Slashable Offense

A validator signs two or more conflicting blocks or votes at the same height, which could enable a chain fork. This is also known as a equivocation fault. It is considered a severe security violation because it directly threatens the blockchain's safety and finality guarantees.

• Example: Signing blocks for both fork A and fork B in the same slot.
• Consequence: Typically results in a significant slash (e.g., up to the entire stake) and immediate ejection (jailing).

A validator fails to perform its duties when called upon, such as being offline and missing block proposals or attestations. While often penalized via small inactivity leaks, repeated or coordinated downtime can be treated as a slashable offense for liveness attacks.

• Example: A large group of validators going offline simultaneously to halt block production.
• Consequence: Slashing penalties are usually lower than for double signing but increase with the number of validators offline at once.

A specific attestation violation in Ethereum's consensus where a validator's vote improperly "surrounds" a previous vote, attempting to rewrite history. This violates the Casper FFG fork choice rules.

• Mechanism: A validator submits an attestation with source and target checkpoints that surround a different attestation they previously made.
• Purpose: Designed to penalize attempts to revert finalized blocks, protecting finality.

In some delegated PoS networks, validators may be slashed for failing to adhere to on-chain governance decisions they have committed to support. This enforces accountability within delegated proof-of-stake (DPoS) systems.

• Example: A validator not voting as promised on a proposal, or voting against a supermajority-approved upgrade.
• Context: More common in networks like Cosmos, where slashing can be triggered by governance parameters.

Extended failure to participate in consensus, often detected over a longer epoch or era. This is distinct from minor downtime and is treated as a threat to network liveness. Penalties may escalate over time.

• Detection: The protocol monitors if a validator has been inactive for a predefined, extended period (e.g., multiple epochs).
• Action: Can lead to a slash and forced exit from the validator set.

Validators may be slashed for breaching specific, critical protocol rules beyond block production. This can include manipulating MEV (Maximal Extractable Value) in a provably malicious way or other actions that destabilize the economic incentives of the network.

• Scope: Defined by the specific consensus client implementation and network upgrade.
• Evolution: New slashable conditions can be added via hard forks to address novel attack vectors.

A Byzantine fault where a validator signs two different blocks at the same height. This threatens the consensus safety of the network by creating the potential for a chain fork. It is considered one of the most severe offenses, as it directly attacks the blockchain's canonical history. Penalties are typically severe, often resulting in the slashing of a significant percentage of the validator's stake and their forced exit from the validator set.

Occurs when a validator is offline and fails to perform its duties (e.g., proposing or attesting to blocks) for a prolonged period. This compromises network liveness by slowing block production and finality. Penalties are usually progressive, starting with small inactivity leaks that reduce the validator's effective stake, and can escalate to slashing if the downtime is extreme or part of a correlated outage affecting many validators.

A social layer penalty applied by decentralized autonomous organization (DAO) governance vote, rather than an automated protocol rule. This addresses malicious behavior not easily detectable by code, such as:

• Protocol violations outside client software.
• Collusion or market manipulation.
• Data availability failures in modular architectures. The slashing proposal and execution are subject to the DAO's governance process.

Each proof-of-stake network defines precise, on-chain parameters for slashing. Key variables include:

• Slashing penalty: The percentage of stake forfeited, which can vary by offense (e.g., 1% for downtime, 100% for double signing).
• Correlation penalty: Penalties may increase if many validators commit the same offense simultaneously, punishing coordinated attacks.
• Whistleblower rewards: A portion of the slashed funds is often awarded to the validator who submitted evidence of the offense, incentivizing surveillance.

If more than one-third of validators go offline, the chain cannot finalize. To recover, Ethereum's Casper FFG consensus triggers an inactivity leak. Offline validators have their effective balance gradually reduced (a form of soft slashing) until the active validators again constitute a two-thirds supermajority, allowing finality to resume. This mechanism ensures liveness can be restored even after a catastrophic failure.

