What is Distributed Validator Technology (DVT)?
How DVT works Distributed Validator Technology is a new mechanism designed to make node management on Ethereum more decentralized. So what is Distributed Validator Technology (DVT)? How does this distributed validator technology work?
What is Distributed Validator Technology (DVT)?
Distributed Validator Technology (DVT, or distributed validator technology) is a method that helps increase the security of validators on Ethereum, allowing multiple parties to operate a validator, by splitting the validator's private key into many parts and dividing it. for parties to manage and sign to authenticate transactions.
For example: In the old design, instead of a node running a validator. DVT allows multiple nodes to run the same validator. During the consensus process, each time a validator needs to validate a block and receive a block reward, all nodes are required to sign the transaction.
The purpose of DVT is to reduce single points of failure and increase the resilience of validator nodes, while increasing decentralization on the Ethereum blockchain network.
On the user side, participating in staking on DVT integrated protocols will also help optimize staking rewards and minimize the risk of losing ETH due to slashing.
Why is distributed validator technology (DVT) necessary?
After the success of The Merge event, the Ethereum network switched from Proof-of-Work (PoW) to Proof-of-Stake (PoS) consensus model, helping this blockchain consume less energy than before. . This conversion also brings wider profit opportunities to ETH holders.
Previously, users who wanted to become validators on Ethereum needed to stake the required amount of ETH (32 ETH) and set up computer hardware to run the node. Users can now stake ETH into staking services and earn staking rewards, which will pool the necessary amount of ETH to set up and run validator nodes on the Ethereum network, then distribute a portion rewards for users (stakers).
However, this PoS model also brings many notable risks to both validators and stakers, especially centralization. Some popular staking platforms with high reputation and profitability will attract more users to stake ETH, thereby leading to the staking market being concentrated on a few big names, such as Lido, Coinbase, RocketPool, StakeWise... In the negative case, if validators operated by these protocols are fined, errored, hacked, banned... it will have a major impact on the entire Ethereum network.
Among them, Lido Finance is the protocol holding the largest amount of staked ETH today, accounting for 31.69% of the amount of ETH staked on the Ethereum network, data as of February 17, 2024 (source here). This causes Lido to have a very high level of "centralization" as it mainly uses Node Operators that specialize in providing node staking services on the market.
From there, the need to develop Distributed Validator Technology (DVT) gradually emerged to solve these problems, while ensuring the decentralization of ETH as the network continues to grow stronger.
How does DVT work?
In essence, DVT will divide responsibility and ownership of private keys to many entities (called operators) running a validator node.
Normally, each validator node will be managed by a private key. This means that key holders can make decisions unilaterally, even if they are not in the best interest of the network.
However, by splitting keys into multiple parts and sharing them with different operators to distribute key ownership, DVT helps divide these small keys into many different roles and responsibilities in validator node management. . These keys will be organized in a "cluster" model to separate their roles. For example:
- Part of the key will be delegated to the block proposer.
- Other parts of the key can be held by managers, whose role is to certify the validity of new blocks and manage reward distribution.
This mechanism of dividing a validator's key according to different roles helps DVT reduce centralization on the network, while promoting validator node management more effectively. Because there are multiple parties involved in signing from a single node, the risk of errors or penalties is also lower than storing the privakey on a single point.
From a technological perspective, the Distributed Validator Technology (DVT) solution includes five basic components:
- Shamir's Secret Sharing mechanism: Helps separate keys into different parts with different functions, along with BLS keys mechanism to combine signatures from operators operating the node.
- Threshold Signature Scheme (TSS): Helps determine the number of BLS signatures needed to authenticate transactions on a node. For example, only 3 out of 4 signatures are needed for the transaction to be authenticated by that node.
- Distributed Key Generation (DKG): Is the cryptographic process responsible for generating small portions of keys and distributing them to the DVT set of new or existing authenticating nodes.
- Multiparty computation (MPC): Responsible for secretly generating the full private key for the validator. This design helps ensure that no single node operator can know the entire private key, instead they only know their portion of the key.
- Consensus protocol: Responsible for choosing a node to act as a block proposer. The Proposer will share the new block with other nodes in the DVT set, then the nodes will add a signature to validate the block. Once the threshold number of signatures is met (or exceeded), the new block will be proposed to the Ethereum network.
Benefits of Distributed Validator Technology (DVT)
Distributed Validator Technology (DVT) brings a number of benefits to the Ethereum network such as increased decentralization and security, reducing the risk of a single point of failure. Decentralization With the DVT solution, projects that provide staking services such as Lido or RocketPool can still exist while maintaining decentralization on the network. This is because each validator's keys are distributed across many different machines (nodes), and that validator would need greater "collusion" to be able to perform any malicious behavior against the network.
