撰文: Vitalik Buterin
编译: Wenser，Odaily 星球日报
编者按：一直以来，关于以太坊 rollup 安全性的三个阶段的讨论都是以太坊生态社区的关注重点，这不仅仅事关以太坊主网及 L2 网络的运行稳定性，更与 L2 网络的真实发展状况有关。近日，以太坊社区成员 Daniel Wang 于 X 平台提出了 L2 网络 Stage 2 阶段的命名标签 #BattleTest...

撰文: Vitalik Buterin编译: Wenser，Odaily 星球日报编者按：一直以来，关于以太坊 rollup 安全性的三个阶段的讨论都是以太坊生态社区的关注重点，这不仅仅事关以太坊主网及 L2 网络的运行稳定性，更与 L2 网络的真实发展状况有关。近日，以太坊社区成员 Daniel Wang 于 X 平台提出了 L2 网络 Stage 2 阶段的命名标签 #BattleTested，认为只有当前代码和配置在 Ethereum 主网上线超过 6 个月，并且一直保持超过 1 亿美元的总锁仓价值（TVL）且其中至少有 5000 万美元的 ETH 和主要稳定币的 L2 网络才能获得这一称号，且该称号动态评估，避免产生「链上鬼蜮」。以太坊联合创始人 Vitalik 随后对该问题进行了详细解答与观点分享，Odaily 星球日报编译如下。<h3>L2 网络的 3 大阶段：从 0 到 1 再到 2 ，安全性由治理份额决定</h3>以太坊 rollup 安全性的三个阶段可以根据安全委员会何时可以覆盖无信任（即纯加密或博弈论）组件来判定：<ul><li>阶段 0 ：安全委员会拥有完全控制权。可能有一个运行中的证明系统（ Optimism 或 ZK 模式），但安全委员会可以通过简单的多数票机制推翻它。因此，证明系统仅为「咨询性质」。</li><li>阶段 1 ：安全委员会需要 75% （至少 6/8）的批准才能覆盖运行系统。必须有一个法定人数阻止子集（如 ≥ 3）在主要组织之外。因此，控制证明系统的难度相对较高，但并非不可逾越。</li><li>阶段 2 ：安全委员会只能在可证明的错误情况下采取行动。例如，可证明的错误可能是两个冗余的证明系统（例如 OP 和 ZK）相互矛盾。如果有可证明的错误，它只能选择提出的答案之一：它不能任意响应某一机制。</li></ul>我们可以用下面的图表来表示安全委员会在不同阶段拥有的「投票份额」：<img src="https://static.fwimg.io/img/feed/9fa48229bd929e5d4de46d08db1806d7.jpg" alt="数学模型揭示L2阶段选择逻辑：为何阶段1可能被跳过？"><pre>三个阶段的治理投票结构</pre>一个重要的问题是：L2 网络从阶段 0 转换到阶段 1 ，以及从阶段 1 发展到阶段 2 的最优时机分别是什么？不立即进入阶段 2 的唯一有效理由是，你不能完全信任证明系统——这是一种可以理解的担忧：该系统由一大堆代码组成，如果代码有存在漏洞，那么攻击者可能窃取所有用户的资产。你对证明系统的信心越强（或者相反，你对安全委员会的信心越弱），你就越想推动整个网络生态向后一个阶段发展。事实上，我们可以用简化的数学模型来量化这一点。首先，让我们列出假设：<ul><li>每个安全委员会的成员有 10% 的「单独故障」的可能；</li><li>我们将活跃性故障（拒绝签署合约或密钥不可用）和安全性故障（签署错误事项或密钥被黑）视为同等可能事项。