Centralized sequencers are the current norm for rollups and most, if not all, plan to decentralize the sequencer in the future. There is no correct way to decentralize as multiple options exist that are suited toward different outcomes.
Permissionless PoS with leader election
To instantiate a permissionless set of sequencers in place of a centralized party, the minimum requirement is some form of Sybil resistance and a leader election mechanism. Sybil resistance is required to enforce a cost for malicious behaviour. With Proof of Stake (PoS), costs can be levied on sequencers through missed rewards, like inactivity leaks, or through direct reduction of stake (slashing).
Since rollups use the L1 (which we’ll refer to as the base layer) for consensus, all that’s needed is a leader election mechanism to rotate the sequencers. The nodes obtain sequencing privileges relative to the amount of stake they have – 10% of the stake will yield sequencing duties approximately 10% of the time. There are several leader election algorithms bundled with consensus protocols that could work fine as a standalone mechanism for the sequencer set.
The staking mechanic can be established on the base layer through a smart contract or directly within the rollup. The point is that, like any monolithic chain, individuals can join the sequencer set simply by staking the native token and meeting the minimum hardware requirements.
Permissionless PoS with MEV auctions
Instead of a specified leader election mechanism, sequencer duties can be awarded through an auction. The auction is specified as an MEV auction (MEVA) because the entity with the highest bid earns the right to become the sequencer and extract any MEV during the specified period sequencer period. The period can be any arbitrary length, though there’s a trade-off between frequent versus infrequent auctions.
MEV auctions may sound appealing because the sequencing rights are permissionless. Anybody can bid to become a sequencer even though only the highest bid receives the right. The problem with awarding the sequencer role to the highest bidder ensures that only the most well-capitalized bidder will win every time. In addition, the sequencer that can extract the most MEV will be able to grow its capital base faster than other sequencers. In the end, MEVAs centralize and incentivize a monopoly on sequencing. A monopoly derives from the high barrier to entry in becoming the sequencer, winning the MEVA, and the pricing power that the sequencer can exert. Although winning the MEVA doesn’t give the sequencer control over the system, they can still get slashed.
The rollup does generate revenue from the MEVA which can get to any number of causes, such as protocol development or public goods funding. However, the money isn’t free. Revenue generated from MEVAs comes at the cost of users’ who are financially impacted by MEV extraction. Since MEV extraction is essentially an invisible tax on users, MEVAs are simply a wealth redistribution from users to the beneficiaries of MEVA revenue.
Some type of tax to pay for causes like development and public goods funding is an arguably noble cause and one which I support. Collecting revenue from a tax in the form of a MEVA is far from an ideal solution. There are many better and more thoughtful ways that a tax could be implemented.
Permissioned sequencer set with fair sequencing
If the goal is to reduce MEV, a slightly different approach may work. The sequencer role can get split among a trusted/semi-trusted group of parties. Each sequencer participates in a consensus process to determine transaction ordering (aka fair ordering). Through consensus, a notion of “fair” ordering can emerge, similar to first come, first serve.
- User makes a transaction which is broadcasted to all sequencers.
- Sequencers build a list of transactions in the order they claim the transactions arrived in.
- All sequencer lists are merged using a fair sequencing algorithm to create some form of consensus view of first come, first serve ordering.
- The final ordering after consensus is published to the base layer.
Notably, the consensus process introduces an honest majority assumption for ordering. If a majority are honest, then the first come, first serve ordering will be upheld despite attempts from other malicious sequencers to manipulate the ordering. If a majority of sequencers are dishonest, the ordering can get manipulated in any arbitrary way to extract MEV.
MEV remains even if the honest majority assumption holds. Rather, certain types of MEV become limited. Frontrunning can still occur, but it will be dependent on a latency race. Namely, the first transaction that arrives at a majority of the sequencers will capture the MEV opportunity. Without a leader or mempool, a Flashbots-like auction can’t practically enable granular MEV preferences – goodbye sandwich attacks.
Since the sequencer set is permissioned, active management would be required to admit sequencers into the set and provide recourse for dealing with malicious or dishonest sequencer behavior. The degree to which the process would involve the community is unclear, though ordering manipulation is difficult to discern from a networking problem that causes ordering to appear manipulated. Difficulty in discerning order manipulation is why slashing can’t necessarily be used to programmatically punish sequencers.
Cryptographic techniques around MEV mitigation, such as threshold encryption, could be used in combination with a permissioned or permissionless sequencer set to also aid in MEV mitigation.
Conclusion
There is no correct answer to “how do we decentralize the sequencer?”. It depends on the preferences and aims of the rollup. If the goal is to become the most performant rollup with permissionless entry into the sequencer set, then permissionless PoS with leader election is likely optimal. If the primary goal is to mitigate MEV, perhaps something like a permissioned sequencer set with fair ordering or threshold encryption is ideal. If it is to provide a more sustainable path to funding any number of causes, a well thought-out tax coupled with either of the former options may be suitable.
Addendum (2/01/23)
After spending some time looking at "fair ordering" consensus mechanisms I no longer think they are any good at MEV mitigation; mostly because the negative externalities of the system appear to far outweigh its benefits. I look forward to potentially more useful MEV mitigation mechanisms like threshold encryption, batch auctions, and things like SUAVE.