News

Vitalik Buterin: Rollups must prove security before decentralizing

Published

3 weeks ago

May 5, 2025

Vitalik Buterin advises delaying rollup decentralization until proof systems are secure, as rushing could pose risks. The decision hinges on security maturity.

Vitalik Buterin, Ethereum’s co-founder, stated that rollups should hold off on decentralization until their proof systems are secure enough that remaining centralized becomes a liability.

Buterin addressed the timing of decentralization for rollup-powered layer-2 networks, stressing that doing it “as soon as possible” may not be the wisest decision.

According to a May 5 X post by Buterin, transitioning rollup-based scaling solutions to decentralization requires proper timing.

Whether or not to decentralize depends on how minimal the proof system’s failure chance is when compared to the risks of centralization.

Buterin’s response followed a post from Daniel Wang, the CEO and founder of the Loopring decentralized exchange.

1/
Not all code is created equal. A rollup can be Stage 2, but running fresh code that’s never been tested under real stress.

I propose a separate label: #BattleTested.
— Daniel Wang (@realdantaik) May 4, 2025

In Wang’s thread, he stated that the security of a system ties closely to how mature it has become.

“Not all code is created equal. A rollup can be Stage 2, but running fresh code that’s never been tested under real stress.“

Wang outlined three recognized stages in rollup development—starting from stage zero, then moving to stage one, and finally stage two.

From stage zero to stage two, decentralization intensifies, with the final stage being fully decentralized and trustless.

Systems that manage significant cryptocurrency assets attract malicious actors seeking profit worldwide.

While a project might not have a bug bounty program promising payment for vulnerabilities, hackers still dissect it closely, potentially paying a steeper price for its defects.

The threat continues to grow as state-backed bad actors become more involved in cryptocurrency.

The Lazarus Group stands as a prime example, having been behind many significant crypto hacks, including the $1.4 billion Bybit breach.

To recognize code that has withstood attacks from sophisticated hackers and hacker groups, Wang recommended introducing the “BattleTested” metric.

A rollup that consistently secures at least $100 million in assets, including $50 million in Ether and a significant stablecoin, over a span of six months would earn the “BattleTested” badge.

The badge would expire after every update, as the new code needs to endure attacks and demonstrate its security to earn it again.

Buterin offered his insights on the analysis:

“A good reminder that stage 2 is not the only thing that matters for security: the quality of the underlying proof system matters too.“

A good reminder that stage 2 is not the only thing that matters for security: the quality of the underlying proof system matters too. https://t.co/Rp1XUtV4zC
— vitalik.eth (@VitalikButerin) May 5, 2025

According to Dominick John, an analyst at Kronos Research, he stated, “to responsibly transition from stage 1 to stage 2, rollup teams must […] take a hard look at correlated risks like shared custody weaknesses or geopolitical chokepoints that can compromise the reliability of multisig security councils.”

He added that such risks typically go unnoticed until the locked value surpasses the $100 million threshold.

“The real green light for decentralization comes not when the proof system looks good on paper, but when it proves under real economic pressure that it’s more reliable than the potential for coordinated failures among council members.“

Read also: See how Vitalik plans to make Ethereum as simple as Bitcoin

According to Buterin, the ideal time for a protocol to transition to decentralization occurs when its on-chain proof system has reached a level of security where the centralized components pose a higher threat of failure or collusion.

Until a system’s security fully establishes itself, decentralization—by increasing reliance on that system—could actually reduce its overall security.

Mike Tiutin, chief technology officer at decentralized compliance protocol PureFi, said that “going decentralized too early […] can leave users vulnerable.”

Kronos Research’s John emphasized that “decentralization isn’t a race, it’s a long-term responsibility shared by the entire ecosystem.”

He explained that rushing toward stage two places ideology above security, which amplifies the risks.

“In stage one, councils can step in if something breaks. In Stage 2, a single bug could wipe out billions with no rollback.”

Experts recognize the problems of going decentralized too soon, but some also warn against not decentralizing at all.

Arthur Breitman, co-founder of the Tezos blockchain, stated that “prominent Ethereum L2s” are fundamentally custodial, adding:

“Privileged entities control core logic, jeopardizing asset integrity; banking on their immunity to collusion is fragile, and failure is likely to be correlated.“