Cosmos governance considers penalizing validators for Neutron standstill

Neutron, a blockchain designed to facilitate smart contracts within the Cosmos ecosystem, faced an unexpected pause on Thursday.

The problem? Some of its validators, responsible for maintaining the network, were running different versions of Neutron’s code — an inconsistency that temporarily resulted in the halting of its blockchain.

In dealing with the aftermath, Cosmos Hub governance is now deciding whether it should penalize these validators for their oversight.

Neutron had advised validators to upgrade their nodes to v1.0.4 back in July, believing that it would not cause disruptions to the network’s consensus mechanism. However, this assessment proved to be incorrect.

When validators using two distinct node versions attempted to process differing transactions, the inconsistency caused a disagreement regarding each transaction’s validity. This lack of consensus meant that the network could not agree on the contents of the next block, leading the chain to stop until the issue could be resolved.

This series of events led the network to propose its first governance measure to slash Replicated Security validators on the Cosmos Hub. ‘Slashing’ refers to the process of penalizing validators by reducing or confiscating a portion of their staked tokens due to malicious or negligent actions.

Replicated Security is a mechanism by which the Cosmos Hub extends its validator set to other blockchains in an effort to enhance their security. In return, these chains provide revenue to the Cosmos Hub’s validators and delegators by sharing a part of their transaction and application fees.

“Although the two validators did not maliciously intend to double sign on Neutron, the intent of operators cannot be hard coded into the system,” Blockworks Research analyst David Rodriguez said. “The Cosmos Hub is currently going through the difficulty that many chains will face in the coming years — is code law or is social consensus law?”

Rodriguez points out that shared security systems have varying methods of handling slashing. For example, Eigenlayer prioritizes slashing first, and then allows community members the chance to veto the decision.

In the case of Replicated Security, the network adopts an optimistic approach.

“Replicated Security takes an optimistic approach that gives the community the ability to slash once a ‘slash packet’ is sent to the Hub,” he said. “In my opinion, when it comes to shared security systems, we must slash regardless of intent unless the slash event is so large that it structurally changes the security of the Hub.”

Rodriguez’s sentiment is not shared entirely by other Cosmos community members, however. Neutron founder Avril Dutheil believes the validators should not be penalized.

“The ‘optimistic’ slashing that currently exists for Replicated Security is a short-term solution until the ‘untrusted protocol’ is rolled out,” Dutheil told Blockworks. “This mechanism results in a bit of a training wheel scenario which has some benefits: Coordinating Cosmos Hub validators to perform changes that could put their ATOM stake at risk can be challenging, as they will naturally tend to be more conservative — they value protecting their ATOM stake more than helping the consumer chain launch/restart.”

Dutheil asserts that validators shouldn’t be penalized so long as they are not purposely attempting to attack the network.

“[This] helps get these initial hurdles resolved faster,” he said.

At the time of writing, almost 91% of voters have rejected the penalization proposal, with only 9% of voters in favor of slashing the network’s validators — though only 14.25% of eligible voters have opted to participate so far.