. EigenLayer restaking introduces slashing for actively validated services (AVS), not passive chain security.\n- Security is modular and service-specific.\n- Validators are slashed for specific service failures, creating aligned, verifiable security.
Modular
Security Model
AVS-Specific
Slashing Conditions
05
The Problem: Liquidity Centralization
Shared security concentrates liquidity (TVL) on the root chain, creating a honeypot and starving app-chains of native economic activity.\n- Cosmos Hub ATOM holds disproportionate value vs. its utility.\n- This creates a security tax where app-chains pay for security they don't fully utilize.
Honeypot
Risk Profile
Inefficient
Capital Allocation
06
The Solution: Sovereign Execution with Verifiable Bridges
Chains should be sovereign and bridge value via fraud-proof or zero-knowledge proof systems. See Ethereum L2s using Cannon or zkEVM proofs.\n- Security is about state verification, not validator sharing.\n- Across Protocol and LayerZero exemplify cross-chain messaging with independent security assumptions.
ZK Proofs
Verification Standard
Sovereign
Execution
deep-dive
THE CONCENTRATION
Deconstructing the Systemic Risk Engine
Shared security models centralize systemic risk by creating single points of failure across multiple protocols.
Shared security is risk concentration. The promise of pooled validators securing multiple chains creates a single, catastrophic failure mode. A critical bug in the shared sequencer or slashing logic of an L2 like Arbitrum or Optimism compromises every rollup in its ecosystem.
Restaking creates recursive leverage. Protocols like EigenLayer allow staked ETH to secure external systems, creating a recursive dependency. A failure in a restaked AVS cascades back to Ethereum's consensus, creating a systemic contagion vector that traditional PoS avoids.
Cross-chain bridges are the primary attack surface. The interoperability layer (e.g., LayerZero, Wormhole, Axelar) is the most concentrated risk nexus. A bridge hack doesn't just drain one chain; it compromises the liquidity and state integrity of every connected network.
Evidence: The 2022 Wormhole hack ($325M) and Nomad hack ($190M) demonstrate that a single bridge vulnerability can trigger a cross-chain liquidity crisis. This risk scales linearly with the number of chains a bridge supports.
THE REALITY OF 'SHARED SECURITY'
Risk Concentration vs. True Security Sharing: A Comparison
Deconstructs the security models of major protocols, contrasting pooled economic risk with verifiable, decentralized security guarantees.
| Security Dimension | Cosmos Hub (Replicated Security) | EigenLayer (Restaking) | Polkadot (Parachains) | True Shared Security (Ideal) |
|---|---|---|---|---|
Validator Set Uniqueness | ||||
Economic Slashing Scope | Interchain Security only | All AVSs using operator | Parachain-specific | Protocol-wide |
Fault Isolation | Limited (Hub risk) | None (Pooled risk) | Strong (Per parachain) | Strong (Cryptographically enforced) |
Security Cost to Consumer | ~$250k/month (est.) | Market-driven premiums | DOT bond + auction | Marginal cost of capital |
Liveness Guarantee Source | Hub validators | EigenLayer operators | Collators + Relay Chain | Decentralized proof system |
Maximum Concurrent Slash Events | 1 (Hub failure) | Unbounded (Cascading risk) | ~100 (Per parachain) | 1 (Isolated to offender) |
Time to Security Withdrawal | 21 days | 7 days + queue | 28 days (unbonding) | < 1 epoch |
Verifiable Security Proofs | Light client bridges | Off-chain attestations | XCMP proofs | On-chain ZK proofs |
counter-argument
THE RISK CONCENTRATION
Steelman: Isn't This Just Efficient Capital Use?
Shared security is a misnomer; it is the systemic concentration of risk into a single, politically-governed capital pool.
Shared security is risk pooling. It consolidates the failure risk of dozens of independent applications into a single, massive staked asset pool like Ethereum's Beacon Chain. This creates a single point of catastrophic failure for all dependent chains.
Capital efficiency creates systemic fragility. The economic model for rollups like Arbitrum and Optimism is predicated on cheap security from Ethereum's L1. A successful 51% attack on Ethereum's consensus would cascade instantly, invalidating the state of every rollup.
The validator set is a political entity. Governance over the staked capital, currently valued at over $100B, determines protocol upgrades and slashing conditions. This centralizes immense power, creating a single political attack vector for the entire ecosystem.
Evidence: The 2022 OFAC compliance of Ethereum validators post-Merge demonstrates this political reality. A coordinated validator action could censor or revert transactions across Arbitrum, Base, and all other L2s, proving security is not shared but centrally managed.
risk-analysis
RISK CONCENTRATION
The Bear Case: Cascading Failure Scenarios
Shared security models centralize systemic risk, creating single points of failure that can propagate across the ecosystem.
01
The Lido Problem: Economic Capture
A single staking derivative (stETH) controlling >30% of Ethereum's stake creates a governance and slashing risk monoculture. A critical bug or governance attack on the dominant provider could trigger a mass exit, overwhelming the withdrawal queue and freezing $30B+ in TVL.
- Protocol Risk: Failure cascades to all DeFi using stETH as collateral.
- Governance Risk: A single entity can influence core protocol upgrades.
>30%
Stake Share
$30B+
TVL at Risk
02
Rollup Sequencer Failure: The L2 Blackout
Most optimistic and ZK rollups (Arbitrum, Optimism, zkSync) rely on a single, centralized sequencer. Its failure halts all transactions, turning an L2 into a read-only chain for hours or days. Users cannot bridge out, and DeFi positions become liquidatable.
- Centralized Chokepoint: No live fault tolerance; a DDoS kills the chain.
