[SWIP-32]: Allow 100% osETH Minting In the NodeSet Private Vault On Ethereum

Executive summary

In this proposal, the NodeSet team is asking the StakeWise DAO to enable 100% osETH minting capability for the NodeSet Private Vault on Ethereum. The vault meets all of the recently approved criteria around the TVL, fee level, and performance metrics on Ethereum, and the team is prepared to provide the 5M SWISE bond required for enabling 100% LTV in this vault.

Motivation

Enabling 100% osETH minting for the NodeSet Private Vault would grow StakeWise DAO’s treasury through increased osETH minting from our committed long-term ETH depositors and help us attract new deposits which would do the same.

In addition, NodeSet provides uniquely decentralized infrastructure on StakeWise. This vault is powered by NodeSet’s curated cohort of hundreds of independent operators, making it the only vault that achieves true decentralization and fully removes centralization risks for depositors. We have invested significantly in the StakeWise ecosystem by building a unique integration to bring our operator community to StakeWise, and our promotion of StakeWise to our private depositors and alignment with the DAO’s decentralization goals demonstrate NodeSet’s commitment to enhancing the protocol’s visibility, adoption, and long-term success. Enabling 100% osETH minting rewards this alignment, encourages continued investment, and demonstrates StakeWise DAO’s decentralization goals.

As seen below, NodeSet’s vault has similar characteristics the other vaults on StakeWise with 100% osETH minting enabled:

Performance

Please note that the NodeSet Private Vault performs around the network average according to Beaconcha.in.

One thing to note - our Rated score is “Moderate”, which technically doesn’t qualify for the above-average performance criterion for enabling 100% LTV in the Vault. However, Rated is known to overweight attestation correctness, relying heavily on proposal effectiveness. Such methodology unduly penalizes truly decentralized setups like NodeSet. In some cases where individual operators are located on the other end of the world from block proposers (e.g. Europe ↔ Southeast Asia), there is not enough time to propagate the head vote for the proposed slots, leading to a reduction in head vote accuracy. This ends up hurting our Rated score, despite reflecting the reality of how decentralized Ethereum and NodeSet are.

In light of this, we ask the DAO to consider Beaconcha.in’s validator efficiency scoring model as a better metric for cross-comparison between operators. Instead of measuring attestation correctness, it specifically measures actual income compared to ideal income, producing a score that captures the metric at the top of users’ minds, namely the influence of performance on rewards earned. Interestingly, the NodeSet Private Vault has a similar attestation efficiency (98.52%) to the Chorus One - Max MEV Vault (98.73%) as measured by StakeWise. This is because StakeWise uses a similar methodology to the one Beaconcha.in uses. In short, we believe it is better suited for assessing performance in terms of income earned, instead of pure stats.

Operator Onboarding

To join NodeSet, operators must pass the following checks:

1. Sign a message indicating control of a minimum of one currently active validator on-chain

2. 6+ months of on-chain performance history

3. 95% or more rated.network rating over the last 3 rolling months

In addition, 135 of our operators have 6 months of operational history with Constellation, our Rocket Pool-based offering.

Specification

Enabling 100% osETH minting for the NodeSet Private Vault requires the addition of the vault address to the os_token_vaults config, an upgrade to the LTV of the NodeSet Private Vault, and deactivation of liquidations for this vault. The transactions below will do so upon successful resolution of this proposal.

[
  {
    "to": "0x287d1e2A8dE183A8bf8f2b09Fa1340fBd766eb59",
    "operation": "0",
    "value": "0.0",
    "data": "0x95f1fd4a000000000000000000000000b266274f55e784689e97b7e363b0666d92e6305b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff0000000000000000000000000000000000000000000000000de05bc096e9c000"
  },
  {
    "to": "0x6B5815467da09DaA7DC83Db21c9239d98Bb487b5",
    "operation": "0",
    "value": "0.0",
    "data": "0x8a76984d0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000002e516d516f5763715076386370393862737a6745646a6a7579786d59784e446551464e687862324e627655736d6962000000000000000000000000000000000000"
  }
]

Vote

The Snapshot vote is here: Snapshot

I’m member of NodeSet independent home operator and I know some team members from years ago. They are a professional team and have 100% of my support for this proposal.

Hey all, just chiming in here to share that I’m also an independent home based node operator and member of NodeSet and very excited to be supporting StakeWise. The NodeSet team and community are incredibly professional/focused and committed to decentralization and I couldn’t be prouder to be a part of it and contributing.

As a node operator with NodeSet, I strongly support the SWIP-32 proposal to allow 100% osETH minting in the NodeSet Private Vault on Ethereum. This feature would significantly enhance capital efficiency for stakers, enabling us to maximize the utility of our staked ETH while maintaining the security and decentralization standards that NodeSet upholds.

