What Are The Risks With Staking ETH2.0?

What Are The Risks With Staking ETH2.0?

11:05 01/07/2021

Never trust anyone who promises an unreasonable return on your investment without any risk. There is always risk. In this article, we will try to explain the associated risks one should consider when deciding whether they should take part in staking.

This is part 4 of our Basics of Staking series.

  • Part 1 explains the basics of what is Staking.
  • Part 2 talks about the advantages of staking compared to the method by which Bitcoin is mined (Proof-of-Work).
  • Part 3 talk about the most common way to participate in a Proof-of-Stake network, Staking pools.

Risk

In normal investments, the risk is usually associated with the value of the investment decreasing. This is still the case with any cryptocurrency; the value of ETH vs USD (or any other fiat currency) can fluctuate, and the fact that it has been performing well in the last year doesn't guarantee that it will continue to perform in the future.

So, let's put that risk aside, as it doesn't have anything to do with staking specifically, apart from the fact that by staking, you may (depending on the staking method of your choice) be locked out from selling your ETH. Instead let's discuss the specific risks associated with staking ETH.

Slashing

The purpose of a Proof-of-Stake network is to secure the network and ensure that transactions approved in the network are valid. For a transaction to be considered valid, it means that it is:

  1. not fraudulent; validate that if A transferred ETH to B, then A definitely had that amount in their wallet prior to the transaction, and that it was signed correctly.
  2. are unique; ensure that no transaction is accidentally processed more than once.

If a validator is caught approving transactions that violate the rules, it is penalized and some or all of its staked amount is taken away. This is commonly referred to as slashing.

It is widely agreed upon that if a validator is using one of the official implementations, they are not at risk of these problems. The official code goes through a robust process of validation to ensure its functionality.

If you decide to stake your eth in a service without running your own validator, there is a risk aspect related to trusting that the service with which you are staking (e.g. in a staking pool) is not using a homebrew implementation for a validator or that their process to ensure their validator is correct (and that they don't have nefarious intentions) is down right perfect.

Cyber Security

As with any computer connected to the internet, there is always the risk of someone trying to gain access to it, for their own purposes. When it comes to cryptocurrency, the risk is even greater, because money is involved. The risk aspect here breaks down a to a few sub-categories:

Hacking

Hackers are out there, and they're trying to gain access to any and all systems that is vulnerable. If any system is holding on to your ETH (more specifically, holding on to the keys that allow access to the wallet that holds the ETH), there is always some risk that these keys are not sufficiently secure, or that accessing them is not sufficiently protected (e.g. does an employee have access to them? Can they be bought?.. You get the point.)

It's all too common to see a news article with the title "Hackers stole $X worth of Bitcoin from Y" -- The best way to protect yourself from these kinds of hacks is education, and researching companies with a (1) good track record and (2) ideally ones that offer some kind of insurance. These are not easy to come by, but are out there. This is why we have decided to create topstakingrewards.com and help non-savvy users discover the best and more reliable staking services.

Custodial vs. Non-Custodial

You may have seen these terms on some websites (including ours) when it comes to staking. What this means is "who has access to my crypto?", or in other words "who is holding on to the keys that allow access to my wallet".

Custodial means that the service takes custody of your funds while they're being staked. From a technical perspective, this is easier to do, as a service running a staking pool needs to deposit eth to the official staking contract address, it has to come from somewhere. This is no different than investing with Coinbase, effectively your wallet is "in the cloud", but "the cloud" just means a computer that is being managed by someone else, which means you're also relying on them to take good care of it.

Non-custodial means that no one but you has access to your keys. There are staking services that provide non-custodial pools (see here), by running a client on your computer that interacts with the service's machines. Their code doesn't actually have access to the keys, but is using the client on your computer to sign transactions with your keys. This is considered a lower risk option, but is more technically challenging and requires you to run a computer that is always connected to the internet (yes even when the internet is down). Not complying with the requirements of maintaining maximum uptime or connectivity may result in slashing and thus lower fees, overall.

Risk mitigation

  • If you're not running your own validator, prefer true non-custodial staking services.
  • Trust in companies that have strong cybersecurity standards, this is usually more common with the larger, more mainstream companies, trusted by many individual users as well as institutional investors. The fees at these companies may be higher though.
  • As always, you can't lose money you don't invest.

Ask us anything!

We hope that you enjoyed this article and found it informative. As always, if you have any questions or if you would like to get in touch, feel free to connect with us on Twitter @staking_rewards.

If you feel any of this information is incorrect or outdated, please email us at info@topstakingrewards.com with the article title and any additional information.