Not all penalties are slashing. It's critical to distinguish:

• Slashing: Irreversible forfeiture of staked principal due to a provable, malicious fault.
• Proposer/Attester Penalties: Small, routine reductions in reward balance for minor inefficiencies (e.g., late attestations). These are not slashing events.
• Ejection (Force Exit): A validator may be forcibly removed from the active set as a consequence of slashing or sustained poor performance.

Equivocation—signing two conflicting blocks or attestations for the same slot—is a severe, non-accidental slashable offense. It is typically caused by:

• Running the same validator keys on two active machines simultaneously.
• Improper migration or restoration procedures.
• Malicious key compromise.

Mitigation involves strict key management: use a single, secure signing client and never copy live validator keys to another machine.

Secure your validator's signing keys (keystore files) to prevent slashing from compromise or operator error.

• Store keys in hardware security modules (HSMs) or dedicated signing services like Web3Signer.
• Use withdrawal credentials separate from signing keys.
• Follow secure backup procedures and never expose keys to the internet.
• Employ multi-party computation (MPC) or distributed validator technology (DVT) to distribute signing responsibility.

Validator clients require timely updates for hard forks, network upgrades, and critical bug fixes. Failure to update can lead to consensus faults.

• Subscribe to official client team announcements (e.g., Prysm, Lighthouse, Teku).
• Test upgrades on a testnet or devnet before applying to mainnet.
• Be aware of scheduled hard forks like Ethereum's Dencun or Capella, which require coordinated upgrades.

Specific to Proof-of-Stake Ethereum's Casper FFG consensus, a surround vote is a slashable attestation where a validator's vote improperly "surrounds" a previous vote, potentially rewriting history. To avoid this:

• Ensure your client logic correctly handles vote aggregation and timing.
• This is largely managed by consensus client software, but operators must ensure they are running stable, non-forked versions to prevent logic bugs that could cause unintentional surrounding.

The punitive action of permanently confiscating a portion of a validator's staked capital (e.g., ETH, ATOM) as a penalty for committing a slashable offense. This serves as a critical cryptoeconomic security mechanism to disincentivize malicious or negligent behavior that threatens network consensus.

• Purpose: Protects network integrity by making attacks economically irrational.
• Mechanism: A portion of the validator's stake is burned, reducing their future rewards and influence.

A blockchain consensus mechanism where validators are chosen to create new blocks and secure the network based on the amount of cryptocurrency they stake as collateral. Slashable offenses are a core component of PoS security models.

• Contrast with PoW: Replaces energy-intensive mining with economic staking.
• Accountability: Validators have "skin in the game," making slashing an effective deterrent.

A canonical slashable offense where a validator signs two different blocks at the same height, a direct attack on consensus finality. This is often called a equivocation fault.

• Why it's slashed: It creates a risk of chain forks and undermines the single, canonical history of the ledger.
• Detection: Other validators can submit cryptographic proof of the conflicting signatures to the network.

A less severe but still penalizable offense where a validator is offline and fails to perform its duties (e.g., proposing or attesting to blocks) for an extended period. Penalties are typically smaller than for safety faults like double signing.

• Impact: Reduces network efficiency and can delay finality.
• Penalty: Often an inactivity leak that gradually reduces the validator's stake until it resumes duties.

A network participant in a Proof-of-Stake system who is responsible for proposing and attesting to new blocks. Validators are the entities subject to slashing penalties.

• Requirements: Must lock up a minimum stake (e.g., 32 ETH on Ethereum) and run node software.
• Duties: Includes block proposal, attestation, and sync committee participation.

A specific penalty mechanism on the Ethereum Beacon Chain designed to recover chain finality if more than one-third of validators go offline. It is not traditional slashing but a correlated leak of validator balances.

• Trigger: Activated when the chain fails to finalize for more than four epochs.
• Purpose: To increase the stake of active validators relative to inactive ones, eventually allowing the chain to finalize again.