The state of Arbitrum's progressive decentralization
Progressive decentralization is the process of gradually increasing the decentralization of a system over time. This document details the current state of progressive decentralization for the Arbitrum One and Arbitrum Nova chains, the two chains currently governed by the Arbitrum DAO.
PUBLIC PREVIEW DOCUMENT
This document is currently in public preview and may change significantly as feedback is captured from readers like you. Click the Request an update button at the top of this document or join the Arbitrum Discord to share your feedback.
The components of Arbitrum's progressive decentralization
The following components determine the degree of decentralization for Arbitrum One and Arbitrum Nova:
- Chain ownership
- Validator ownership
- Sequencer ownership
- Data Availability Committee (DAC) ownership (applies only to Arbitrum AnyTrust chains like Arbitrum Nova).
Let's evaluate the current status of these components for both Arbitrum One and Arbitrum Nova, beginning with chain ownership.
1. Chain ownership
- Description: A chain's "owner" has the ability to change the protocol in various ways, including upgrading the core smart contracts, setting system parameters, and pausing the system.
- Current status: Governed by Arbitrum DAO. Chain ownership of both Arbitrum One and Arbitrum Nova is under the control of the Arbitrum governance system. The Arbitrum Decentralized Autonomous Organization (DAO), made up of $ARB token-holders and delegates, can carry out chain-owner operations through governance votes. The Security Council can also carry out chain-owner operations; it can act quickly through a 9 of 12 multisig wallet, but only in critical emergency situations. The Security Council can also act slowly through a 7 of 12 multisig wallet in non-emergency situations to carry out routine and minor upgrades, such as minor bug fixes. The members of the Security Council (split by cohort) are elected every six months by the Arbitrum DAO.
- If 9 of the Security Council members are compromised or behave maliciously, the system and users' funds could be compromised.
- If a malicious proposal is successfully put through DAO governance, or if 7 of the Security Council members are compromised or behave maliciously, the system's safety could be compromised. In either of these cases, users will have several weeks to withdraw their funds back to Ethereum before the proposal takes effect.
- Changes To Current Status: The governance system currently has the ability to alter governance itself.
2. Validator ownership
- Description: Validators are responsible for confirming the valid state of the Arbitrum chains back on L1.
- Current status: Permissioned Validation on both Arbitrum One and Arbitrum Nova is currently allow-listed to a committee of public entities. You can see the list of validators here. Governance currently has the power to change this status.
- Risks: If there is not a single honest active validator, and a malicious validator proposes an invalid state update, the system's safety could be compromised.
- Changes to Current status: The Arbitrum governance system (see #1) currently has the power to modify the Validator allow-list, such as by adding or removing members or removing the allow-list entirely.
3. Sequencer ownership
- Description: The Sequencer is typically responsible for collecting and ordering users' transactions.
- Current status: Centralized. The Sequencers for both Arbitrum One and Arbitrum Nova are currently maintained by the Arbitrum Foundation. Governance currently has the power to select new Sequencers.
- Risks: The Sequencer has the ability to delay the inclusion of a user's transaction by up to 24 hours and reorder transactions over short time-horizons. The Sequencer, however, cannot compromise the system's safety or prevent a transaction from ultimately being executed.
- Changes to Current status: The Arbitrum governance system (see #1) currently has the power to elect a new entity as the Sequencer.
4. Data Availability Committee (DAC) ownership
This applies only to Arbitrum AnyTrust chains like Arbitrum Nova.
- Description: AnyTrust chains like Arbitrum Nova rely on a permissioned committee to store the chain's data and provide it on demand.
- Current status: 7-member committee. The Arbitrum Nova chain has a 7-party DAC, whose members can be seen here. Governance has the ability to remove or add members to the committee.
- Risks: If 6 of the 7 committee members in conjunction with the Sequencer behave maliciously and collude, the safety of the system can be compromised.
- Changes to Current status: The Arbitrum governance system (see #1) currently has the power to change the DAC, such as by adding or removing members or modifying the power it has over the system.