Community Staking Module

Lido DAO’s mission is to make Ethereum staking simple, secure, and decentralized. Lido on Ethereum launched with a curated validator set, which has enabled the protocol to grow to its current size robustly but leaves some room for improvement from the perspective of allowing a bigger range of independent node operators to more easily interact with the protocol. Recent long-range goals approved by the Lido DAO (proposed by @Hasu) suggest the introduction of a permissionless staking module. Given that the recently approved Simple DVT module is the only available avenue for Community Stakers to become Node Operators in the near future and that there aren’t currently permissionless elements in Simple DVT, this proposal aims to address this gap.

A significant portion of ETH is staked with Lido but distributed amongst less than 40 Node Operators. Lido V2 upgrade introduced a re-architecture of the protocol via the implementation of the staking router that allows for modularising the validator set. At the same time, on the Ethereum base layer, EIP-4788 and EIP-7002 have been proposed. These add crucial features for secure permissionless validation, namely beacon_root and triggerable validator exits on EL.

With these updates, it is possible to extend the operator set significantly, for example, by adding a new staking module that allows for permissionless entry with a bond. Combining permissionless entry with a bond requirement has proven to be a great approach to validator set formation. While providing coverage for the possible issues or inappropriate actions from the Node Operators’ side, it also makes Node Operators and stakers economically aligned. The appropriate size of the bond will depend on the state of relevant Ethereum upgrades (EIP-7002, 7251, etc.) and corresponding risk assessment research.

Our proposed name for this staking module is Community Staking Module (CSM). To make it appealing for the solo-stakers and community stakers to join CSM, we suggest focusing on the following key value propositions:

  • EL rewards and MEV are smoothened across the largest validator set in Ethereum thanks to SR architecture;
  • Competitive bond;
  • Friendly UX with low gas fees;
  • Only ETH (stETH) for bond and rewards;
  • More profitable than vanilla solo staking;

We propose allocating up to 10% of the stake to CSM. This will make CSM stake comparable to the largest permissionless staking solution in the market - Rocket Pool. To ensure security, reliability, and better battle test of CSM, we suggest increasing stake allocation starting from 1% gradually.

To ensure a rapid start of CSM, it is proposed to utilize the stake allocation mechanism introduced by the staking router (modules below target allocation with available capacity get stake first), given that CSM will be below target allocation at the module launch. Since “bonded” validators are more appealing to the protocol regarding security and economic alignment, it is proposed to set the lowest exit requests priority (to cover withdrawal requests) for CSM validators.

A more detailed description of the possible CSM design and decision drivers can be found in the CSM Landscape.

There is a team among Lido DAO contributors willing to implement CSM (authors of the proposal). Previously referred to as the Automation team (@dgusakov, @madlabman, @skhomuti, @vgorkavenko, and @Aleksandra_G), the team has made several meaningful contributions to Lido DAO and the Ethereum ecosystem, namely Ethereum-validators-monitoring (initially developed by Lido Tooling team), Ethereum-head-watcher, Polygon-validators-monitoring, Lido TRP smart-contracts, Full-featured on-chain monitoring for Lido protocol and participated in Lido V2 development. According to our estimation (and assuming DAO approval), developing and proposing CSM mainnet deployment is possible before the end of 2024.

We believe implementing a successful permissionless staking module is only possible with partnerships and collaboration with the DeFi ecosystem projects and teams. To facilitate this LEGO support will likely be needed. The expectation is that things like Ethereum validation set-up, monitoring tools, and other useful off-chain tooling can be developed by ecosystem partners. Collaborations that require LEGO support will be put forward based on feedback to this post and additional RFPs.

We aim to create a supportive and appreciated community of CS Operators. With the enormous support of the Community Lifeguards, community stakers engagement has already been started. Several DVT testnet trials have been conducted by the NoM work-stream contributors (Round 2, Simple DVT testnet). Community Lifeguard coordinator Eridian recorded an outstanding Community Staking Podcast Series and prepared explanatory posts about Lido. The first samples of #LidoBox hardware have been produced in collaboration with the Homenode and Ebunker:

Anyone can participate in the permissionless module. Yet we want to enfranchise solo-stakers participation particularly. By working closely with the community, we aim to attract at least 300 independent Node Operators within the first three months after the launch.

We seek feedback from the community and Ethereum ecosystem developers about the proposed module.

32 Likes

It’s great to see sequential steps to make Ethereum more decentralized from Lido DAO side. Can’t wait to see where this will lead!

Why did you choose the proposed 10% limit? If it is reached, can it be redefined and increased?

2 Likes

CSM is a great effort towards further decentralizing the NO set of Lido and giving independent node operators a chance to join the DAO.

Starting with 1% of stake allocation and then increasing carefully from there seems like a good idea. Will this be done by expected new deposits or does this imply a rebalancing with existing NOs?

3 Likes

Hey-hey,

Thank you for announcing the Community staking module! Look forward to seeing the opportunity implemented as a part of the StakingRouter architecture brought together with Lido V2.

