Alert Source Discuss
⚠️ Draft Standards Track: Core

EIP-7251: Increase the MAX_EFFECTIVE_BALANCE

Allow validators to have larger effective balances, while maintaining the 32 ETH lower bound.

Authors mike (@michaelneuder), Francesco (@fradamt), dapplion (@dapplion), Mikhail (@mkalinin), Aditya (@adiasg), Justin (@justindrake)
Created 2023-06-28
Discussion Link https://ethereum-magicians.org/t/eip-7251-increase-the-max-effective-balance/15982
Requires EIP-7002

Table of Contents

Abstract

Increases the constant MAX_EFFECTIVE_BALANCE, while keeping the minimum staking balance 32 ETH. This permits large node operators to consolidate into fewer validators while also allowing solo-stakers to earn compounding rewards and stake in more flexible increments.

Motivation

As of October 3, 2023, there are currently over 830,000 validators participating in the consensus layer. The size of this set continues to grow due, in part, to the MAX_EFFECTIVE_BALANCE, which limits the stake of a single validator to 32 ETH. This leads to large amounts of “redundant validators”, which are controlled by a single entity, possibly running on the same beacon node, but with distinct BLS signing keys. The limit on the MAX_EFFECTIVE_BALANCE is technical debt from the original sharding design, in which subcommittees (not the attesting committee but the committee calculated in is_aggregator) needed to be majority honest. As a result, keeping the weights of subcommittee members approximately equal reduced the risk of a single large validator containing too much influence. Under the current design, these subcommittees are only used for attestation aggregation, and thus only have a 1/N honesty assumption.

With the security model of the protocol no longer dependent on a low value for MAX_EFFECTIVE_BALANCE, we propose raising this value while keeping the minimum validator threshold of 32 ETH. This increase aims to reduce the validator set size, thereby reducing the number of P2P messages over the network, the number of BLS signatures that need to be aggregated each epoch, and the BeaconState memory footprint. This change adds value for both small and large validators. Large validators can consolidate to run fewer validators and thus fewer beacon nodes. Small validators now benefit from compounding rewards and the ability to stake in more flexible increments (e.g., the ability to stake 40 ETH instead of needing to accumulate 64 ETH to run two validators today).

Specification

Constants

Name Value
COMPOUNDING_WITHDRAWAL_PREFIX Bytes1('0x02')
MIN_ACTIVATION_BALANCE Gwei(2**5 * 10**9) (32 ETH)
MAX_EFFECTIVE_BALANCE Gwei(2**11 * 10**9) (2048 ETH)

Execution layer

This requires no changes to the Execution Layer.

Consensus layer

The defining features of this EIP are:

  1. Increasing the MAX_EFFECTIVE_BALANCE, while creating a MIN_ACTIVATION_BALANCE. The core feature of allowing variable size validators.
  2. Allowing for multiple validator indices to be combined through the protocol. A mechanism by which large node operators can combine validators without cycling through the exit and activation queues.
  3. Permitting validators to set custom ceilings for their validator to indicate where the partial withdrawal sweep activates. Allows more flexibility in defining the “ceiling” of a validator’s effective balance.
  4. Adding execution layer partial withdrawals (part of EIP-7002). Allowing Execution Layer messages to trigger partial withdrawals in addition to full exits (e.g., a 100 ETH validator can remove up to 68 ETH without exiting the validator).
  5. Removing the initial slashing penalty (still in discussion). This reduces the risk of consolidation for large validators.

The Rationale section contains an explanation for each of these proposed core features. A sketch of the resulting changes to the consensus layer is included below.

  1. Add COMPOUNDING_WITHDRAWAL_PREFIX and MIN_ACTIVATION_BALANCE constants, while updating the value of MAX_EFFECTIVE_BALANCE.
  2. Create the PendingDeposit container, which is used to track incoming deposits in the weight-based rate limiting mechanism.
  3. Update the BeaconState with fields needed for deposit and exit queue weight-based rate limiting.
  4. Modify is_eligible_for_activation_queue to check against MIN_ACTIVATION_BALANCE rather than MAX_EFFECTIVE_BALANCE.
  5. Modify get_validator_churn_limit to depend on the validator weight rather than the validator count.
  6. Create a helper compute_exit_epoch_and_update_churn to calculate the exit epoch based on the current pending withdrawals.
  7. Modify initiate_validator_exit to rate limit the exit queue by balance rather than the number of validators.
  8. Modify initialize_beacon_state_from_eth1 to use MIN_ACTIVATION_BALANCE.
  9. Modify process_registry_updates to activate all eligible validators.
  10. Add a per-epoch helper, process_pending_balance_deposits, to consume some of the pending deposits.
  11. Modify get_validator_from_deposit to initialize the effective balance to zero (it’s updated by the pending deposit flow).
  12. Modify apply_deposit to store incoming deposits in state.pending_balance_deposits.
  13. Modify is_aggregator to be weight-based.
  14. Modify compute_weak_subjectivity_period to use the new churn limit function.
  15. Add has_compounding_withdrawal_credential to check for the 0x02 credential.
  16. Modify is_fully_withdrawable_validator to check for compounding credentials.
  17. Add get_validator_excess_balance to calculate the excess balance of validators.
  18. Modify is_partially_withdrawable_validator to check for excess balance.
  19. Modify get_expected_withdrawals to use excess balance.

