Is Distributed Validator Technology still relevant in 2024?
Doctor, how much time do I have left? A new Ethereum update could make DVT obsolete
10 min
292
“What if control and centralization are fundamentally flawed concepts?" Satoshi Nakamoto idealistically suggested once. “What if, in the real world, things inevitably gravitate toward centralization?" the teams behind Lido and Geth Client argued much later by organically pulling a crowd of crypto enthusiasts in.
Ethereum Network Health, Late November 2024. Source Ethroadmap.com
As of late November 2024, CoinGecko puts the total Ether supply at a neat 120 million ETH. This number reflects all the Ether ever minted, minus any that's been burned away. Dune Analytics tells us that a hefty 28.34% of this, which adds up to 34,747,040 ETH, is staked. Out of this 28.34% chunk, Lido manages 27.99%.
Source Dune
This level of staking share concentration raises valid concerns about network security and performance. A potential glitch or attack on Lido protocol could disrupt block confirmations and impact the entire Ethereum network. Such an amount of validators going offline could also negatively affect the rewards and even the initial stakes of its users.
Lido has introduced Distributed Validator Technology (DVT) through a few market players, such as Obol, SSV, and SafeStake Pilot TestNet to distribute validator keys across multiple nodes, and enhance security and decentralization. But while the protocol has been popularizing DVT, it's important to recognize that the concept is the result of collective efforts from various researchers and developers within the whole Ethereum community.
Let’s take a closer look at the way Ethereum operates under the hood to understand why DVT is needed and how it actually tackles the centralization challenge in practice.
According to Ethroadmap.com, “Distributed Validator Technology allows multiple participants to collaboratively manage the responsibilities of a single validator. The goal of distributing validator execution across multiple nodes is to improve the resilience of the validator (safety, liveness, or both), compared to running a validator on a single machine. So long as at least ⅔ of the validators in a DVT setup are functional, the others can go offline, perform poorly, or even be hacked without as severe, or any, penalties being incurred. More than just increasing a validator's resilience via redundancy, a significant advantage of DVT is that it facilitates staking with less than the standard requirement of 32 ETH by pooling resources from multiple stakeholders. This makes participation in the validation process more accessible to individuals with smaller amounts of ETH, further democratizing the process and broadening network participation. DVT did not require changes to mainnet, and similar to liquid staking, is an extra protocol innovation.”
Understanding Distributed Validator Technology (DVT)
Why Non-Distributive Validators on Ethereum Could Threaten the Network
In terms of secure operations on a blockchain, you probably already know how distinct methods or protocols like proof-of-stake (PoS), proof-of-work (PoW), proof-of-authority (PoA), etc., serve similar purposes but in different contexts. Being components of a consensus mechanism, they ensure that only honest and legitimate participants can validate transactions and propose blocks and earn rewards for performing their duties. Proof-of-stake (PoS), which Ethereum operates under, is one such protocol.
It is a way for validators to show they've committed something valuable to the network, which they could lose if they act dishonestly. In Ethereum's version of proof-of-stake, validators lock up ETH into a smart contract. They are then responsible for checking that new blocks on the network are valid and sometimes creating and sharing new blocks themselves. If a validator tries to cheat, like by proposing more than one block when they should only propose one or sending conflicting messages, they risk losing some or all of their staked ETH.
To become a validator, as of 2024, a user needs to deposit 32 ETH into the deposit contract and run three types of software: an execution client, a consensus client, and a validator client. After depositing their ETH, they enter a queue, which controls how fast new validators can join. Once activated, validators receive new blocks from other Ethereum users. They re-check the transactions in those blocks to make sure everything is valid and verify the block’s signature. Then, the validator sends a vote (called an attestation) to approve the block across the network, and over time is randomly selected to propose a new block in a specific slot. However, the randomness is weighted based on the amount of ETH a validator has staked. This means that validators with larger stakes have a higher probability of being chosen to produce a block.
Validators who are selected to propose a new block receive a reward for successfully creating and broadcasting it to the network and validating and voting on blocks proposed by others. Transaction fees are included in the block rewards alongside the base reward for proposing and attesting to blocks — and this is basically how Ethereum works.
That said, with services like Lido, Coinbase, Binance, Rocket Pool, Renzo, Everstake, etc., managing a significant share of staked ETH, the problem of a single point of failure arises. If something goes wrong with Lido or its validators—such as downtime, software bugs, or a cyberattack—it could affect a substantial portion of the Ethereum network.
Key Risks associated with non-distributive validators operating Ethereum network:
Centralization of Stake: Validators with large amounts of ETH have a higher probability of being selected to propose blocks and earn rewards. Over time, this can concentrate power in the hands of a few wealthy participants, undermining the decentralized nature of Ethereum.
Barrier to Entry: The requirement of 32 ETH to become a validator is a significant investment, which limits participation to those with substantial resources. This could exclude smaller investors and discourage broader network participation.
Censorship Risks: Centralized validators may be subject to regulatory pressures or other external influences, potentially leading to censorship of transactions or manipulation of the blockchain.
Economic Attacks: Validators with substantial stakes might have economic incentives to engage in selfish mining, double-spending, or collusion to maximize profits at the expense of network security.
Network Stability: A high concentration of validators in specific geographic regions or under certain operators increases the risk of single points of failure, such as outages or attacks on specific regions or entities.
