Staking is a necessary piece of Ethereum.
Fundamentally, staking is the mechanism which enables Ethereum (and other PoS networks) to reach consensus on which blocks to produce in a decentralized manner (read Staking is data validation, not investment). Without consensus, there is no peer-to-peer coordination at scale and there is no web3: this critical function underlies the entire wave of permissionless web3 innovation.
Through staking, Ethereum offers economic incentives to network participants to contribute to network coordination and security. By staking their ETH and operating validators, users contribute to Ethereum consensus mechanism security and are rewarded for it by earning rewards.
Slashing plays a fundamental role in maintaining the security and integrity of Ethereum’s Proof-of-Stake (PoS) mechanism. It is designed to deter validators from engaging in dishonest behavior or breaching their obligations. The concept might sound stern, but it is essential to preserving a healthy ecosystem: you earn rewards if you contribute to Ethereum consensus mechanism, and you are penalized if you misbehave.
In this article, we delve deep into what slashing means, its relevance in the staking ecosystem, and the mechanisms in place to prevent it.
Slashing on Ethereum
In Ethereum’s PoS ecosystem, slashing refers to the process of penalizing a validator for misbehaving. Validators, entrusted with the tasks of attesting and proposing blocks, are essential for maintaining the network’s smooth operations. If a validator is found to behave maliciously or dishonestly, it may be slashed, which means that a portion of its deposit is destroyed by the network as a punishment. As such, slashing incentivises validators to perform their duties correctly, thereby promoting the network’s best interests.
There are three ways a validator can be slashed, all of which amount to a dishonest proposal or attestation of blocks:
By proposing and signing two different blocks for the same slot
By attesting to a block that "surrounds" another one (effectively changing history)
By attesting to two candidates for the same block ("double voting"”)
Historically, slashing occurrences have been quite rare. As of February 2024, 414 validators have been slashed out of approximately 1,174,000 deposited validators (916,000 are active to date). This accounts for less than 0.04% of all active validators. As far as we know, all these slashing events are due to operational errors rather than intentional misconduct.
Since its launch in December 2020, Consensys Staking validators have never been slashed.
Slashing Penalties
A validator incurs a slashing penalty when committing a slashable offense, pushing them into a slashed state on Ethereum.
Slashing penalties are the same for all slashable offences, and have multiple components:
First, there is an immediate initial penalty of ~1ETH, or more precisely 1/32 of the validator’s effective balance, once the offence is identified.
Once slashed, the validator’s status is set to slashed_exiting. For about 36 days, the validator is removed from the active validation set and is placed in the exit queue. During this period, the validator not only stops earning new rewards but also incurs a penalty of about 8,000 GWei (0,000008 ETH) for every epoch that it misses performing its duties (ie. every 6.4 minutes). This leads to an additional penalty of ~0.07ETH
Finally, a special penalty may be applied depending on the number of validators who committed a slashable offense a few days before and after: the more validators are slashed simultaneously, the bigger the penalty per validator will be. This is meant to prevent coordinated attacks on the Ethereum network.
In extreme cases, the slashing penalty could wipe all of a validator’s staked ETH. However, historically, most slashing penalties have been around 1ETH.
Mitigating Slashing Risks with Consensys Staking
A majority of slashing events occur unintentionally when two different validator’s clients use the same validator key. Therefore, our anti-slashing strategy at Consensys Staking revolves around the simple rule that we do NOT deploy the same validator key to multiple locations or multiple validators.
To ensure we never break this simple rule, we employ several practices:
Each validator key is generated using a distinct seed phrase, ensuring each key is unique.
A robust check mechanism is in place to detect any duplicate keys before the validator public keys are made available.
We also use web3 signer, an open-source remote signer built by Consensys, which maintains a record of all recent signatures made by a validator and checks each signature against potential slashing conditions.
Beyond these measures, Consensys Staking is dedicated to maintaining robust security practices. Leveraging multiple layers of security, including rigorously reviewed access permissions and minimum access policies, we continually work to mitigate potential attacks. Consensys is ISO 27001:2022 certified, a security assurance covering the security of our people, technology and processes. Consensys Staking was also granted SOC 2 Type II certification, reinforcing our position as a secure and reliable partner in your staking journey.