Cosmos Replicated Security: an overview

Cosmos has emerged to serve as the “Internet of Blockchains". In pursuit of its vision, the Cosmos Ecosystem offers a toolkit for building interconnected, sovereign, and scalable Layer-1 blockchains, known as application chains (“appchains”).

These app chains are developed by leveraging four fundamental resources provided by the Interchain Foundation, contributing to the continued advancement of the Cosmos Ecosystem. These resources are:

• Cosmos SDK which facilitates efficient appchain development.
• Tendermint Consensus mechanism that offers seamless integration of instant finality.
• Inter-Blockchain Communication Protocol (IBC) for interoperability.
• CosmWasm, a platform for creating, testing, and executing Smart Contracts.

Despite the above, however, the appchain development has encountered its constraints. One such limitation is intrinsically linked with funds. The Tendermint Consensus implies that each appchain should procure its own validators, as most chains implement Proof of Stake consensus. This involves both hardware and staking requirements that many appchain creators find challenging, potentially acting as a deterrent to the further expansion of this network of independent blockchains.

The Cosmos community, prompted by these claims, advocates for resolving the constraint mentioned above via Replicated Security, a solution detailed in the approved governance proposal #187 on the Cosmos HUB. In this article, we will analyse the implications of this proposal and examine how the Cosmos landscape will be shaped by this significant upgrade, with Replicated Security serving as the initial step.

What is Replicated Security?

Replicated Security stands among the major updates implemented to the Cosmos Ecosystem, enabling a larger chain, defined in this context as the Provider Chain, to leverage its resources, namely validators, to provide security through transaction validation to a smaller chain, defined as the Consumer Chain.

From a technical perspective, leveraging the IBC, the Provider Chain sends a series of messages to the Consumer Chains’ consensus engine, powered by Tendermint. These messages notify the Consumer Chain about the validators engaged in its validator set and convey the results of their validation service. In exchange, the Provider Chain to be compensated for providing this service may receive a percentage of the transaction fees from the Consumer Chain, a share of Consumer Chain tokens emissions or a fraction of the fees collected by its decentralised applications as part of its security agreement.

A simple way to understand the Replicated Security update is to picture a traditional PoS mechanism in which its main components, such as staked tokens, validators, consensus layer and slashing system, are distributed across two blockchains. As distinct entities, the blockchain providing security services is entitled to compensation from the chain requesting them.

Replicated Security, the Inaugural Phase of a Comprehensive Update

The Replicated Security update constitutes the initial phase of an expansive upgrade to the Cosmos Ecosystem. Introduced by proposal #187, it allowed Cosmos Hub validators to run the necessary software to provide security to Consumer Chains. In this phase, following the acceptance of a Consumer Chain, Cosmos Validators are mandated to execute the new appchain software and deliver the corresponding security service. As with any PoS consensus mechanism, the Cosmos Hub’s native validators, who have staked ATOM, face the risk of having their stake slashed in the event of misbehaviour, such as double-spending issues, during their duty related to a consumer chain.

The following phase of this comprehensive update is known as Opt-in Security. This feature will allow validators to individually opt into running Consumer Chains software. This approach offers flexibility, enabling validators to refrain from running a Consumer Chain, and permits the permissionless launch of Consumer Chains. Nonetheless, there are still challenges inherent to this phase. The Consumer Chain’s security may fluctuate as validators opt in and out. Additionally, Consumer Chains will be susceptible to the 'subset problem,' where a subset of validators, although part of the secure Cosmos Hub set, may act maliciously. The slashing system will be pivotal in addressing the subset problem.

The final stage of this update is called Mesh Security. Mesh Security aims to foster economic alignment and coordination among appchains. In a concept that could be coined as cross-chain staking, token holders will be able to stake across different chains, earning rewards from each chain's security and fostering bidirectional security enhancement between chains. Unlike Replicated Security and Opt-in Security, Mesh Security mandates consumer chains to maintain their own validator sets, making it a nuanced option for new chains but appealing to those with established validator sets. At its core, Mesh Security encourages interchain collaboration, setting the stage for mutual rewards and benefits, and reinforcing ties within the ecosystem. Among its biggest challenges, are potential nuances in cross-staking multiple tokens and chains, validator selection, implementing a robust penalty mechanism, and crafting an intuitive UI/UX design.

Drivers for Replicated Security

The catalyst for enabling Replicated Security derives from two pivotal arguments. The first standpoint may be the most evident one, fostering the development of new appchains. By addressing one of the most significant impediments to engaging in the development of new appchains, the financial resources required to establish a network of validators, Replicated Security aims to further facilitate the endeavour of Cosmos Chains builders.