How Distributed Validators Work under the Hood
A non-distributive validator (BN) connected to the Beacon Chain can be a single point of failure in a current Ethereum architecture since the validator (VC), signing transactions, has the entire private key
Take a quick look at the figure above. You can see a Beacon Node, which is a vital part of Ethereum's Proof-of-Stake consensus mechanism. Beacon Nodes perform essential tasks such as managing validator registries, coordinating block proposals, and ensuring synchronization across the network. However, it is the validators connected to these Beacon Nodes that carry out critical operations like signing attestations and proposing new blocks.
If an attacker gains access to a validator’s private key, they can use it to sign malicious or contradictory data or impersonate the validator. Once a signature is broadcast to the network, it becomes an immutable part of Ethereum's ledger. Accidental or malicious double-signing cannot be undone and results in slashing penalties, which can cause the validator to lose part or all of their staked ETH.
While multiple vulnerabilities exist, poor key management is often the most significant single point of failure. To mitigate these risks, validators must adopt robust security practices: use hardware wallets or secure enclaves for key management, implement software that prevents double-signing or enforces safety checks, maintain separate keys for primary and backup nodes to avoid accidental double-signing, and distribute validator operations across independent setups rather than relying on centralized validators or staking pools.
This brings us to the core of what we’re discussing today: a more resilient Ethereum architecture that involves distributed validators.
Secret-shared validator infrastructure for Eth2.0
Looking at the architecture diagram carefully, you can say that the Validator (V1-V4 with their corresponding keys) is distributed. Here's why:
The keys (key₁, key₂, key₃, key₄) shown at the bottom of the diagram with their respective validators (V1-V4) indicate that the validator key itself is being split and distributed.
The "SSV" in SSV1-SSV4 stands for "Secret Shared Validator," which is a technology specifically designed to distribute validator keys across multiple operators.
The 3-of-4 signature combination at the end suggests that the validator's signing power is what's being distributed, requiring 3 out of 4 parts of the distributed validator key to sign.
The Beacon Nodes serve as connection points to the Ethereum network for each portion of the distributed validator and help synchronize the network.
The real magic, though, happens in the middle (the Consensus layer) - it's like a round table where all these components come together to make decisions. But here's the clever part: the system doesn't need everyone to agree all the time. Instead, it uses a "3-of-4 signature combination," which means that any three out of the four components need to agree for a decision to be valid.
The end result is a highly resilient Eth2 Validator that can continue operating even if one part of the system goes down. It's like having a safety net under your safety net - ensuring that your validator keeps running smoothly and securely, no matter what happens.
How Distributive Validators Sign the Proposed Blocks, Attestations, and Summaries of the Blockchain's State
At the heart of DVT lies Shamir's Secret Sharing, a cryptographic method used to divide a private key into multiple "key shares". Each validator operator in the network holds one of these shares, and together, they are able to reconstruct the full private key through a threshold signature scheme. This scheme dictates how many individual shares are needed to sign a block — for instance, 3 out of 4 key shares might be required to validate and propose a block. This means that even if one or two operators are unavailable or compromised, the system can still function securely, as long as enough shares are present to form a valid signature.
The key shares themselves are generated through Distributed Key Generation (DKG), a cryptographic process that ensures these shares are distributed to the nodes in the validator cluster in a secure manner. No single party has access to the full validator key; instead, each operator only knows their own "share" of it, ensuring that the full key remains secret throughout the validation process.
Once the key shares are distributed, the system employs Multiparty Computation (MPC) to create the full validator key in secret. The beauty of MPC is that the full key is never fully exposed to any individual operator or node.
The final step in the DVT process occurs through the consensus protocol, which is responsible for selecting a block proposer from the cluster of validators. Once chosen, the proposer shares the block with the other nodes, who then add their key shares to the aggregate signature. Once enough key shares have been gathered — as dictated by the threshold signature scheme — the block is successfully proposed to Ethereum.
Lido and their DVT Pilots
But what about Lido? Their pilots with providers like Obol, SSV, and SafeStake highlight DVT’s potential for resilience and inclusion, despite a few challenges. In April 2024, Lido tested DVT with SafeStake on a testnet for the Ethereum blockchain, designed to simulate real-world conditions for testing purposes, Holesky. The test involved 17 participants across 13 countries. Five clusters used diverse setups—bare-metal servers, home machines, and cloud services. A notable limitation was the lack of Distributed Key Generation (DKG), which increases trust dependencies.
The SafeStake pilot showcased mixed results. Validators achieved an impressive uptime of 91.86%, reflecting solid operational reliability. However, attestation effectiveness stood at 71.56%, and block proposal success lagged at 10.59% due to misconfigurations in the MEV-Boost setup. These metrics highlight both the strengths and areas for improvement in distributed staking. A software update caused a slashing event, affecting 15 validators, underscoring the need for better version management. Although the SafeStake testnet proved the concept’s viability, several improvements and further testing are essential before the next Holesky testnet integration with the Lido protocol.
As of end 2024, Lido has 136,000 ETH successfully running on its DVT technology, and while Ethereum requires 32 ETH to become a validator, this technology is proving its value. If or when the Ethereum development team decides to lower the requirement to 1 ETH for becoming a validator, things could change.