实际上，我们只假设一个「失败」的类别，其中「失败」的安全理事会成员既签署了错误的事项，又未能签署推进正确的事项；</li><li>在阶段 0 ，安全委员会的判定标准是 4/7 ，在阶段 1 是 6/8 ；</li><li>我们假设存在一个单一的整体证明系统（与 2/3 的设计机制相对，安全委员会可以在两者意见矛盾时打破僵局）。因此，在阶段 2 ，安全委员会的存在根本无关紧要。</li></ul>在这些假设下，考虑到证明系统崩溃的特定概率，我们希望最小化 L2 网络崩溃的可能。我们可以使用二项分布来完成这项工作：<ul><li>如果每个安全理事会成员有 10% 的独立故障机会，那么至少有 4 个在 7 个中故障的概率是 ∑?= 47( 7 ?)∗ 0.1 ?∗ 0.97 −?= 0.002728 因此，阶段 0 的整合系统有固定的 0.2728% 的失败概率。</li><li>阶段 1 的整合也可能失败，如果证明系统失败且安全委员会验证机制发生 ≥ 3 次失败，无法进行网络计算覆盖（概率 ∑?= 38( 8 ?)∗ 0.1 ?∗ 0.98 −?= 0.03809179 乘以证明系统失败率），或者如果安全委员会发生了 6 次或更多次失败，可以自行强制生成一个错误的计算答案（固定 ∑?= 68( 8 ?)∗ 0.1 ?∗ 0.98 −?= 0.00002341 概率）；</li><li>阶段 2 合并失败的概率与证明系统失败的概率一致。</li></ul>这里以图表形式呈现：<img src="https://static.fwimg.io/img/feed/be3fd228fdf83c6a606070392b089d11.jpg" alt="数学模型揭示L2阶段选择逻辑：为何阶段1可能被跳过？"><pre>L2 网络不同阶段证明系统故障概率</pre>如上所推测的结果，随着证明系统质量的提高，最佳阶段从阶段 0 转移到阶段 1 ，然后从阶段 1 转移到阶段 2 。使用阶段 0 质量的证明系统进行阶段 2 的网络运行是最差的结果。现在，请注意上述简化模型中的假设并不完善：<ul><li>在现实中，安全委员会成员并不完全独立，（他们之间可能）存在「共同模式故障」：他们可能串通一气，或者都受到同样的胁迫或黑客攻击等等。要求在主要组织之外拥有一个法定人数阻止子集的目的是为了避免这一点的发生，但仍然并不完美。</li><li>证明系统本身可能是由多个独立系统组合而成的（我在此前的博客中曾提倡这样做）。在这种情况下，（i）证明系统崩溃的概率非常低，并且（ii）即使在阶段 2 ，安全委员会也很重要，因为它是解决争议的关键。</li></ul>这两个论点都表明，与图表所示相比，阶段 1 和阶段 2 更具吸引力。如果你相信数学，那么阶段 1 的存在几乎永远都不会被证明是合理的：你应该直接进入阶段 1 。我听到的主要反对意见是：如果发生一个关键的错误，可能很难在 8 名安全委员会成员中迅速获得 6 名成员的签名来修复它。但是有一个简单的解决办法：赋予任何一名安全委员会成员延迟提款 1 到 2 周的权限，给其他人足够的时间来采取（补救）行动。同时，然而，过早地跳到阶段 2 也错误的，尤其是如果向阶段 2 过渡的工作是以牺牲加强底层证明系统的工作为代价的话。理想情况下，像 L2Beat 这样的数据提供商应该展示证明系统审计和成熟度指标（最好是证明系统实现而非整个汇总的指标，这样我们可以复用），并附带展示阶段。

