Table of Content

• Introduction.

• Phases of the Ethereum roadmap.

• The Merge: Let's dive right in!

• Conclusion.

Introduction

On December 30th, 2023, Vitalik Buterin, co-founder of Ethereum, shared a late gift from Santa with the Ethereum community and the world at large: the updated Ethereum roadmap for 2024.

The Ethereum roadmap outlines near-term and long-term plans for improving Ethereum. This article is the first in a series that seeks to explain exhaustively the phases of this roadmap (from the beginning of the tunnel to the end where we find the light) and the implications it has for Ethereum.

Phases of Ethereum's roadmap

There are six phases of the roadmap: the merge, the surge, the scourge, the verge, the purge, and the splurge. In this article, we will delve intensively into the merge phase.

The Merge: Let's dive right in.

This phase officially kicked off on September 15, 2022, and comprises four major plans.

1. Ethereum switch from Proof-of-Work (PoW) to Proof-of-Stake (PoS) consensus.

Before the merge, the Ethereum mainnet used the PoW algorithm to achieve consensus. PoW is a consensus algorithm where miner nodes compete to add new blocks of transactions to the network by solving a cryptographic puzzle that requires a lot of computing power. The miner who successfully solves the puzzle earns crypto rewards for doing so.

PoS, on the other hand, is a consensus algorithm where validators must stake crypto assets to earn the right to validate and add new blocks to the chain, earning crypto rewards in return. For the switch to happen, the Ethereum mainnet, which made use of PoW, and the Ethereum beacon chain, which used PoS, were merged, hence the name of this phase: the merge. This merge saw the PoS validators from the beacon chain take over the validation of transactions on the mainnet.

Introduced in 2020, the Ethereum beacon chain was designed to run in parallel with the mainnet and intensively test the logic of PoS consensus, ensuring it was sound and sustainable before it was enabled on the mainnet. It was a stepping stone to the switch from Ethereum's energy-intensive PoW to the eco-friendly PoS system.

The switch from PoW to PoS was necessary because the high energy consumption of PoW called for concerns about its negative impact on the environment. This switch officially deprecated proof-of-work in Ethereum and reduced its energy consumption by ~99.95%.

2. Reducing the time-to-finality of a transaction on Ethereum through Single Slot Finality (SSF).

Time's up. You can't reverse that transaction anymore.

In every blockchain system, the goal of consensus is to achieve transaction settlement. Transaction settlement is simply the finalization of transactions on the blockchain. Ideally, this means a transaction can't be reversed or changed once the block it is contained in is validated and finalized. While Ethereum used PoW for consensus, the concept of finality was vague. The possibility of chain reorganization always existed, so DApps on Ethereum would have to wait for five to ten blocks before they confirmed the status of transactions to their users.

Chain reorganization also known as reorg is the deletion of a block from the chain to make room for a longer chain. Take a look at the image below.

In a Proof-of-Work system, two miner nodes, A and B simultaneously mined and published blocks (blue and yellow) linked to the previous block (red). This creates a fork, with two potential main chains: one through the blue block and another through the yellow block. More often than not, the determination of the main chain often relies on Miner C, the node that mines the next block.

If Miner C, while mining its block (green), links it to the blue block, the main chain proceeds from the white blocks to the red block to the blue block and down to the green block (fig. 1a). Alternatively, if Miner C links its block to the yellow block, the main chain follows from white blocks to red block to yellow block and down to the green block (fig. 1b). In this case, choosing to link to the blue block leads to the deletion of the yellow block (fig. 1c). Its transactions are returned to the mempool. The deletion of the yellow block is called chain reorganization.

With the switch to PoS, finality was now an established concept in Ethereum. With a 15-minute time interval, blocks were finalized. A finalized block is a block that can only be altered or reversed if 33% of the total staked ETH is burnt.

As of the time of writing, the total amount of staked ETH is 28 million, amounting to a staking market cap of 62.5 billion USD. It will cost 20.625 billion USD to delete or alter a finalized block; a very unwise financial decision to make.

Sixty seconds make 1 minute, 32 slots make 1 epoch.

In Ethereum, time is measured in slots and epochs. A slot is a 12-second window offered to a random validator by the PoS algorithm to add a new block to the blockchain. Ideally, the number of elapsed slots should match the number of blocks added to the chain, but practically, this isn't the case. Slots with no blocks are called missed slots.

An epoch is made up of 32 slots. One epoch equals 384 seconds or 6.4 minutes. The finality of block A is determined by the number of epochs between the epoch containing block A and the current epoch.

Let's assume the current epoch is epoch X, and the epoch containing the block we want to check its finality is epoch Y. If there are 2 or more epochs between epoch X and Y, then we can consider epoch X and all other epochs before it finalized. At this point, the chances of altering or removing the block are zero because it will require burning 33% of the total staked ETH. The amount of ETH required to reverse a finalized block is extremely high.

Alas, single-slot finality.

Currently, it takes about 15 minutes for a block to finalize. Fifteen minutes is too long a timeframe for block finality to occur because it is impractical for certain real-time DApps or DApps that require high transaction throughput. It also increases the likelihood of frequently occurring chain reorganization.

The merge phase will see Ethereum developers improving the consensus algorithm of the blockchain to validate blocks more efficiently and drastically reduce finality time. Instead of the usual fifteen minutes, blocks will be proposed and finalized in the same slot, i.e., 12 seconds. This concept is the single-slot finality.

3. Introducing the Single Secret Leader Election (SSLE) to permanently eradicate DOS attacks against validators.

Since the list containing upcoming block proposers (validators assigned the task of proposing a block in a slot) is public, a malicious validator can map out the IP addresses of these proposers and determine which validator is due to propose a block and, for financial gains, perform a Denial of Service (DOS) attack restricting the validator from proposing a block in time.

