NOTE: The goal of this document is not to announce new changes but to discuss them and gather comments. No final decision has been made on whether to adopt the new requirements or not.
Preliminary resources
- Optimistic rollups, the challenge period and strong censorship attacks - Optimisitic Rollup - Ethereum Research
- I think it's ok to allow stage 1 rollups shorter withdrawal windows (1-2 days), but we should be more conservative on stage 2 - Fellowship of Ethereum Magicians
- [2502.20334] Economic Censorship Games in Fraud Proofs
- Economic Censorship Games – Formula Playground
- The Stages Framework - L2BEAT Forum
- Fraud proof wars - L2BEAT Medium
Background
Today, optimistic rollups make use of a 7 days long challenge period to protect from complete loss of bridged funds in the presence of a strong censorship attack caused by a 51% attack.
Since “simply held funds” cannot be stolen on Ethereum L1 in case of such attack, and the Stages Framework in a way represents how close a rollup is to inherit Ethereum security guarantees, it is broadly agreed that Stage 2 should require at least 7d challenge period requirement for optimistic rollups. Stage 1, on the other hand, is meant to represent a level between Stage 0 and Stage 2, and as such relaxes certain guarantees, like the exit window requirement that can be bypassed by a well-defined Security Council. Given that a 51% attack on Ethereum consensus is considered an extreme situation, some have proposed to also relax the 7d requirement for Stage 1.
The analysis
If we assume that strong censorship attack don’t happen, the next type of attack we need to be concerned about are soft censorship attacks, i.e. builder-driven rather than attester-driven.
In particular, attacks need to be modeled as economic attacks where the both the attacker and the defender needs to spend resources to achieve own goals (i.e. stealing funds vs protecting the chain), and where the defenders might have some asymmetrical advantage.
Economic attacks are already present, well understood and somewhat tolerated in the absence of censorship. For example, OP stack’s fraud proof system is already unsafe if the attacker is willing to allocate more funds than the defender, i.e. there is an advantage ratio close to 1, while the defender Arbitrum’s BoLD advantage is closer to 6, i.e. the defender needs 6 times less funds than the attacker to win. While the defender allocation is substantial, especially for chains where the potential prize for the attackers is billions of TVS, the risk is accepted because large part of the defender funds is spent in bonds that are reimbursed with a profit (i.e. attacker’s slashed stake) in case of victory.
To defend from censorship, on the other hand, defenders need to spend funds in priority tips that are not later reimbursed. For this reason, it is expected a significantly larger defender advantage to realistically maintain the protocol safe.
The only existing analysis of such scenario was authored by Offchain Labs in the “Economic Censorship Games in Fraud Proofs” paper published in February 2025. Three models are presented, listed here from more to less pessimistic:
- G^1: validators either accept a censoring block or a non-censoring block, simply based on who provides the highest bid.
- G^1_k: same as above, but a certain percentage of validators always locally builds blocks.
- G^m: multiple validators determine the block content, where at least one validator has to select defender’s transaction for it to be included.
While the paper models the economic game using a fixed number of transactions that the defender needs to include (e.g. 60 for a single challenge in BoLD), in reality the attacker can also spend funds to increase such number, significantly complicating the analysis. Moreover, while G^m tries to model some version FOCIL, the actual proposed variant can get more similar to the more pessimistic G^1 model if validators are willing to miss slots.
We propose to simplify the analysis by considering the pessimistic G^1 model, but in a scenario where the defender only needs to include one single transaction with the effect of extending the challenge period back to 7d. The attacker is therefore severely disadvantaged in having to spend at least one defender priority tip per block for the extent of the full challenge period.
As an example, to protect from an attacker willing to spend $10B to attack the chain, the defender needs to have at least ~$33M with a 1h challenge period, $1.39M with a 24h challenge period, and ~$200K with a 7d challenge period.
Other types of attacks
The attacker’s economic advantage can be increased in the presence of other sources of transaction delay, like p2p attacks or downtime. No systematic research has been done on the topic at the time of writing. It is crucial to estimate the extent of such attacks as the challenge period should at least be as long as them to maintain safety.
Next steps
The next step is to agree on what is a reasonable advantage to require on defenders, even in the presence of other source of attacks. For example, if we conclude that such attacks can only reasonably last up to 23h, leaving 1h for the onchain censorship attack, and that a $33M budget is reasonable to defend against a $10B attacker, then a 1d challenge period can be considered safe. If there is no confidence that such attacks can be capped to <24h, then a 1d challenge period cannot be considered safe and a higher one should be proposed instead. Moreover, while FOCIL has been proposed as a way to significantly improve the advantage, better models are needed.