Sincerely hope that the community staking might be accelerated with the highly anticipated activation of EIP-7002: Execution layer triggerable exits; therefore the protocol contributors have it as a high priority item to support triggerable exits in the core protocol unlocking permissionless participation.

3 Likes

I think it might be useful to look to the angel of collaborating with some worldwide infrastructure providers in order to create some solo-stakers oriented configurations. It will open a possibility of launching validators in a matter of minutes instead of days or weeks in case of physical equipment delivery. Moreover, it will decrease amount of funds which a solo-staker must spend at the beginning stage.

5 Likes

The specific stake allocation limit is determined and approved by the Lido DAO. While there are technically no restrictions on proposals, considering the introduction of new staking modules on the Lido Ethereum protocol, it is likely that a typical share for the module will emerge. It’s crucial to consider operational aspects and risks associated with permissionless staking. Therefore, aiming for a 10% target seems reasonable, but there is potential for it to be even larger.

4 Likes

I appreciate your response! The target allocation mentioned does not account for forced stake rebalancing; it specifically applies to new deposits. It’s crucial to note that Lido on Ethereum provides withdrawals leading to a concept known as staking recycle. In this process, validators from the older and larger node operators are exited first, and new stake is allocated to the smaller ones based on the target share.

To learn more about exits order pls see https://hackmd.io/@lido/HJYFjmf6s

3 Likes

Hi @dgusakov! Good proposal, I really liked it!

One question about something that I didn’t get it: how this proposal is going to communicant with Simple DVT? I understood that first the DAO were starting the testnets for only futher, start this in Mainnet with few clusters.

Is this proposal a complementary approach for when the first version of Simple DVT is implemented?

Thanks!

2 Likes

Simple DVT and CSM are distinct modules within the Lido Community Staking initiative, each with its specific contributions. CSM emphasizes permissionless entry, while Simple DVT centers around DVT involvement.

Although their timelines run concurrently, Simple DVT is expected to be proposed for the mainnet much earlier than CSM.

6 Likes

Super excited about this proposal and the prospect of finally getting permissionless node operators using the Lido protocol!

4 Likes

The Nimbus team is excited about this development as we would like to make solo staking more accessible and desirable.

This is reflected in our plans to develop a Nimbus GUI that would allow potential solo stakers to start validating easily from their desktop or mobile wallets, following a point and click interface that installs Nimbus locally or on a cloud instance of their own custody.

We would be happy to develop integrations with the LIDO staking module that enable the same seamless onboarding experience for users who are interseted in joining the LIDO network.

7 Likes

Good explanation, thanks @dgusakov!

3 Likes

Awesome initiative @dgusakov and team!! It’s a natural evolution for Lido in v2 and a decisive step to further strengthen the diversity of the Lido active set.

I’d like to offer up the Rated Oracle’s services for consideration for the CSM, to help with monitoring for MEV hiding.

The Oracle is deployed on mainnet and successfully monitoring ETHx’s active set for violations of their MEV smoothing policy since August 2023.

The ruleset and data sources that the Rated Oracle can support are arbitrary (and not exclusive to EL data), meaning that we can adapt it to fit a wide range of requirements, including monitoring relay payloads via their Data APIs and so on.

For those interested in learning more about the oracle, the dedicated section in docs.rated.network is a good place to start.

4 Likes

That’s great!
Dappnode is pretty well positioned to start offering access to Node Operators to the CSM via the deployment of an easy to use GUI in already existing Node Operators that might be running their own validators or validating on other chains (if they didn’t have access to 32 ETH).

A full UI integration with as little steps as possible is the end of the game for Dappnode: Click on “become a Lido Node Operator”, follow the steps (choosing how many validators and specifying the bond + key creation), submit transaction and all the infrastructure (EL+CL+Web3Signer+MEV Boost) gets deployed in the backend if not already existing in the machine. We have the existing setup to make this experience quite seamless.

Seems like Lido is worried -and it’s a perfectly reasonable worry- about Node Operators being unable to reliably run their nodes to the standard that it’s desired. Dappnode helps its users providing automatic updates of nodes and support channels to minimize downtime and optimize performance. Thousands of mainnet validators can attest to this, and we are happy to put our existing “decentralized DevOps” expertise to help N.O. reliably run their nodes.

For those not already having an existing setup, we see the hardware piece as a key aspect of it. We can provide plug-and-play hardware (that also looks sexy) to go from zero to Node Operator.

It seems that this first CSM favors bond in detriment of DVT setups. This is conceptually similar to Rocket Pool, an experience and UX already existing in Dappnode. We are also strong believers in “Community Staking” - where communities get together under DVT setups to offer strong performance and reliability and can present themselves as valuable operators to Liquidity providers like the Lido Staking Router. This seems to be out of scope for this first CSM, but we would be very keen on participating on the design of such an option.

8 Likes

Amazing and well-formulated proposal @dgusakov and the whole team.

Being a Lido contributor i’m really excited to see this initiative, creating the opportunity for community to contribute into further decentralization, while maintaing the security and reslience of protocol for stakers.
:heart: :dark_sunglasses:

4 Likes

Thanks for such a detailed comments. Appreciate it!

