Risks and Mitigations

Timelocks and Admin Risk

While some administration tasks in Constellation are relatively safe, such as changing the maximum number of validators each node operator is allowed, there are other parameter adjustments that will immediately affect users returns or represent critical security concerns. For these settings, Constellation uses standard timelock contracts to give users time to exit the system before potentially dangerous maintenance occurs.

There are three levels of timelocks in Constellation:

Downtime Risk

Because NodeSet uses a distributed infrastructure model, node operators are allowed nearly full independence of their operation. This means that they may experience downtime which would allow performance to trend towards the Ethereum network average. However, NodeSet monitors network performance to ensure that downtime is reasonable. If operators experience too much downtime, their validators will be exited and they will no longer be allowed to participate.

Slashing Risk

If Ethereum validators engage in behavior that appears malicious to the network, they will be slashed. Because of this deterrence, slashing incidents are accidental and extraordinarily rare. However, it is statistically much more likely for large, enterprise operators to be slashed due to their reliance upon high-availability setups which cause double-signing infractions.

xrETH is not inherently protected against slashing. However, xrETH is staked across hundreds of independent operators individually vetted by NodeSet, and accordingly, asset exposure risk for the failure of any individual operator is minimal. To date, no NodeSet operator has been slashed, and performance for the NodeSet network remains comparable with professional operators.

If you prefer to exchange some yield for additional slashing protection, you may consider minting osETH from a StakeWise vault operated by NodeSet's operators instead.