beacon chain mistakes

how we messed up

part 1—painful today

​

part 2—painful in the future

part 1—painful today

​

part 2—painful in the future

max effective balance

no needed for danksharding

32 ETH validators

max effective balance

no needed for danksharding

unnecessary friction

32 ETH validators

max effective balance

no needed for danksharding

unnecessary friction

32 ETH validators

too many validators

max effective balance

no needed for danksharding

unnecessary friction

32 ETH validators

too many validators

suboptimal

compounding

max effective balance

no needed for danksharding

unnecessary friction

32 ETH validators

too many validators

suboptimal

compounding

no max balance

max effective balance—too many validators

too many validators

unnecessary client load

max effective balance—too many validators

too many validators

unnecessary client load

harder ePBS

max effective balance—too many validators

too many validators

unnecessary client load

harder ePBS

harder SSF

max effective balance—too many validators

too many validators

unnecessary client load

harder ePBS

harder SSF

longer slot time

max effective balance—suboptimal compounding

suboptimal

compounding

unfairness

max effective balance—suboptimal compounding

suboptimal

compounding

unfairness

long

withdrawal queue

committee index

worse signature aggregation

committee index

committee index

worse signature aggregation

committee index

less efficient

light clients

committee index

worse signature aggregation

committee index

less efficient

light clients

no committee index

0x00 withdrawal credentials

unnecessary friction

0x00 credentials

0x00 withdrawal credentials

unnecessary friction

0x00 credentials

useless

technical debt

0x00 withdrawal credentials

unnecessary friction

0x00 credentials

useless

technical debt

0x01 credentials

proposer rewards

unnecessary variance

proposer rewards

proposer penalties

proposer rewards

unnecessary variance

proposer rewards

pooling incentive

proposer penalties

proposer rewards

unnecessary variance

proposer rewards

pooling incentive

harder

stake capping

proposer penalties

issuance curve

constant

2x too large

square root issuance

issuance curve

constant

2x too large

square root issuance

no stake capping

issuance curve

constant

2x too large

square root issuance

no stake capping

no stake lowerbound

issuance curve

constant

2x too large

square root issuance

no stake capping

no stake lowerbound

cotangent

fork choice bugs

mainnet

liveness issues

fork choice bugs

fork choice bugs

mainnet

liveness issues

fork choice bugs

cat and mouse

fork choice bugs

mainnet

liveness issues

fork choice bugs

cat and mouse

not a great look

fork choice bugs

mainnet

liveness issues

fork choice bugs

cat and mouse

not a great look

provably secure fork choice

ejection balance

0.2% zombie validators

16 ETH ejection balance

ejection balance

0.2% zombie validators

16 ETH ejection balance

unnecessarily harsh

ejection balance

0.2% zombie validators

16 ETH ejection balance

unnecessarily harsh

inflexible

ejection balance

0.2% zombie validators

16 ETH ejection balance

unnecessarily harsh

inflexible

faster ejections

effective balance

1 ETH balance increments

unnecessary complexity

effective balance

1 ETH balance increments

unnecessary complexity

suboptimal compounding

effective balance

1 ETH balance increments

unnecessary complexity

suboptimal compounding

1 Gwei balance increments

slot boundaries

misaligned slot boundaries

arbitrary and unpolished

slot boundaries

misaligned slot boundaries

arbitrary and unpolished

aligned slot boundaries

part 1—painful today

​

part 2—painful in the future

slot duration

incompatible

with SSF?

12sec slot duration

slot duration

incompatible

with SSF?

12sec slot duration

incompatible

with ePBS?

slot duration

incompatible

with SSF?

12sec slot duration

incompatible

with ePBS?

larger slot duration

sync committees

not much adoption today

sync committees

sync committees

not much adoption today

sync committees

long-term unnecessary

sync committees

not much adoption today

sync committees

long-term unnecessary

SNARKed beacon chain

uncapped penalties

no trustless RocketPool

uncapped penalties

uncapped penalties

no trustless RocketPool

uncapped penalties

capped penalties

deposit contract gas usage

no deposit

gas padding

varies with

Merkle position

deposit contract gas usage

no deposit

gas padding

varies with

Merkle position

not proportional to stake

deposit contract gas usage

no deposit

gas padding

varies with

Merkle position

not proportional to stake

deposit gas padding

BLS signatures

not quantum secure

BLS signatures

BLS signatures

not quantum secure

BLS signatures

post-quantum signatures

thank you :)

justin@ethereum.org

beacon chain mistakes

mistakes in hindsight

​

• 32 ETH max effective balance
• suboptimal issuance curve
• 0x00 withdrawal credentials
• high-variance rewards
• committee index
• 16 ETH ejection balance too low
• fork choice rule bugs
• minimum slashing penalties
• parent block roots don't cover the signature
• deposit contract lack of fairness
• misaligned slot boundaries
• effective balance

​

dev pain

​

• endianness
• shuffling
• SSZ

things we may regret

​

• non-updatable withdrawal credentials
• enables Lido and EigenLayer
• 12-sec slot durations
• likely not compatible with SSF
• uncapped penalties
• would have made RP-style LSTs better

​

technical debt

​

• Eth1 data votes and voting period latency

​

long-term unnecessary

​

• sync committees

​

long-term bad

​

• SHA256 not SNARK friendly
• beacon chain not SNARK friendly
• BLS not quantum secure