Thanks to Danny and Joe for review. As the launch of the beacon chain grows nearer and eth2 becomes ever more final, the time has come to fast-sync the community with the latest on the inner workings of eth2 and on the concrete requirements, incentives and experience of being a...
As far as I understand it, Phase 0 is basically testing the PoS + consensus system and ensuring that it works properly. The is the most fundamental building block necessary for ETH2 and as such is its own phase in the development process.
The target is Q1 2020 but I believe many people are thinking that seems unlikely due to the fact the there is still no multi-client testnet online and the frozen spec has been unfrozen to change some things (maybe for the better, but unfreezing a frozen spec is unlikely to expedite the release).
They will have to validate new deposits in the ETH1 deposit contract which will create 32 ETH2 on the beacon chain so a new validator can join and they will have to validate new blocks which will produce new ETH2 as well (the block reward).
Something that I've always wondered as a result of this - in the absence of just sending funds to a new address, is there any other way to rotate keys? Say that the private key to my ETH 2.0 has touched a system that I later learn might be compromised - how can I invalidate that key?
When you deposit your stake you specify your withdrawal address which is typically going to be a different key than the one you use for participating in consensus. Of course there is still the concern that the withdrawal key is compromised, but this key should be more secure assuming you follow best practices for cold wallets.
Once transfers back to eth1 are possible, I wonder if it will make sense to set your withdrawal address to a contract wallet? This way you could swap ownership of the contract if you're paranoid about a key being compromised. Could even use a multi-sig.
I'm certainly no expert but in that case I think it would simply be a race between you and the person who also has your private key to make the first transaction when it's possible to move the ETH2 to a new private key.
There are ways that a key could be at risk without being fully compromised.
Imagine your physical computer is stolen. Or you accidentally saved your key on Dropbox. Or your house is robbed and a box with your private key in it is stolen.
An attacker might have your private key, but not know that they have it yet. Or maybe they haven't figured out how to transfer your funds yet.
If you can rotate your key at the first sign of any possible compromise, it gives an attacker a very small window to claim your funds, instead of an arbitrary large one.
If people could choose their shards, it would be easy for an attacker to attack just that shard. Then instead of needing 51% of Ethereum's stake to carry out an attack, you only need 51% of that shard's stake. If 64 shards had equal stake then you'd need less than 2% of all stake to take over a shard.
I don’t think anyone is advocating allowing validator to choose what shard they validate. So, I don’t see how allowing devs to choose which shard to place their smart contract would be a security concern.
Last I heard, validators would be assigned to a random shard and devs can choose which shard will house their code.
IMO the sharded design has a number of flaws - it needs a lot of crosslinking (I think this is the main reason they dropped from 1024 to 64 - they had to increase the number of crosslinks, which became too much with 1024 shards), and inter-shard communication will be a huge challenge (ie, dApps on one shard interacting with users on another shard).
I understand. But why not start with 5 or 10 shards and wait till they are fully used before (flexibly) expanding the number of shards. Rollups and other layer two solutions seem more promising by the day.
I think my question is: is it not inefficient to use 64 shards if there is only traffic for a couple of shards? Validators must be paid and 64 sounds more energy intensive than 5 or 10.
Of course my understanding of sharding is very limited but it sounds illogical.
Seems to me like the effort of validating a shard would mainly be based on the activity in the shard, rather than a fixed cost per shard. So I think whether all the activity is in 5 shards or spread across 64, it's roughly the same. But I'm no expert either.
Loving the communication! In terms of relative work, how do the different phases compare? Phase 0 50%, phases 1 and 2 25% each? It seems like Phase 0 lays most of the groundwork for the other phases, is it the most complicated to implement?