Analyze the multi-security model of Cosmos Hub and the new Blockchain security strategy

Author: Haibo Jiang, PANews

On January 12th, Jehan Tremback, Head of Cosmos Hub Product at Informals, initiated a discussion on “Permissionless vs. Lightweight Licensing Selective Onboarding to the Consumer Chain” on the Cosmos Hub forum. Competing with “inter-chain security” solutions such as Eigenlayer/Ethos and Mesh Security, Cosmos Hub is likely to accelerate its presence in this space through consumer chains.

Jehan is also a #187的发起人 of the Cosmos Proposal, in which Cosmos Hub introduces “replication security” through the V9 Lambda upgrade, enabling Cosmos Hub to lease its own security to consumer chains (e.g., Neutron, Stride) and also increasing ATOM value capture capabilities. Interchain security is a broader term in the “shared security” protocol, and replication security is just one of the solutions, in the use case of Cosmos Hub, every validator of Cosmos Hub needs to run every consumer chain, so that each consumer chain has exactly the same security as Cosmos Hub. But this also limits the use of consumer chains, all of which need to be pre-approved by Cosmos Hub governance, and each consumer chain also requires each validator to run a separate Tendermint Node, so the cost of validators will also increase, which is not suitable for low-cost consumer chains.

Jehan discussed two new options for joining the consumer chain, a transaction-based permissionless approach and an opt-in option that requires lightweight permissions.

The first is a completely permission-free transaction-based solution:

• In this scheme, any developer can launch their own consumer chain by submitting a transaction to the Cosmos Hub that declares a unique chain ID.
• Validators opt-in to this new chain by submitting their own transactions.
• As more validators join, the more secure the chain becomes.
• The advantage of this solution lies in its simplicity and openness, and there are theoretically no barriers to the start of the consumer chain. However, it has the disadvantage of requiring developers to actively communicate with validators to get them to join the new chain, which may need to be done through social platforms or other informal channels.

In the second scenario, which is opt-in via proposal (Lightweight licensing):

• Developers of consumer chains need to submit a governance proposal to Cosmos Hub to launch their chains.
• Validators vote on the proposal and can choose to support (YES), oppose (NO), or abstain (ABSTAIN).
• If the vote is successful, then validators who voted YES will automatically become part of the new chain.
• The benefit of this solution is that it leverages the governance mechanisms that already exist, allowing validators to vote and make decisions using a familiar platform. At the same time, it also raises the technical threshold for launching a new chain, as it needs to pass a certain voting ratio and quorum.

Both options have their own advantages and problems, and the opt-in option through the proposal is more similar to the onboarding process of the existing consumer chain, requiring less development work, but also a certain threshold, which needs to reach a specific turnout and support rate. Permissionless is the trend and is already planned, but since each consumer chain has a unique chain ID, if everyone can claim a chain ID without permission, it can lead to chain ID squatting.

In addition, there is a “Top-N” scheme in other discussions on the Cosmos Hub forum, in which the top n% of the validator set will be obligated to run the consumer chain. Here again, there are two derivative situations, inclusive and exclusive. In an inclusive scheme, all other validators can opt in or out, while in an exclusive scheme, smaller validators will not be able to run such consumer chains.

With the exception of replication security, all of the above schemes can be run using only a subset of the existing Cosmos Hub validator set, so the security is theoretically inferior to replication security, and the security of each scheme is different.

Back in May 2023, Jehan compared three commonly used interchain security schemes, including replication security, opt-in security, and mesh security. Replication security requires all validators to run each consumer chain, providing very strong security guarantees, but with performance and cost issues. Opt-in security allows validators to choose whether or not to join the consumer chain, providing more flexibility but facing the challenges of security Fluctuation and “subset problems.” Mesh security and similar schemes are a popular model recently, mesh security allows staked tokens on one chain to be staked again to another chain to secure other chains, because this design allows chains to enhance each other’s security in both directions, which is why it is called “mesh”. BTC staked in Babylon and ETH staked in Eigenlayer can also be used to provide security for other chains, which borrow from the idea of mesh security but use other encryption techniques.

As can be seen from the above, Cosmos Hub is trying to try more security solutions in addition to the existing replication security. The future consumer chain should have a variety of forms, including replication security consistent with Cosmos Hub, completely permissionless joining solutions, and possibly other lightweight licensing solutions or Top-N solutions to meet different security needs and provide more value capture capabilities for ATOM.