Restaking Doesn't Mean Shared Safety

The pitch for restaking is elegant: ETH that's already securing Ethereum's consensus layer can simultaneously secure other protocols, earning additional yield without requiring additional capital. More security for the ecosystem at lower cost. Shared security as a public good.

The problem is that "shared security" implies the security compounds. It doesn't. Under certain conditions, it subtracts.

## What restaking actually is

*Restaking* means that ETH staked to participate in Ethereum consensus — currently requiring 32 ETH per validator — can be committed as collateral to additional protocols called *Actively Validated Services* (AVSs). These are systems that need cryptoeconomic security: oracle networks, bridges, data availability layers, sequencers.

EigenLayer is the primary restaking protocol. As of mid-2025, it held approximately $14 billion in restaked ETH. Validators who participate can earn yield from multiple AVSs simultaneously on top of their base Ethereum staking rewards.

The appeal is real. Bootstrapping a new cryptographic security protocol typically requires convincing a fresh set of validators to stake capital specifically for your protocol. EigenLayer lets protocols inherit Ethereum's existing validator set, which reduces the cost and time to bootstrap meaningful security. It's a genuine coordination improvement.

## The correlated slashing problem

Here's where the arithmetic breaks down.

Ethereum's slashing mechanism punishes validators for misbehavior — double signing, for example — by destroying a portion of their staked ETH. If a single validator misbehaves, they lose a fraction. If many validators misbehave simultaneously (correlated slashing), the penalties scale up dramatically under Ethereum's *correlation penalty* design.

Now add restaking. A validator's stake is committed simultaneously to Ethereum consensus and to, say, an oracle AVS and a bridge AVS. Each of those AVSs has its own slashing conditions. If a bug in the oracle AVS's smart contract triggers invalid slashing across a large portion of the validator set, those validators face losses that weren't priced into their yield calculations.

*It's worth noting* that the slashing conditions for an AVS are defined by that AVS's code, not by Ethereum's consensus rules. A validator who restakes to an AVS is trusting that the AVS's slashing logic is correct. If it isn't — if there's a bug, a governance exploit, or a deliberately malicious AVS — the slashing can be triggered at the AVS layer, and the validator has no recourse from Ethereum's perspective.

## The systemic risk that isn't priced

Here's the uncomfortable truth: the current restaking ecosystem isn't pricing the correlation risk it's accumulating.

Validators who restake to multiple AVSs are earning yield from each one. The yields are calculated, implicitly or explicitly, as compensation for the probability of getting slashed by that specific AVS. But the validator's total risk isn't the sum of independent AVS slashing probabilities — it's affected by correlations between them.

If three AVSs all use a shared infrastructure component (a common oracle, a shared bridge, a common code library) and that component fails, validators committed to all three face simultaneous slashing events. The total ETH at risk in that scenario is not 1x the validator's stake — it's constrained by Ethereum's slashing cap per incident, but the cascade effects on validator solvency can be severe.

The numbers suggest something different than the marketing. EigenLayer's documentation discusses "slashing quorum" thresholds and operator opt-in mechanisms, but the systemic scenario — a popular AVS with a critical bug triggering mass slashing events — hasn't been stress-tested at scale. It can't be, until it happens.

## More restakers means more correlated risk

This raises an important question about what "security" actually means here.

If a single operator controls a large share of an AVS's validators (which is common — there are currently a handful of dominant node operators in EigenLayer), and that operator's stake becomes the target of an exploit or governance attack, the "security" that seemed distributed is actually quite concentrated.

The Ethereum staking ecosystem already has known centralization pressures: Lido controls roughly 28% of all staked ETH. If Lido's validators are also the majority operators in a major AVS, and that AVS gets exploited, the systemic impact propagates through Lido's stakers, back into Ethereum's validator set.

More capital restaked to more protocols doesn't linearly increase security. It increases the number of ways that a single failure can propagate across the system.

## What this means for AVS design

The structural response to this problem is slashing insurance, operator delegation with capital limits, and careful scoping of slashing conditions. EigenLayer's roadmap includes governance mechanisms to constrain these risks. Some AVSs have chosen to deploy without slashing enabled initially — using reputation stakes rather than cryptoeconomic slash risk — which is a pragmatic acknowledgment that the smart contract code isn't mature enough to trust with validator capital yet.

But "deploy without slashing" is a different product from "shared cryptoeconomic security." It's closer to a reputation system with yield. That might be fine as a bootstrapping mechanism, but the distinction matters when the broader ecosystem is being sold on security guarantees.

> **Key Takeaway:** Restaking is a genuine coordination improvement for bootstrapping new protocols. But the security it provides is conditional — on the correctness of AVS code, on the concentration of operator sets, and on whether slashing conditions are correlated. The same interconnection that makes the model efficient makes it fragile in a cascade. That's not an argument against restaking; it's an argument for pricing the risk honestly.

Restaking Doesn't Mean Shared Safety

// COMMENTS

ON THIS PAGE