Luohan Academy

Slashing Enforcement and the Limits of Smart Contract

Event materials

  • Zhiguo He transcript

    Zhiguo He is the Fuji Bank and Heller Professor of Finance, University of Chicago, Booth School of Business. Professor He is interested in the implications of agency frictions and debt maturities in financial markets and macroeconomics with a special focus on contract theory and banking. Professor He shared his views on the slashing enforcement and the limits of smart contract at the 4th Luohan Academy Frontier Dialogue.


Zhiguo He :

Thank you. Thanks. I don't think I need 15 minutes, but it's great to be part of this team, to talk about related issues. What Cam was talking about, Raphael and Hanna is pretty much on the same issue, where I would like to point out one thing that, as a contract theorist, immediately get down to it. And I think that I'm still keeping up with the progress of the technology, so I'll to reflect on the economics behind it. So, I was a long time biggest supportive for proof of stake, although computer scientists seem to tell me a lot of glitches of the technology side, of how to make the proof of stake fair. These types of questions, which is a fascinating discussion with them, but for economists to feel like this is just such a great idea.You have a slashing penalty as an important part of extensive provision to prevent wrongdoing. Validators, they're going to put their deposits there, something there, so that if you did something wrong, it gets slashed, or it gets penalized, for protocol, misbehavior, or rewarded for being good citizens. So, carrots and sticks, that's everything we learn as economists. So, it gets implemented by smart contracts. And whenever we think about smart contracts, as economists, they will say, "Oh, okay, you have a input. Then you have something. And then, if you did something wrong, then it gets penalized." Right? It's great. So indeed, you see that in the practice, you check the... This is Ethereum 2.0. It has been implemented. People do get penalized. You see that? And that's great.

 "Wait a second" is something that is always in my mind. You chatted with Hanna, also many other people, is just who manages these smart contracts? I mean, in a way, we are in a decentralized world. Once you recognize this, then this is not obvious. I just want to tell you there is a limit, and I do think that this is important. So, who executes the reward or penalty? Okay.

So, it cannot be a centralized machine which acts on agents' behaviors, which typically we think about in contracts. Think about the typical mechanism or design. Contracts is like... People have their actions, whatever. I'm going to have a slide to tell you what's the economist thinking later on, but think about it as a behavior. Your penalized behaviors. But here is the quotes from consensus. This is a detail. So that's why it's called enforcement. In all these cases, which is wrongdoings, offender needs to be caught in order for the slashing process to be triggered. The whistle blowing validator will create and propagate a specific message containing the offense for prosper to include it in a block. So, using some layman language, basically that if you did something wrong that there's some whistleblower needs to catch you, and then he or she needs to put it in there and tell everybody that this guy did something wrong.

Then there's some proposal needs to put on the proposed transaction, to my understanding I'm using the analogy of a Bitcoin here or Ethereum, it's very similar. And then you need somebody to get some votes or people just to follow the block, so if that block that says pointing out or whistle blowing block to be a part of a consensus, then you can execute on it and then you get penalized.

Then you have all these questions of how do we know votes are disciplined, follow up and at the end of votes over votes, that kind of questions. So here is a something that I check online and they get these slash... Oh, by the way this is joined with Jiasun Li that we are team and always discussing these type of issues which are fun.

These are the slashed validators, slashed by. Okay, so that's great. Must create an incentive for these guys to come in, which is true. So I'm not talking the incentive of the policemen here, but in practice in this system design you do have that. And also Cam was talking about there or some companies actually are created to do this type of thing, with that just means that the whole mechanism seems to work. 

All I'm trying to tell you is that it's not just the... I checked it with some practitioners in China, in US. They thought that probably as long as you have a smart contract then you always can punish the wrongdoing. That is a really not true. What you could act on is something called a decentralized consensus, which means that you have to get something that everybody agrees. And that's to me, that is a very deeper points that the contract theorists need to recognize.

Okay, so here's what I want to say. From a computer scientist perspective, it's a piece of code that the basically input, output. It's nothing fancy and the same code runs on every node on a blockchain. Okay. From my economist perspective, I'm going to ask the question, Ant is here. It is an input variable, which is here a better behavior-"contractable?" Contractable means set of something that everybody would agree on and then in the real world, it's the court. This is especially tricky because smart contract runs on a centralized machine.

So the smart contract runs on a central machine, that's the typical economist perspective before doing the Bitcoin, blockchain, that type of thing. So I want to emphasize that the contractibility is an equilibrium object. It's smaller than the observable, even smaller than the locally recorded, say votes. So I'm going to have a one slides to talk about that, where we a related topic on this voting permission to chain. That's the next step.