Say we have two validators; A and B which are the listed block proposers for slot X and slot X+1, but their slots haven't been reached yet. Once A is due to propose a block in their assigned slot (Slot X), B performs a DOS attack against A, preventing them from proposing a block for their slot.

This attack if successfully carried out would allow Validator B to extract the Miner Extraction Value (MEV) of both slots or propose a block with a lot of transactions that could have been split across two blocks, gaining all the associated fees. In the merge phase, Ethereum will adopt a Single Secret Leader Election (SSLE) to efficiently combat this problem, reducing the likelihood of a DOS attack to zero.

The ideology behind SSLE.

Using SSLE, validators will submit a commitment to a secret they all share. These commitments are then reconfigured and reshuffled so that no third party can match a commitment to a particular validator. Only Validator A would know its commitment. Then one commitment is chosen at random. If a validator detects that their commitment was chosen, they know it is their turn to propose a block.

The Ethereum website has a more technical explanation of SSLE. You can also read more on Whisk, Ethereum's SSLE implementation.

4. Research for quantum-resistant signature algorithms.

Digital signatures? I'm confused.

A digital signature is proof generated to demonstrate possession of the private key associated with a wallet, without disclosing the private key itself for authentication of transactions. A digital signature is generated by passing the transaction hash and the private key into any digital signature algorithm, e.g. ECDSA, RSA, etc. The output is the digital signature for that transaction.

ECDSA?

Ethereum uses the Elliptic Curve Digital Signature Algorithm (ECDSA) for the creation and verification of digital signatures necessary for the authentication of transactions. A transaction is signed with the sender's private key using the ECDSA algorithm, and the signature is appended to the transaction data. Nodes on the network employ the same algorithm to validate the signature using the sender's public key when the transaction is broadcast to the network.

What has quantum computing got to do with ECDSA? Well, the security of ECDSA and Elliptic Curve Cryptography (ECC) at large is tied to the difficulty of solving the Elliptic Curve Discrete Logarithm Problem (ECDLP) because it involves extremely large numbers. With every advancement in the field of quantum computing, the chances of solving the ECDLP increase.

A little bit of math.

ECDSA uses key pairs derived from Elliptic Curve Cryptography (ECC) to create and verify digital signatures. The general equation of elliptic curves is y² = x³ + ax + b but when we start using these curves in cryptography, the equation is modified to y² = x³ + ax + b mod (p) where a and b are constants, and p is a 256-bit prime number representing the finite field of the curve. A finite field, also called Galoid field, is simply a mathematical structure containing a finite number of elements from 0 to p-1 in this case.

Without a finite field, the results of operations performed on elliptic curves could potentially be infinite, which would make computations impractical. The finite field imposes constraints using modular arithmetic, ensuring that all calculations stay within a well-defined set of values. The general equation of elliptic curves is y² = x³ + ax + b.

We introduce mod (p) to the equation when using the curves in cryptography to restrict the results gotten from the curve to the size of the finite field, i.e., the result of any operation performed when modulo-ed with p will always produce a number that is 256 bits or less.

Ethereum, in particular, uses the secp256k1 curve to generate its asymmetric key pairs. The image below is the secp256k1 curve and its equation.

To generate an asymmetric key pair, the private key is randomly generated, and the formula K = k * G is used to calculate the corresponding public key where x is the private key randomly generated, X is the public key to be generated, and G is a standard point on the elliptic curve.

The Elliptic Curve Discrete Logarithm Problem.

Imagine you have a point (A) on an elliptic curve, and you know another point that is a multiple (B) of the first point. The elliptic curve discrete logarithm problem is like trying to figure out how many times you need to add the first point to itself to get the second point, but without knowing that number directly. You wouldn't know if B is the 1 billionth multiple of A, the 2nd multiple of A, or the 13th multiple of A.

Consider the equation K = k * G. It's kind of like a puzzle – you know the starting point G, and you know the result (K - the public key), but figuring out the exact multiple of G (k - the private key) it took to get K is computationally difficult. The security of elliptic curve cryptography relies on the difficulty of solving this puzzle, making it hard for someone to figure out the private key from the public key in a secure system, but this might not hold for long.

With the advancement in quantum computing, ECC, and by extension ECDSA, are considered quantum-unsafe, though theoretically. Quantum computers have the potential to break widely used cryptographic schemes, including Elliptic Curve Cryptography (ECC), through Shor’s factoring algorithm.

Shor's algorithm leverages the parallelism (the ability of quantum computers to perform parallel calculations at a time and superposition properties of quantum bits (qubits) to efficiently factor large numbers, which is a fundamental operation underlying the security of many cryptographic protocols.

ECC relies on the difficulty of solving the elliptic curve discrete logarithm problem. Shor's algorithm can efficiently solve this problem on a quantum computer, posing a threat to the security of ECC-based encryption. Since it is better to be safe than sorry, there might be ongoing research to produce or implement a quantum-resistant signature algorithm in Ethereum.

Conclusion

The Ethereum roadmap shows a significant evolution, with the merge phase initiating the switch from Proof-of-Work to Proof-of-Stake, finding efficient ways of reducing transaction finality time through Single Slot Finality, and enhancing security against DOS attacks with Single Secret Leader Election. As Ethereum navigates these transformative phases, the implications for its scalability, security, and environmental sustainability are profound. Stay tuned for more upcoming articles delving into the remaining phases, and exploring their impact on Ethereum's future and the broader blockchain landscape.