I do agree with the points outlined. DAppNode is a great product and it will be amazing to see it being integrated with CSM!

I want to signal strong disagreement with this proposal, as the underlying incentives create systemic risks for Ethereum with potentially irreversible consequences.

Lido has publicly positioned itself as a decentralized option to fight CEX growth.

However, this proposal clearly targets decentralized solo stakers and Rocket Pool, by offering an increased APR which is subsidized from Lido’s monopolistic position.

In its current form, the CSM would improve the Lido NO diversity, but would have a negative net impact on the decentralized staking ecosystem, as it would incentivize stETH growth at the expense of decentralized alternatives.

@dgusakov pointed out the following selling points for operators:

  1. EL rewards and MEV are smoothing using Lido’s outsized operator set, which no staking pool can match
  2. Lower bond than decentralized alternatives like solo staking and Rocket Pool
  3. Using stETH for bond and rewards, further centralizing into stETH
  4. More profitable than vanilla solo staking [and potentially Rocket Pool]

Further, this proposal offers a 7.5% fee to Node Operators, which is higher than the 5% regular fee to permissioned operators, signaling that the goal is to subsidize APR in order to convert operators from decentralized staking protocols.

If this proposal uses a minimum bond of 2 ETH as depicted in the Devconnect Staking Gathering talk, Lido operators will earn 2x higher rewards than with solo staking (8% vs 4%), which result from 90% rewards from the stETH bond + 7.5% of rewards from the 30Ξ matching ETH provided. If a 4 ETH is used, the ETH yield would be 5.7%.

  • Current solo staking rewards: 4%
  • Rocket Pool current ETH yield: approx 5.5%
  • Lido’s proposed yield seems to be 5.7-8%

A rational Node Operator observing this will shut down solo staking and Rocket Pool setups in order to migrate to CSM. This can cause massive and irreversible loss of decentralized staking diversity for the only benefit of growing stETH.

This is further aggravated by the possibility that Lido will provide financial incentives to solo-staker software providers or node clients, which can drive their UX to favor Lido installations over other decentralized alternatives.

While this proposal could be a net positive in a world where Lido self-limited, the reality is that Lido continues to increase its dominance with a stated goal to replace centralized staking.

The size of stETH has already been an extremely contentious topic, with the risk of social slashing looming over Lido. This proposal should not pass without modifictions, as it can damage Ethereum’s decentralized staking and further increase the risk of social slashing for Lido.

Considering this, I suggest modifying this proposal to Ensure that the Operator ETH APR never exceeds the solo staker ETH APR. Offering smoothed rewards and lower barrier to entry is already an outsized benefits to operators.

With these changes, Lido can prevent damaging decentralized staking and also benefit by collecting higher fees or increasing collateral levels from its permissionless operators.

Alternatively, a self-limit on Lido’s total share of validators can be discussed in order to not grow at the expense of decentralized staking, which fulfils and crucial role in the ecosystem.

5 Likes

Hi, @micho! Or should I call you Pablo?

Anyway, huge thanks for your reply and opinion!
Let me address some of the points outlined.

The numbers provided are by no means subsidies. According to the ordinary understanding, subsidy stands for the case when you get more than protocol actually earns with your help. This is not the case here since only part of staking fees is allocated to NOs, and definitely not more than the original 10%. It is just a different fee split. Bonded operators are more appealing for the Lido on Ethereum protocol in terms of security. Hence, allocating a larger portion of the staking fees to them is pretty straightforward.
It is also important to highlight that no actual fee structure is proposed. All the numbers are just examples. Actual numbers are to be calculated and proposed closer to the mainnet launch.

What you propose here has nothing to do with the open market conditions. Moreover, to make CSM Operator APR no higher than Vanilla solo-staking, a staking fee should be 0%. This is, without a doubt, not fair for CSM Operators since Curated operators get a 5% staking fee, and other protocols do allocate staking fees to the permissionless operators. Given the facts mentioned above, I don’t think your proposal can be accepted in its current form.

This topic has been discussed already. Make sure to check out Should Lido on Ethereum be limited to some fixed % of stake?

13 Likes

I’m thrilled to see Lido launch CSM. This aligns with Ebunker’s mission, as we’ve been working hard to lower the barriers for solo stakers, thereby promoting Ethereum’s decentralization.
Additionally, we are honored that our product, eNode, can collaborate with Lido. Given more time, we could design eNode with an even more stunning appearance. We envision eNode not just as a plug-and-play device but as something that integrates seamlessly into people’s lives and is affordable for everyone.
We’d love to integrate CSM into eNode at the earliest and optimize the user experience from a frontend perspective.

8 Likes

I stand behind Micho’s comments. This proposal definitely needs to be revised and should not be moved forward without specifying the fee structure. The fee structure is a critical detail and publishing this proposal without that was premature.

I’d like to propose putting a pause on this until those additional details are known since it’s imperative we don’t risk adding additional network centralization incentives. Yes, Lido is in the process of decentralizing, but decentralizing WITHIN Lido as an entity does not decentralize the beacon chain.