On the other hand, Cosmos HUB serves a fundamental duty in the Cosmos Ecosystem. As the first appchain ever built, by the Interchain Foundation team, it has embraced the role of connecting each appchain furthering interoperability. However, with Replicated Security a new purpose is assigned to Cosmos HUB as a Security Provider for new appchains. In this context, a minimalistic Cosmos HUB is envisioned. The principle guiding this vision is to count on a Cosmos HUB focused on providing security, instead of hosting decentralised applications. Meanwhile, decentralised applications related to the Cosmos HUB can be developed in new app chains which can opt to be secured by the Cosmos HUB.

This argument encapsulates an extension of the existing modular vision within the Cosmos Ecosystem. While this vision garners traction in the web3 environment, it constituted a foundational element of Cosmos. The modular paradigm entails the decentralized execution of various critical functions essential for a blockchain's optimal operation, including transaction processing and settlement, consensus establishment, and data availability assurance, distributed across distinct layers. The implementation of Replicated Security settles the ground for function segregation across different appchains, thereby fostering scalability, fortifying the ecosystem-wider security, and fostering the expansion of the “Internet of Blockchains”.

Consumer Chain Application Process

Projects aspiring to become Consumer Chains must submit a proposal to the Cosmos HUB governance. Subsequently, the proposal necessitates the attainment of at least a two-thirds majority of the total voted to be granted admission as a Consumer Chain. Once approved, Cosmos validators are obligated to update their software infrastructure to implement the Consumer Chain validation consensus and promptly commence service provisioning.

Consumer Chains Replicated Security Benefits

From a Consumer Chain perspective, the benefits are quite clear. New appchains developers can focus their efforts on the issue they aim to address with their solution, instead of gathering the necessary funds to set up a network of validators. Additionally, its appchains will be secured by the validators from the most important appchain of the whole Ecosystem.

Within this context, the Neutron appchain has assumed the role of the inaugural consumer chain. As a result, Cosmos HUB validators and ATOM delegators are receiving compensation in NTRN, the native token of Neutron. Subsequently, the proposal put forth by the Stride appchain has gained approval, establishing itself as the second consumer chain to participate in replicated security.

Cosmos HUB Validators Benefits from Replicated Security

While the benefits for Cosmos users are also quite evident, as a larger Cosmos Ecosystem staffed with more appchains affords them with additional opportunities, the question arises referring to Cosmos Hub validators and stakers benefits. On this behalf, Cosmos Hub validators and consequently its delegators or ATOM stakers will be economically incentivised to supply the validation service to Consumer Chains. These incentives stem from three different sources, a matter of analysis on the Consumer Chain submission proposal:

• Transaction Fees. By default, 25% of the Consumer Chain fees will be distributed to the provider chain. Validators specify the minimum fee they are willing to receive.
• Token Inflation. If the Consumer Chain has a token, it can allocate a portion of its inflation to the Cosmos Hub validators and, subsequently, delegators.
• Application Fees. If having a token is not part of the Consumer Chain roadmap, a percentage of the fees collected by their apps can be distributed to the provider chain.

Replicated Security Concerns

Despite the mentioned opportunities Replicated Security brings to the Cosmos Ecosystem, with its further development being one of the most significant, this update is not without associated concerns. Amongst validators, an economic alarm has been raised. While the largest validators capitalise on their role as Cosmos HUB validators, the smaller validators have voiced concerns stemming from their ability to cover their monthly expenses, with some of them even experiencing losses.

Running consensus for new appchains entails new hardware acquisition and, in certain instances, the allocation of additional human resources. The concerns of the smallest Cosmos HUB validators revolve around the logical lack of assurance regarding adequate compensation for their additional duties.

From the Interchain Foundation, the response gravitates toward working with validators to reduce the infrastructure cost of consumer chains while maintaining the same security and performance. Additionally, measures could be taken to orchestrate chain upgrades in a steady and predictable cycle to reduce the time and resources spent.

On a different note, certain users have expressed reservations about the possibility of one-third of Cosmos HUB validators halting a Consumer Chain. Nevertheless, it should be acknowledged that this outcome aligns with the general principles governing the Cosmos ecosystem.

Lastly, from a Consumer Chain point of view, the fact Cosmos Hub validators operate on a single client can be viewed as a single point of failure risk. While this does not represent an issue addressable directly by Cosmos Hub Validators, there exists a real need to expand the validators’ client offer, to overcome this single point of failure risk. The development of additional clients might mitigate the vulnerability to a single point of failure that the current set of validators is exposed to.