Eth 2.0 and fund recovery

#1

Testnets are slowly but surely coming online and the pieces for Eth2.0 are starting to come together. As the spec and clients are experimental, bugs can and will happen. Due to this inevitability, funds may eventually be lost, whether by a malicious actor or accidental bug.

I wanted to open the conversation to see what the community sentiment would be regarding fund recovery in the event of bugs occurring in an Eth2 client or the spec. It’d be a sad thing to happen, but I think it’s valuable to ideate where you’d stand to be able to point to in case it occurs; plus this can give potential early participators a signal of how risky their participation will be.

Here are a few different hypothetical stances to illustrate some decision points:

  1. No recovery ever: we already know Eth2 will be risky to play with, participate at your own risk. You’ll accordingly be rewarded well for being one of the first participants and taking said risk. I think under no circumstances should we recover anyone’s lost funds; any bugs will be at your peril.
  2. Spec-bug recovery: we want people to participate without having to fear that errors in the spec will cost them. If a bug in the spec is discovered, we should evaluate its impact, and, if it’s large enough, I will support recovery the funds of those affected.
  3. Client-bug recovery: I support spec-bug recovery, and I’m open to fund recovery for bugs in specific clients (ie. bugs that only occur for users of a specific client implementation). I want multiple client implementations to be viable, and I don’t want it to always be a risk to not use the most popular, most heavily-audited client. If, within the first few months of Eth2, a client has a bug with non-negligible impact, I’d support recovering affected funds.
  4. <your take here!>

It seems that the community has somewhat unconsciously landed on 1; I think 2 is also a nice spot, since I’d hate for a bug to cause all of the early participators of Eth2 to lose all of their stake. The early participants will likely all be developers and the most passionate enthusiasts; either of these groups losing significant amounts of funding would be terrible for the ecosystem as a whole. That said, once the staking system has been online for a few months-a year, I’d inch my stance closer to 1, as the chances of a bug decrease. Anything more flexible than 2 feels a bit tougher to support to me, but I’m open to being convinced.

Thanks for reading! :grin:

1 Like
#2

I would love to stake my ETH early on, but the no recovery ever is what scares me the most.

2 Likes
#3

I think the general consensus would be that if funds are lost due to a protocol-level bug / malfunction affecting a large number of users and potentially compromising trust in mechanisms like staking, then there might be a more legitimate expectation of recovery.

If a mistake affecting just one client implementation were to occur, then I think that this could be more contentious.

If the error is at the dapp or L2 layer, then consensus seems to be that recovery is not possible.

3 Likes
#4

I think the general consensus would be that if funds are lost due to a protocol-level bug / malfunction affecting a large number of users and potentially compromising trust in mechanisms like staking, then there might be a more legitimate expectation of recovery.

Is this the general consensus? As I mentioned in the OP, my impression is that the community has unconsciously arrived on the “no recovery, experiment at your own risk (or reward)” stance. I’m interested to hear more people chiming in on what they think the consensus is and which position makes the most sense to themselves personally.

If most people feel that some leeway wrt fund recovery should be given, then that’s great, and people considering participating in staking should be aware that their risk is correspondingly decreased. I don’t expect any guarantee of safety of funds, but any stances more lenient than “no recovery ever” is a positive signal.

1 Like
#5

I would think the consensus is going to sway depending on whether you’re talking to someone who intends to sit on the sidelines vs someone who intends to stake ether early. The best approach IMO will be to give consumers as much information as possible in order for them to make an honest assessment about the risk/reward here. Rule #1 - never invest more than you’re willing to lose.

That being said, we’re in kind of a weird position here because theoretically the more ether that is staked, the safer the network will become. The adoption rate alone will be interesting to see just how it plays out. I lean more towards the “experiment at you’re own risk” ideology, however I don’t think it has to be an all or nothing approach.

#6

I lean towards a spec bug recovery in the short to mid term, with client bug recovery being default no, but subject to change if consensus is broad.

1 Like
#7

No protocol-level fund recovery, please. Not ever.

If it’s risky, let it be risky.

1 Like