Commenting both personally and on behalf of the team - we’re super excited about NodeSet’s ambition to grow the Vault, and fully support this proposal. We believe in protecting Ethereum’s decentralisation, and take pride in collaborating with Nick, Mike, Joe, and others on the NodeSet team and community on putting more stake on individual operators’ nodes. Making this Vault a success with 100% LTV minting of osETH will pave the way for more NodeSet products, and more opportunities for solo operators to get involved at scale. So let’s make this happen!

Without casting any shadow on NodeSet, I don’t feel very comfortable having to trust another entity with the value of our osETH. What happens if any of their nodes are slashed? How will it affect our osETH when basically part of the collateral has disappeared? Will our boost positions be unraveled at a loss when some NodeSet validators get slashed? Aren’t we now asking osETH holders to bear the risk of this decision?

The 5M Swise bond is peanuts, barely covers 30ETH in losses for a 25k pool, besides selling any large amount of Swise would tank the value of Swise.

I have always thought such a bond should be posted in osETH, and should represent a % of the maximum osETH that can be minted by the vault.

Hey @ottodv, appreciate your questions. It may be worth opening another topic to discuss osETH risks specifically as some of these questions are more generalized, but I’ll note a few things here for the sake of discussion on this specific proposal.

• After the recent Pectra hardfork, slashing penalties on Ethereum are greatly reduced. Note that one would need to see slashing on over 12k staked ETH to receive more than 30 ETH in slashing penalties.

• Because NodeSet is decentralized, our maximum per operator asset exposure is approximately 0.8% (better than both Lido and Rocket Pool). The slashing penalty for one of our operators would be very small and significantly less than the penalty applied to other vault admins who are more centralized. For this vault, the current per-operator maximum ETH stake is 224 ETH. Slashing penalties on 224 ETH would be negligible (less than 1 ETH).

• Because of the above and the fact that osETH itself is over-collateralized, a slashing event in this vault would likely not affect the value of osETH in any significant capacity and therefore would not cause boost positions to be unwound or trigger any other adverse events.

• Passing this proposal will significantly strengthen osETH’s security as more assets are distributed to a more decentralized operator base.

If you are curious about how NodeSet works to distribute assets and reduce risk, we invite all Ethereum node operators to head over to nodeset.io/join to become an operator! It’s free to join, and you will receive delegations of ETH and a significant cut of fee revenue.

I am a NodeSet node operator. NodeSet is great team with ethos aligned with Ethereum to promote small node operators running nodes for others. NodeSet operators are distributed in many countries, keeping and further promoting a decentralized Ethereum network. If this proposal passes, it will further unlock the potential of NodeSet and achieve a greater good for Ethereum.

The problem is that this proposal ends the over-collaterilization of the osETH issued by the NodeSet vault. Other vaults do still over-collateralize their minted osETH, but that over-collaterilization does not cover the risk of the osETH issued by NodeSet, just the risk of their own vaults. So there is NO over-collateralization to fall back on in case of a NodeSet slashing event (or any other issue).

To expand on my thoughts, why does this have to be an all or nothing choice? Default requires approx 10% over-collaterilization. We could also decide to lower that to 5%, or 2% or maybe even 1%. We could still maintain some over-collaterilization related to the non-zero risk. Why does it have to be 0%? (That is in the absense of a meaningful security deposit.)

I am a node operator with NodeSet, independently operating a node from home. NodeSet comprises hundreds of verified node operators with substantial experience in solo staking, and RocketPool. This depth of expertise distinguishes NodeSet from other platforms and enables us to achieve both decentralization and high performance, two goals that are often difficult to attain simultaneously.

NodeSet’s commitment to decentralization aligns closely with Ethereum’s overarching vision. I believe this proposal presents a win-win opportunity for both StakeWise and NodeSet. Furthermore, the validator efficiency scoring model proposed by Beaconcha.in, as referenced in the proposal, appears to be a fairer and more suitable approach for a decentralized environment.

At present, a significant number of Ethereum nodes are concentrated in North America and Europe. This geographic clustering benefits nodes located in those regions, but it imposes a subtle disadvantage on nodes operating from more remote locations, such as Australia or Northeast Asia. For this reason, I strongly support this proposal, as it encourages greater geographic distribution, which is essential for the long-term health and resilience of the network.

With our decentralized model, up to 70 NodeSet operators could be slashed all at once with no impact on osETH due to the SWISE bond provided (currently worth ~30 ETH). The only realistic scenario where so many operators were slashed at the same time is if all of Ethereum experienced a catastrophic correlated slashing event. In this case, most StakeWise vaults would be affected and osETH would not be insulated regardless of this proposal.

To see the current statistics on our operator distribution, you can use the script here:

This vault meets all the current criteria the DAO uses to approve 100% osETH minting, and NodeSet’s model is significantly more decentralized and safer for StakeWise compared to the other vaults that have this status. If you want to discuss changing these criteria, maybe it’s best to open another discussion on this topic?