- Capital Lockup: Users cannot access funds during downtime, breaking composability.
100%
Downtime Impact
Hours-Days
Recovery Time
03
Bridge & Oracle Hubris: The Cross-Chain Contagion
Dominant cross-chain bridges (LayerZero, Wormhole, Axelar) and oracles (Chainlink) are treated as trustless infrastructure. A compromise in one bridge's validation or an oracle's data feed can drain multiple chains simultaneously, as seen in the Wormhole ($325M) and Poly Network ($611M) hacks.
- Systemic Trust: Hundreds of dApps depend on the same few data feeds.
- Asymmetric Risk: A single bug can cause multi-chain insolvency.
$1B+
Historical Losses
Multi-Chain
Contagion Scope
04
Restaking Rehypothecation: Multiplying Hidden Leverage
EigenLayer and similar restaking protocols allow the same ETH stake to secure dozens of Actively Validated Services (AVSs). A slashing event in one AVS triggers slashing across all, creating a cascade of insolvency. The systemic leverage is opaque and untested under stress.
- Correlated Slashing: A single bug can wipe out stake backing many services.
- Liquidity Crisis: Mass unbonding and slashing could exceed Ethereum's staking liquidity.
10x+
Leverage Factor
Dozens
AVSs per Stake
05
Cosmos Hub Fallacy: The Security Subsidy
The Cosmos Hub's Interchain Security (ICS) model sells its validator set to consumer chains. A high-profile failure or slash on a consumer chain (Neutron, Stride) directly penalizes the Hub's ATOM stakers, who have no stake in the consumer chain's success. This subsidizes security for others while concentrating the Hub's risk.
- Misaligned Incentives: Stakers bear risk for chains they don't use.
- Reputation Hazard: Hub's security brand is tied to weakest consumer chain.
1->Many
Risk Transfer
ATOM Stakers
Risk Bearers
06
The Modular Liquidity Trap: Shared DA Catastrophe
Modular chains (Celestia, EigenDA) and L2s that share a Data Availability (DA) layer create a common failure mode. If the DA layer halts or censors, all dependent rollups instantly lose the ability to prove state, freezing potentially hundreds of billions in interlocked value. This recreates the systemic risk of monolithic chains.
- Single Point of Failure: DA outage = All rollups frozen.
- Mass Exit Impossibility: Users cannot prove ownership to bridge out.
100s of Billions
TVL at Risk
All Rollups
Impact Scope
future-outlook
THE RISK
The Inevitable Reckoning and Alternatives
Shared security models concentrate, rather than disperse, systemic risk, creating a single point of failure for entire ecosystems.
Shared security is risk concentration. A single validator set securing hundreds of rollups, as in EigenLayer or Babylon, creates a systemic failure vector. A slashable fault or coordinated attack compromises every dependent chain simultaneously.
The economic model is flawed. The re-staking yield for securing these systems is marginal compared to the catastrophic loss potential from a slashing event. This misaligned incentive structure encourages risk underestimation.
Evidence: The Cosmos Hub's Interchain Security (ICS) demonstrates the adoption challenge. Despite its launch, few consumer chains have opted in, preferring sovereign security or lighter-weight alternatives like mesh security.
The alternative is sovereign security. Chains like Celestia and Avail provide data availability, letting rollups manage their own execution and settlement. This isolates failure and aligns with the modular thesis of minimizing trusted components.
takeaways
RISK CONCENTRATION
TL;DR for Protocol Architects and VCs
Shared Security is a marketing term that obscures the systemic risk of concentrating validation power in a few dominant ecosystems.
01
The EigenLayer Fallacy
Restaking pools risk into a single slashing contract. A critical bug or governance failure in EigenLayer could simultaneously slash $15B+ in restaked assets across hundreds of AVSs, creating a systemic contagion event. The diversification benefit is illusory when the root of trust is monolithic.
$15B+
TVL at Risk
1
Root of Trust
02
Cosmos Hub's Failed Promise
The Interchain Security (ICS) model concentrates economic security from the Hub's ~$2B ATOM stake to protect smaller chains. However, validator set alignment creates correlated slashing risk. A mass slash event on a consumer chain could drain the Hub's staking pool, undermining security for all.
~$2B
Concentrated Stake
100%
Validator Overlap
03
Polkadot's Parachain Bottleneck
Parachains lease security from the Relay Chain's ~$10B DOT stake. This creates a capacity bottleneck (limited parachain slots) and a single point of governance failure. The Relay Chain's upgrade or slashing decisions are imposed on all parachains, eliminating sovereignty.
~$10B
Stake Pool
100
Slot Limit
04
The Babylon & SSV Alternative
These protocols enable trust-minimized security sharing without monolithic pools. Babylon allows PoS chains to use Bitcoin timestamps for slashing proofs. SSV uses Distributed Validator Technology (DVT) to decentralize Ethereum staking. Both reduce systemic risk by avoiding a central slashing manager.
DVT
Architecture
No Pool
Risk Model
05
VCs: Measure Correlation, Not TVL
Due diligence must shift from total value locked (TVL) to risk correlation coefficients. Evaluate: validator set overlap, shared slashing contracts, and governance control points. A "shared security" system with 90% validator overlap offers no real diversification, regardless of headline staking numbers.
>90%
High Overlap
TVL ≠Security
Key Metric
06
Architects: Demand Slashing Sovereignty
When evaluating a security provider, the non-negotiable is independent slashing. Can your chain be slashed due to another chain's fault? If yes, you've leased security but bought systemic risk. Opt for models like EigenLayer's Intersubjective Forks or Celestia's Data Availability sampling that isolate fault.
Isolated
Fault Required
Sovereign
Slashing
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall