From Censorship to Centralization: 4 Dimensions of Ethereum Relay's Public Goods Problem
Navigating the Perilous Waters of Ethereum's MEV-Boost Relays
Key Takeaways
The public goods dilemma and the free rider problem relays are beginning to overshadow the success of the Dencun upgrade, whose benefits for L2s need to traverse the relay infrastructure.
The four obstacles that must be addressed are Single Point of Failure, blind trust issues, censorship, and centralization. They hinder relays and deviate from the original goal of MEV-Boost and PBS design.
A better PBS design must take all the help and data communities can provide and abandon top-down approaches.
The biggest Ethereum upgrade since the Merge, Dencun, successfully went live. While people are cheering and celebrating, a lurking mainnet crisis is brewing: the public goods dilemma of MEV-Boost Relay.
In the last 14 days, MEV-Boost in the Proposer-builder separation (PBS) era produced 91.5% of the total blocks on Ethereum.
Relays perform a vital intermediary role in the PBS infrastructure:
Facilitate the auction between proposers and builders;
Ensure payloads from builders are valid;
Foster the payment between proposers and builders;
Absorb large traffic from builders by only sending legit blocks to proposers/validators.
In essence, relays are crucial in maintaining the integrity and efficiency of the auction mechanism. As Matt Cutler, CEO and co-founder of Blocknative, suggested, "Without the relays, the network doesn’t operate, meaning that the MEV-Boost network is entirely dependent on them. They require 100% uptime because if they don’t do their job, you have missed slots.”
As the MEV-Boost document mentions, relays are believed to support PBS's original objective:
Separating the role of proposers from block builders promotes greater competition, decentralization, and censorship resistance for Ethereum.
Yet over 90% of blocks based on MEV-Boost raise questions about Ethereum's decentralization, especially on relays.
You may think that many parties would be eager to provide relay services. However, only 11 relay entites were part of the game, and now the number is 9. The reason? People treat relays as a public good and advocate keeping them that way. Consequently, this stance leads to a classic issue in human history: the free rider problem.
A public good is a commodity or service that every member of a society can use without reducing its availability to all others. It is available to everyone regardless of whether they have paid for it. When a user swaps ETH for USDC, they don't pay for the use of the relay during the exchange, making the user "a free rider." Since the current PBS design provides no incentives for teams running relays, eventually, relays disappear one by one, creating a potential critical mainnet centralization and censorship dilemma.
According to hidobby, Head of Data at Dragonfly, even Vitalik expressed concerns about Relays during ETH Taipei on Mar 20th. He pointed out that centralization risks are the main challenge Ethereum faces, especially on relays and builder centralization and trust put on relays in MEV-Boost.
Despite heavily relying on Game Theory models, Ethereum positions relays as a public good. No data validating the current design is exhibited on the PBS roadmap or the MEV-Boost relay document.
Let's examine the four problematic aspects of the current PBS design: single point of failure, trust issues, censorship, and monopolization/cartelization.
Relays as the Achilles' Heel of PBS
Single Point of Failure (SPOF) refers to a situation where a system or component has a single point of failure, meaning that if that point fails, the entire system or component will fail. In the context of PBS relays, the SPOF refers to the reliance on a single relay or a small number of relays to perform critical functions in the MEV-Boost ecosystem.
Matt Cutler's Blocknative ranked among the 11 original relay providers. Last September, the company announced that it would "suspend our MEV-Boost Relay and associated Ethereum Block Builders," and followed through.
Fast-forward six months, and Relayoor, Wenmerge, and bloXroute's ethical relay have left the active relay list.
The other side of the Single Point of Failure (SPOF) is vulnerability to attack.
On April 3, 2023, “low-carb-crusader,” a.k.a. "sandwich the ripper,” managed to drain five MEV bots by exploiting a bug in flashbots’ mev-boost-relay code base, costing a total loss of $20 million. The attacker took advantage of the bug in the relay to disguise itself as a validator and finished the exploit.
Even though the developers patched the bug swiftly, the damage remained done, raising questions about the relays' vulnerability. During ETHDenver 2024, Auston Sterling from Aestus Relay, one of the existing seven relays, gave a speech titled "What Happens if a MEV-Boost Relay Goes Rogue?" He painted a bleak picture that the "attacker would control a majority of block space early in the attack."
The “low-carb-crusader” attack also reveals the trust issue of relays.
The Fragile Ground: Trust Issues
The PBS relay's trust problem stems from builders and proposers needing to unconditionally trust the relays in the PBS system. The relay is responsible for coordinating the communication between proposers and builders. For the PBS system to function properly, builders need to trust that the relays will accurately assemble and reveal the payload of the block. Similarly, proposers must trust that the relays have received the full signed block from the builder and will assemble and broadcast the full block. In other words by Simon Brown, the renowned Ethereum researcher,
there does not exist a trustless way for proposers to be confident that the builder’s block will be released and that they will receive payment, and builders have no trustless way to be confident that the MEV in their block isn’t stolen.
Non-trustlessness can have significant implications for the builder's revenue and the overall integrity of the PBS system. Is the PBS design robust enough to withstand the inherent trust issues, or does it expose itself to potential risks and exploits?
The $20M exploit of “low-carb-crusader” depended on the trust builders put into relays for not revealing detailed transaction information to the proposer before the consensus on the block was reached.
In the same presentation, Auston listed the 4 scenarios that could happen if builders and proposers put their "blind trust" into a "rogue relay."
Combining these cases, a sophisticated attacker could
inflict tens of millions of losses;
"control a massive percentage of Ethereum block space;"
create "a lot of downstream damage to censorship-sensitive protocols;"
"have really lasting consequences, given how long some proposers will remain connected" to the rogue relay.
Since we just mentioned censorship, let's dive deep into it.
Silenced Transactions: The Ripple Effects of Relay Censorship
The Ethereum Roadmap emphasized that the PBS upgrade “creates opportunities to prevent transaction censorship at the protocol level.” It explains the design would make “it much harder” for block builders to censor transactions. Yet, it does not mention the role of the downstream relays in the MEV supply chain in terms of censorship.
According to Censorship.pics, during the last 60 days, 52% of relays satisfied the United States Office of Foreign Asset Control (OFAC) compliance.
More data reveals that censorship surged in December 2023, caused by bloXroute Labs' decision to start censoring blocks sanctioned by OFAC across all of its maximum extractable value (MEV) relays in compliance with local laws. Steadily, over 50% of total slots have been under scrutiny since then.
Censorship in the PBS relay has significant implications other than regulation compliance. If it can not be resisted, various financial protocols cannot function efficiently, diminishing an essential property of Ethereum, calling into question the goal of PBS at the beginning of this article It leads to unfair treatment of transactions, as certain users or applications may be prioritized or excluded based on the preferences or biases of the relay nodes. The situation can result in a lack of transparency and equal opportunity for all participants in the Ethereum network.
Additionally, censorship in the PBS relay can also impact the security and integrity of the Ethereum network. If certain transactions are consistently censored, it can undermine the network's decentralization and trustlessness, as the decision-making power is concentrated in the hands of a few relay nodes.
Overall, the censorship problem of PBS relay highlights the need for data-driven mechanisms and solutions that ensure transparency, fairness, and censorship resistance in transaction inclusion on the Ethereum network. However, we haven’t seen any concrete data-backed proposals from the EF and communities about the censorship issue of relays.
As Vitalik pointed out in 2015,
anti-censorship is not even about civil liberties; it is about making it harder for consensus participants to engage in large-scale market manipulation conspiracies - a cause which seems high on the regulatory agenda.
It goes without saying that relays' Single Point of Failure problem worsens the censorship issue.
More notably, we only have 7 relays functioning at the moment.
" It’s Now More Centralized This Week Than It Was Last Week."