数学模型揭示L2阶段选择逻辑：为何阶段1可能被跳过？

Author: Vitalik Buterin
Compiled by: Wenser, <Odaily>

Editor's Note: The discussion about the three stages of Ethereum rollup security has always been a focus of the Ethereum ecosystem community. This is not only related to the to the operational stability of the Ethereum mainnet and L2 networks, but also to the the the status networks. Recently,,, ethereum Daniel Wang proposed a naming label #BattleTest for the Stage 2 phase of L2 networks on the X platform...

Author: Vitalik ButerinTranslated by: Wenser, OdailyEditor's Note: The discussion of the three stages of Ethereum rollup security has always been a focus of the Ethereum ecosystem community, which is not only related to the operational stability of the Ethereum mainnet and L2 networks, but also to the real development status of L2 networks. Recently, Ethereum community member Daniel Wang proposed the naming tag #BattleTested for the L2 network Stage 2 on the X platform, believing that only L2 networks with current code and configuration that have been online on the Ethereum mainnet for more than 6 months, maintaining a total locked value (TVL) of over $100 million, with at least $50 million in ETH and major stablecoins, can earn this title. The title is dynamically assessed to avoid creating "chain ghosts". Ethereum co-founder Vitalik subsequently provided a detailed answer and shared his views, which Odaily has translated as follows.<h3>3 Stages of L2 Networks: From 0 to 1 and then to 2, Security Determined by Governance Share</h3>The three stages of Ethereum rollup security can be determined by when the security committee can cover trustless (purely cryptographic or game-theoretic) components:<ul><li>Stage 0: The security committee has complete control. There might be a running proof system (Optimism or ZK mode), but the security committee can overturn it through a simple majority vote. Therefore, the proof system is only "advisory in nature".</li><li>Stage 1: The security committee needs 75% (at least 6/8) approval to cover the running system. There must be a quorum-blocking subset (e.g., ≥ 3) outside the main organization. Thus, the difficulty of controlling the proof system is relatively high, but not insurmountable.</li><li>Stage 2: The security committee can only act in cases of provable errors. For example, provable errors might be two redundant proof systems (such as OP and ZK) contradicting each other. If there is a provable error, it can only choose one of the proposed answers: it cannot arbitrarily respond to a mechanism.</li></ul>We can represent the "voting share" of the security committee at different stages with the following chart:<img src="https://static.fwimg.io/img/feed/9fa48229bd929e5d4de46d08db1806d7.jpg" alt="Mathematical Model Reveals L2 Stage Selection Logic: Why Might Stage 1 Be Skipped?"><pre>Governance Voting Structure of Three Stages</pre>An important question is: What is the optimal timing for L2 networks to transition from Stage 0 to Stage 1, and from Stage 1 to Stage 2?The only valid reason for not immediately entering Stage 2 is that you cannot fully trust the proof system—a understandable concern: the system consists of a lot of code, and if there are vulnerabilities, attackers might steal all users' assets. The more confident you are in the proof system (or conversely, the weaker your confidence in the security committee), the more you want to push the entire network ecosystem to the next stage.[The translation continues in the same manner, maintaining the original structure and translating all text while preserving any HTML tags.]

Mathematical model reveals the logic of L2 stage selection: Why stage 1 may be skipped?

<Odaily> Planet News: Vitalik wrote that Ethereum Rollup security can be divided into three stages: Stage 0: The security committee can completely veto the proof system, with centralized control. Stage 1: Intervention requires 6/8 members' approval, with external member thresholds and limited intervention. Stage 2: Intervention only occurs when verifiable errors are found, without arbitrary judgment. He suggested gradually transitioning from Stage 0 to Stage 2 as trust in the proof system increases. Stage 0 has the lowest security and should be avoided for long-term use. Rollup should start at least from Stage 1, while focusing on the audit and maturity of the proof system.

Vitalik: Ethereum Rollup security should be implemented in three stages, gradually moving towards de-trust

"I realized that I would never become a Memecoin trader."

Exclusive interview with CZ: Health and family are the most important, 99% of memes will eventually fail

[Data]
On May 8, 2025, Binance Launchpool's 48th project Space and Time (SXT) is about to open for trading. This "Web3 data layer leader" backed by top capitals like Microsoft, Chainlink, and Framework Ventures, is facing huge controversy on the eve of its token listing: the initial token price of $0.17, a sharp 70% drop from the peak of Gate.io's pre-market OTC trading ($0.56), with voices calling to "short SXT" continuously rising in the community.
Is it a market misjudgment, or...