Rationale

This EIP aims to reduce the total number of validators without changing anything about the economic security of the protocol. It provides a mechanism by which large node operators who control significant amounts of stake can consolidate into fewer validators. We analyze the reasoning behind each of the core features.

  1. Increasing the MAX_EFFECTIVE_BALANCE, while creating a MIN_ACTIVATION_BALANCE.
    • While increasing the MAX_EFFECTIVE_BALANCE to allow larger-stake validators, it is important to keep the lower bound of 32 ETH (by introducing a new constant – MIN_ACTIVATION_BALANCE) to encourage solo-staking.
  2. Allowing for multiple validator indices to be combined through the protocol.
    • For large staking pools that already control thousands of validators, exiting and re-entering would be extremely slow and costly. The adoption of the EIP will be much higher by allowing in-protocol consolidation.
  3. Permitting validators to set custom ceilings for their validator to indicate where the partial withdrawal sweep activates.
    • To get access to rewards, validators might want the flexibility to set custom ceilings for their effective balance. This gives them more optionality and is a clean way to continue supporting the partial-withdrawal sweep (a gasless way to extract rewards).
  4. Adding execution layer partial withdrawals (part of EIP-7002).
    • For validators that choose to raise their effective balance ceiling, allowing for custom partial withdrawals triggered from the execution layer increases the flexibility of the staking configurations. Validators can choose when and how much they withdraw but will have to pay gas for the EL transaction.
  5. Removing the initial slashing penalty (still in discussion).
    • To encourage consolidation, we could modify the slashing penalties. The biggest hit comes from the initial penalty of 1/32 of the validator’s effective balance. Since this scales linearly on the effective balance, the higher-stake validators directly incur higher risk. By changing the scaling properties, we could make consolidation more attractive.

Backwards Compatibility

This EIP introduces backward incompatible changes to the block validation rule set on the consensus layer and must be accompanied by a hard fork. These changes do not break anything related to current user activity and experience.

Security Considerations

This change modifies committees and churn, but doesn’t significantly impact the security properties.

Security of attestation committees

Given full consolidation as the worst case, the probability of an adversarial takeover of a committee remains low. Even in a high consolidation scenario, the required share of honest validators remains well below the 2/3 supermajority needed for finality.

Aggregator selection

In the original sharding roadmap, subcommittees were required to be secure with extremely high probability. Now with the sole responsibility of attestation aggregation, we only require each committee to have at least one honest aggregator. Currently, aggregators are selected through a VRF lottery, targeting several validator units that can be biased by non-consolidated attackers. This proposal changes the VRF lottery to consider weight, so the probability of having at least one honest aggregator is not worse.

Proposer selection probability

Proposer selection is already weighted by the ratio of their effective balance to MAX_EFFECTIVE_BALANCE. Due to the lower probabilities, this change will slightly increase the time it takes to calculate the next proposer index.

Sync committee selection probability

Sync committee selection is also already weighted by effective balance, so this proposal does not require modifications to the sync protocol. Light clients can still check that a super-majority of participants have signed an update irrespective of their weights since we maintain a weight-based selection probability.

Churn invariants

This proposal maintains the activation and exit churn invariants limiting active weight instead of validator count. Balance top-ups are now handled explicitly, being subject to the same activation queue as full deposits.

Copyright and related rights waived via CC0.

Citation

Please cite this document as:

mike (@michaelneuder), Francesco (@fradamt), dapplion (@dapplion), Mikhail (@mkalinin), Aditya (@adiasg), Justin (@justindrake), "EIP-7251: Increase the MAX_EFFECTIVE_BALANCE [DRAFT]," Ethereum Improvement Proposals, no. 7251, June 2023. [Online serial]. Available: https://eips.ethereum.org/EIPS/eip-7251.