The centralization caused by PBS is staggering. In addition to five builders assembling 90% of Ethereum blocks during the last 14 days, data from relayscan.io shows that just four entities are behind 95% of the blocks sent to validators.
Among the four, bloXroute Labs holds the largest share: 45.6%; hence, its decision to comply with OFAC regulations significantly increased censorship.
Simon Brown’s research, Measuring the Concentration of Control in Contemporary Ethereum, shows that the relay ecosystem is more concentrated than the block builders ecosystem. The chart below uses the Herfindahl-Hirschman Index (HHI). The higher the value, the more centralized the ecosystem.
The PBS Guild Proposal proposed by the mev-boost community acknowledges the relays centralization issue in Vitalik’s decentralization framework:
Let's look at some of the most obvious potential dilemmas of relay centralization.
Monopolization of Block Proposals: A few entities gain control over the block proposal process, undermining the blockchain's democratic and competitive principles.
Censorship and Manipulation: Centralized relays selectively block or prioritize transactions, compromising the network's integrity and fairness.
Single Point of Failure: The network's reliance on a few relays increases vulnerability to attacks and technical failures, risking total system shutdown.
Loss of Trust and Network Integrity: Perceived centralization erodes confidence in Ethereum's neutrality and security, potentially driving users to alternative platforms.
Regulatory Capture: Centralized relays become targets for governmental control, threatening the network's autonomy and users' privacy.
Stifling Innovation: The dominance of a few relays raises barriers for new entrants, hindering the development and adoption of innovative technologies and ideas.
After backing out of relay providers, Matt Cutler portrayed the gloomy situation as follows:
"The whole idea is we’re building the foundation of the next economy that’s fundamentally more equitable than the existing system, and maybe it’s inevitable we recreate it, right? ... there are all sorts of backroom deals that are possible and may even be happening right now. The network is much more centralized than folks realize and is on a trend to become more centralized. It’s going in the wrong direction, and ... there’s no question it’s now more centralized this week than it was last week."
So what should we do? We can learn from a Nobel prize winner whose research on the public goods dilemma won her the accolade.
From Nobel Insights to PBS Evolution: Adapting Ostrom's Principles
In 2009, Elinor Ostrom became the first-ever woman to receive the prestigious Nobel Prize in Economic Sciences, along with economist Oliver Williamson. For many years, Ostrom studied the interaction of people and ecosystems. She examined a great variety of functionally and regionally distinct collective action systems for resource management—grazing commons, fisheries, and irrigation systems, to name a few—to better understand what makes them succeed or fail.
Her research showed that using exhaustible resources, some of which are public goods, by groups of people (communities, cooperatives, trusts, trade unions) can be rational and prevent resource depletion without state intervention or markets with private property.
Specifically, Elinor emphasized that
a successful system needs to utilize local knowledge, articulate rules that are subject to modification over time—sometimes centuries, and involve much trial and error experimentation. If this results in something functional, it is not a consequence of a rational construction from the top down but rather an ecological evolution that is sensitive to the fact that any viable solution depends on information not given to any one mind or authority.
To put her wisdom into the context of Ethereum, a better PBS cannot be born out of a top-down design. It must evolve and adapt to the real-life environment to provide practical solutions.
Luckily, the PBS Foundation has been set up to take in more feedback from the community. Hopefully, it is a good start that can use solid data to verify future design presumptions and results. Yet more questions linger:
What kind of data is needed to create a robust PBS solution that aligns incentives?
What are the features and ideas that can be generated out of the data?
How can the new features be implemented without disrupting the existing and as-intended systems?
The Ethereum Foundation has proven itself through the Merge and the Dencun upgrade. As one of the ecosystem's most advanced DeFi data providers, EigenPhi would be happy to provide our data and insights to other community members and contribute to data-driven PBS solutions.
Visit DeFi Strategies Case Studies by EigenPhi or bit.ly/head-first-defi to learn more trading tactic analyses.
Follow us via these to dig more hidden wisdom of DeFi:
EigenTx | Website | Discord | Twitter | YouTube | Substack | Medium | Telegram