Actively Validated Service

Decentralized applications are the primary consumers of AVS services. They integrate with AVSs to access critical middleware like high-throughput data availability, secure cross-chain messaging, or fast finality. By using an AVS, a dApp can leverage shared security and specialized functionality without building it from scratch.

• Example: An L2 rollup using EigenDA for its data availability layer instead of Ethereum calldata.

Layer 2 networks and rollups are major users of AVSs for modular infrastructure. They can outsource critical components like:

• Data Availability (DA): Using a specialized DA layer AVS.
• Sequencing: Using a decentralized sequencer set.
• Settlement & Bridging: Using secure cross-chain verification AVSs. This allows them to optimize for performance and cost while inheriting security from Ethereum via restaking.

Existing oracle networks and interoperability protocols can become AVSs to enhance their security model. By having their node operators also act as AVS Operators, they can leverage restaked ETH as a cryptoeconomic security backstop. This creates a stronger guarantee for the data they provide (e.g., price feeds) or the messages they relay between chains, making them more attractive to high-value DeFi applications.

The primary mechanism for penalizing malicious or faulty AVS operators. Slashing involves the irreversible loss of a portion of the operator's staked ETH or restaked assets. Conditions are defined in the AVS's smart contracts and can include:

• Double-signing: Attesting to two conflicting states.
• Liveness faults: Failing to perform required validation duties.
• Safety faults: Incorrectly validating invalid state transitions. Clear, auditable slashing logic is essential for trust minimization.

The security of an AVS degrades if its validation is concentrated among a few operators. Key risks include:

• Collusion: A small group controlling a supermajority of stake could force through invalid states.
• Single points of failure: Technical outages or targeted attacks on major operators can halt the service. Mitigations include permissionless operator sets, stake distribution limits, and cryptoeconomic security models that require high attack costs.

Using EigenLayer for restaking introduces systemic dependencies. Operators restake their native ETH stake to secure multiple AVSs, creating interconnected risk:

• Correlated Slashing: A fault in one AVS can slash the operator's stake, reducing security for all other AVSs they service.
• Yield-seeking Behavior: Operators may overload their stake with high-yield, high-risk AVSs, increasing systemic fragility. Understanding these shared security trade-offs is vital for risk assessment.

The security of the underlying software client running the AVS's node is paramount. Risks mirror those in blockchain consensus:

• Client Bugs: A vulnerability in the dominant client software could lead to mass slashing or network halt.
• Lack of Diversity: Over-reliance on a single client implementation creates a systemic vulnerability. Best practices include multi-client support, formal verification of critical code paths, and robust fault-proof systems.

The cost to attack an AVS must exceed the potential profit. Key calculations involve:

• Total Value Secured (TVS): The economic value protected by the AVS (e.g., cross-chain bridge funds).
• Total Value Restaked (TVR): The amount of restaked capital slashed for an attack. If TVS > TVR, a profit-from-corruption attack may be rational. AVS design must ensure TVR is a significant multiple of TVS.

The process for changing AVS parameters or code introduces centralization and exploit risks.

• Admin Keys: Multisig controls or privileged addresses can be a single point of failure.
• Contentious Upgrades: Can lead to forks or conflicts within the operator set.
• Timelocks & Transparency: Critical upgrades should use timelocks to allow operator and user reaction. Minimizing trust in governance is a core security challenge for long-lived AVSs.

The foundational mechanism that allows Ethereum stakers to re-deploy their staked ETH or Liquid Staking Tokens (LSTs) to secure additional networks or services, like AVSs. This creates a shared security layer and new yield opportunities for validators.

• Purpose: Bootstraps cryptoeconomic security for new systems.
• Core Concept: Security is not siloed but becomes a reusable resource.

A node or validator that runs the software for one or more AVSs. Operators are the active participants in the network:

• They opt-in to specific AVSs based on reward potential and technical requirements.
• They face slashing risks for malicious behavior or liveness faults.
• They earn fees (paid in the AVS's native token or ETH) for their validation services.

Operators can be solo stakers or professional staking services.

The cryptoeconomic penalty imposed on a restaker's or operator's stake for provably malicious or faulty behavior while validating an AVS. It is the core enforcement mechanism.

• Enforces Correctness: Guarantees operators have "skin in the game."
• AVS-Defined: Each AVS publishes its own slashing conditions (e.g., double-signing, data unavailability).
• Irreversible: Slashed funds are burned, not redistributed.

The economic model where a pool of capital (restaked ETH) secures multiple, independent systems (AVSs) simultaneously. This contrasts with each system bootstrapping its own validator set.

• Efficiency: Lowers capital formation costs for new protocols.
• Leverage: Reuses Ethereum's robust validator set and economic security.
• Trade-off: Introduces correlated slashing risk across AVSs if a major operator fails.