When crypto developer OP Labs rolled out software a year ago that made it easy for companies to set up their own distributed networks on top of the Ethereum blockchain, the option quickly became so popular that it attracted the likes of major US crypto exchange Coinbase who used the platform to build its new blockchain, Base.
But in recent months, tech experts have become aware of a crucial flaw in the design: that networks based on the OP Labs software were missing an element known as “fault proofs” that is theoretically at the heart of their operations.
OP Labs officials have repeatedly said that putting bug tests into service was a top priority — so much so that the project even got its own name: “Cannon.” The lack of the safety feature has been likened to driving a fast car without airbags.
On Tuesday, OP Labs took the first step toward addressing the concerns, launching bug proofs on a test network known as OP Goerli Testnet.
Error proofs, also called fraud proofs, are at the core of optimistic rollup technology, a system for connecting layer 2 blockchains or “rollups” to primary layer 1 blockchains such as Ethereum; the technology is used to ‘prove’ that certain data from the package can or cannot be trusted.
But projects that rely on the technology are still in various stages of adolescence. Arbitrum, another optimistic package, currently relies on about a dozen designated validators to handle fraud proofs, but is pushing to expand that to become a “permissionless” system.
Optimism, a layer-2 blockchain on top of Ethereum that served as a template for OP Stack’s software, had previously released flaws on its main network but removed them due to security concerns, OP Labs CEO Karl Floersch told CoinDesk in an interview.
“What we essentially did was we ended up building a first pass, realizing that this wasn’t the sustainable path forward, going to the drawing board, re-imagining the way this system works, and then fast forward a year and a year . half, and we’re actually seeing the fruits of those design decisions,” Floersch added.
Some blockchain experts have argued that rollup technology without fault proofs poses a security risk because transactions are unsafe or can be spoofed.
Deploying fault proofs on the test network, or ‘testnet’, is the first step towards deploying them on the OP Stack. OP Labs says the software should also eventually be able to support so-called ‘zero-knowledge’ proofs, which rely on a promising cryptographic technology that could be used as an alternative to fault proofs.
Martin Köppelmann, a longtime Ethereum developer and co-founder of the Gnosis blockchain, tweeted in August when Coinbase’s Base went live that until bug proofs are added, “all ~$3 billion that are in the Optimism and Base bridges, can be taken anytime, and users can’t do anything about it.”
Floersch said he was aware of the criticism, but told CoinDesk he believed blockchain projects needed to first address governance and decentralization to provide proof of fault.
To reach that stage, known as Phase 2 decentralization, Floersch said OP Labs mapped out the network’s architecture in February to decentralize certain elements of the protocol.
“Until there is phase two decentralization, fault-proofing is not something that is the primary source of security in your chain,” Floersch told CoinDesk. “If governance can override fault resilience, then fault resilience is useful, but it’s not the thing you rely on as a primary source of security.”
Read more: Ethereum’s Layer 2 rollups reduce costs, but the risks are underappreciated