So take back basically that using languages that are probably on the circle of blockchain people. Basically that a smart contract only acts on or execute on the on-chained data as opposed to the off-chain data. To me, that's a very important part that whenever you design a system, later on, outside of the payment system, think about a trader finance, which I think it's a big part of the blockchain in the future, is that you need to think about it whenever you want to penalize there's something on-chain. The evidence or if you can think about those.

So here's the one slide that are just telling you that this whole logic is really coming from that I'm studying these voting-based consensus protocols. So Byzantine fault tolerance protocols. These are fascinating topics that unfortunately at this point that I don't think the economists has a handle on that. It's just because it's very, very complicated. The computer scientists are using their own algorithm language, which they are doing fantastic job. There's somewhere that we need to work on to put it together.

So in that framework, it's basically a leader, first propose a block and then a group of backup nodes, then votes. And hopefully that whatever the block, if the block is good, then everybody votes and then several rounds of voting to make sure that all the nodes in this system actually recorded the same thing.

So then this involve this honest nodes and some of Byzantine nodes to make sure that the system is in good standing, what you need to have is more than two thirds of the honest nodes, that type of thing. So then you kind of thinking, "Okay, this sounds economics." Sounds like it can have economic modeling. Basically you're voting and in the end, if we have some smart contracts to penalizes this malicious nodes, then things are good. We need to do a little bit more just because at least I'm explaining to you what I thought. I thought that it should be easy to do because of votes. Then once you have a smart contract, if you have a bad votes, which means that you see something bad, white, but you say it's black.

Well, you can penalize that. That's not true. What you need to, as I explained, that if the votes itself is just that your saying and not recognized by everybody yet, then the smart contract cannot act on it. So what I'm trying to tell you is that, can you reward or penalize bad voting behaviors directly, not necessarily. What you could reward or penalize is that if people votes and then later on in the next rounds, the people see that your voting it really sucks. And that then they might say that, "Look, you are this identity ‘ABC' and your voting seems to be inconsistent with a lot of other things, or you do double spending and then I'm going to single you out and say that, okay, you are the bad guy and therefore that are we going to penalize."

This is just telling you that in terms of the mechanism designed on the blockchain, you need to take that into account. So a little bit of the notation, but it's going to take it maybe at the most one minute. So in the traditional principal-agent model, this is for those economists. So agent takes action A, ideally would like to offer a pi A, but often the time we will say these things you cannot see it, so if a noisy version of the A gets realized or gets contractible and you just get pi. Pi is a payment.

In a decentralized the blockchain context, so we are working on it but it's just that it depends on the applications, but conceptually it's basically a group of nodes take a set of actions A and only A prime can be become consensus as a result the contractor can act on it. And that A prime, it really depends on the applications. For instance, what Campbell was talking about. If you do have a lot of companies that gets good incentives, that try to call every misbehavior, then in equilibrium will be quite good, but you have to ask that what makes these companies so actively working on these issues.

And I want to emphasize this issue is about a centralization versus decentralization. It's not about permissioned versus the permissionless. Just because even if you have permissioned that you still need a set of nodes to have these consensuses, so that you can act on it. There's a separate issue, which is an interesting from a contracting perspective. So Bengt is here. I just want to tell you that, what you see there, it's not necessarily bad behavior. It's just a equilibrium that people gets slashed, but there are some issues that are actually it's because of the glitch.

So here's a 75 Eth2 validators get slashed this week due to a Staked bug. And then at that time, so what happened was that this Staked is a kind of a pool. Proof of Stake pool, so that there are validators to work for that pool. And because of that pool has some bugs, then these validators as a worker actually later on it gets reimbursed by the pool. That itself is very interesting from the perspective.

Okay, this is my last slides and I will just... So in a way you can think about as blockchain provides a very good technology, I think to manage the world. To manage a business, finance. I am excited about the technology itself. From the very, very basic perspective. I think that it still does not escape the core issue of anything that is behind the way that a society is working. So resemble laws, the legislation you can just code it on the smart contract, but if you think that the smart contracts can resolve everything, that's not true. Just because whatever gets implemented on the smart contract, the core ideas you need to make sure that every nodes gets executed as a result that it looks like a traditional question. Which is something that everybody who wants to design the blockchain needs to think about. I'm done, thank you.

For more information, please visit Luohan Academy's youtube channel: Luohan Academy


to leave a comment