Without DVT, staking services only support one or two client configurations for all validators, increasing the impact of client failure on the entire network. However, using DVT will help spread the risk across many different client and hardware configurations, increasing resiliency for validator nodes.
Security
Normally, the validator will have two key pairs including:
- Validator key to participate in consensus.
- Withdrawal key to access internal assets.
Validators can secure withdrawal keys by cold storage (offline, without internet), however validator keys must be stored online 24/7. If a validator key is compromised, an attacker can gain control of that validator and lead to possible slashing or loss of staked ETH.
However, when using DVT, stakers can participate in staking ETH on staking projects while still ensuring the validator key is safe and secure. Through the above operating mechanism, DVT will encrypt and separate the validator's private key into many parts to distribute to many management parties. Then aggregate them secretly when needed to authenticate transactions and ensure that no one knows the entire key.
These processes are performed separately by different components to ensure the best transparency and security in the system.
Limit the risk of a single point of failure
When a validator is divided into multiple operators and different computers, it can still operate normally online even if an individual machine has a hardware or software failure. At the same time, the risk of errors can also be reduced by using diverse hardware and software configurations on nodes within a DVT set.
If one component of a computer in the DVT set fails (for example, a validator with four operators, including one using a failed client), the remaining components will ensure that the validator can still continue running without any problems. This also helps create fault tolerance for validator nodes in the network.
Applications of Distributed Validator Technology (DVT)
Independent Staking (solo) Instead of using staking services, users can stake ETH and operate individual validators independently, along with using the DVT solution to split and distribute validator keys on remote nodes, simultaneously.
At the same time, you can still keep the key in an offline environment as you like. In other words, stakers do not necessarily have to spend money on hardware to still be able to run an independent validator node. Furthermore, key distribution will help increase security against potential attacks from hackers.
Staking-as-a-Service (SaaS)
Staking service providers (e.g. staking pools) that must manage multiple validators can also use DVT solutions to reduce the risk of mass attacks or shutdowns. Through infrastructure distribution (separating keys and dividing them among many different nodes to manage), they can add a layer of redundancy to their operating model and diversify the types of hardware to operate. execute node.
Besides, DVT shares the responsibility of key management across multiple nodes, from which the staking service can share some operating costs with the node, reducing operational risks and insurance costs such as equipment maintenance, software…
Staking pools
Each validator has its own standards to set, so operators in staking pools and liquid staking projects will have different levels of trust, as each protocol will have different profit and loss levels and reward distributions. .
Furthermore, these protocols will also be heavily dependent on individual operators because they manage their own keys and the amount of ETH staked independently. This can pose a major risk to the protocol and users if these operators perform poorly, stop working, are compromised, or behave maliciously for any reason.
By integrating the DVT solution, staking pool and liquid staking protocol it is possible to significantly reduce the need to place trust in operators, because:
- Pools can allow operators to hold staked ETH without having to give control of the validator key, but instead a portion of the key.
- The amount of ETH staked can also be distributed and managed by multiple operators, helping to reduce centralization risk. For example: Instead of just one operator managing 1,000 validators, these 1,000 validators can now be jointly operated by more operators.
- Each operator will have a different configuration, helping to ensure that if one operator stops working, the other operators can still perform their roles smoothly without being affected. This diversification in configuration will help deliver better validator performance and resiliency, while also helping to maximize staking and node running rewards.
On November 3, 2023, Lido Finance approved a proposal to test Distributed Validator Technology (DVT), cooperating with two projects Obol Network and SSV Network. The above testing period will be limited to 0.5% of the total value locked on Lido. Among them, Obol Network is the leading and strongest growing name in the DVT segment on the market today.
The integrated DVT solution will help minimize risks related to centralization, increase validator performance and recovery, thereby helping users' staking experience be optimized.
Limitations of DVT
However, DVT still has some limitations and potential risks that it can cause on the network. First, adding such an additional component to ETH's mechanism could make the network more vulnerable to new attacks.
Second, implementing DVT though could make it possible for staking protocols to share operating costs across nodes. However, in general, overall operating costs will likely increase and network latency (latency) will also increase, because the node's consensus is now divided among more parties.
These risks and limitations can be minimized if DVT protocols are implemented carefully and with the above issues in mind. Furthermore, from a broader perspective, a small increase in cost and latency may be a reasonable opportunity cost for improving security on the network.