No most vaults would not be affected, that was the whole point of overcollatorilization. Currently the only vault that would be affected is the Genesis vault - which does not require overcollatorilization.

This proposal seeks to add another vault without overcollalorilization. Basically.

There is still one criteria to be met, and that is approval by the DAO.

Also I don’t remember voting for a proposal that said that the DAO must approve all vaults that met said criteria, if that’s what you’re implying.

So it’s up to the DAO to decide.

I do agree that we should have a separate discussion regarding those criteria, and surrounding topics. As I said at the outset, nothing I am bringing up, has anything specifically to do with NodeSet - a far more general issue of securing osETH when we throw overcollatorilization overboard. Everything I have read so far about NodeSet would definitely make it a good candidate for this privilege. There is no issue with NodeSet itself in my mind.

Thank you both @ottodv and @Wander for the exchange above! I see that the discussion touched on two broad topics:

1. the inclusion of NodeSet into the de-facto permissioned operator set, enabling osETH minting without overcollateralization,
2. existence of a de-facto permissioned operator set generally.

Let me comment on both briefly on behalf of the team.

The merits of NodeSet belonging to the small list of operators (currently only StakeWise Labs, Chorus One) with 100% osETH minting are difficult to debate - from a slashing risk perspective, assuming NodeSet has controlled for the sybil risk (which it has), the value-at-risk per operator is dramatically lower than, say, StakeWise Labs. Hence, inclusion of NodeSet into the permissioned list would be pretty justified - if Labs (or Chorus One) were able to get into the list, then NodeSet, carrying a lower potential impact on osETH from individual slashing events, should have no issues with being included.

It’s not all without contention though - the decentralized, bondless nature of NodeSet’s model means that StakeWise must rely on its individual operators to contribute their full share of MEV even when they might have an economic incentive to steal it. With MEV being a crucial component of the Vault APY, and hence the osETH APY, StakeWise is exposing itself to the risk of systematically depressed osETH APY figures. However, NodeSet monitors the MEV-related behaviour of their operator set closely, and removes operators from the validator set if such behaviour is identified.

On our part as the DAO, there is always recourse to removing 100% LTV minting capability from the Vault if it threatens the consistency of our product - whether this be NodeSet or Labs or anyone else. In light of this, we believe the risks associated with an addition of NodeSet are mitigated, and are outweighed by the benefits of having a really decentralized entity in the permissioned operator set, helping StakeWise’s overall decentralization (and growth).

Now on having such permissioned functionality in the first place - this is indeed a step away from the initial vision outlined by StakeWise V3, and a step that took careful consideration to even propose to the DAO. The key reasoning for such a feature is that whenever we have an opportunity to improve capital efficiency for some users, we should do it - as long as it doesn’t threaten the overall system. As of today, no LST other than osETH is offered at less than 100% capital efficiency, meaning users always have their whole stake liquid. The competition in the segment is fierce, and offering below 100% efficiency offers hurts StakeWise’s ability to compete with other LSTs.

Hence, finding a way to have 100% efficiency is a must in our book - and given our permissionless nature, the only way to have it is by creating a permissioned set of undoubtedly trusted Vaults (operators) that are granted the capacity to get osETH 1:1 with user’s stake. This is no different from most every other LST/LRT protocol - a curated operator set is selected by the team/DAO to have close control over performance, slashing risk, and operational efficiency.

From this perspective, StakeWise is not inviting any additional risk vs other protocols so long as every Vault (operator) is carefully vetted before being granted 100% LTV minting capability. If we as a DAO have established a procedure and criteria for onboarding, have done the due diligence behind the scenes, and are able to have an arms-length business relationship with the Vault, then the process is hardly any different from other LSTs/LRTs on the market. This allows StakeWise to remain competitive and keep growing - arguably the most important consideration for any commercially-oriented DAO. As no additional risk is being taken on vis-a-vis other protocols, it’s tough to argue that what StakeWise is doing is wrong.

At the same time, we are not forced to give up on the permissionless nature of StakeWise - solo operators and smaller Vaults maintain the ability to offer liquidity and DeFi integrations for their users out of the box, even if only up to 90%. Hence, the hybrid system that has been established keeps the main objective enforced - give max capital efficiency to some users, without bringing down the whole system.

Now as for the changing level of risk within StakeWise, it is no doubt that a departure from fully overcollateralized to partly overcollateralized is a downgrade - our ability to absorb slashing losses goes down, and osETH hence becomes that much riskier than before. So far the DAO (and team, as participants) have accepted this and have not focused on introducing additional reinforcement mechanisms that could introduce additional protection to osETH.

However, since this is being discussed out in the open as a concern, there is room for creating a temp check to gauge the broader DAO members’ sentiment (and importantly also heavy osETH users) around adding mechanisms to improve osETH’s durability.

This has been noted by the team, and we’ll return to the DAO with an initiative about what could be done, so we could decide whether it should be done, shortly.

Thank you all again, and let me know your thoughts if you have them!