Abstract
The proposed “Security Council permanently inactive” assumption is a Stage 2 autonomy bar, not a Stage 1 refinement. Keep Stage 1 stable; designate Stage 2 as the home for censorship-resistance mechanisms in practice — specifically, forced transactions and sequencing decentralization — and move the current “fully code-controlled end-state” requirements into Stage 3.
————————————————————————————————
We support strengthening censorship-resistance and liveness guarantees over time, and we appreciate the effort to clarify how these properties should be measured. That said, we think the proposed new requirement — “the previous requirement must hold even if the Security Council is permanently inactive” — is a Stage 2 autonomy requirement rather than a Stage 1 refinement.
It changes the trust model from “recoverable assuming an honest SC majority” to “fully self-sufficient even if governance disappears.”
In parallel, we believe the dominant trust assumption in the medium term is not “SC inactivity,” but who can propose blocks and include transactions, and whether users have a mechanical enforcement path if they are censored.
For that reason, we suggest Stage 2 should explicitly incorporate two concrete, measurable pillars that directly address censorship risk in normal operations:
- Forced transactions + liveness fallback (with a clear, bounded maximum delay for enforcement), and
- Sequencing decentralization (e.g., multi-operator block proposal with defined quorum/threshold rules and a credible path toward permissionless participation).
Therefore, our counter-proposal is:
- Keep Stage 1 semantics stable (do not add the “SC permanently inactive” assumption to Stage 1).
- Keep protection from the “inactive security council” requirement in Stage 2, and define Stage 2 around the ability of users to permissionlessly affect sequencing through forced transactions and sequencing decentralization, as the practical mechanisms that reduce censorship power.
One of the reasons for decentralized sequencing: Forced transactions are very time-insensitive and are inapplicable to many DeFi use-cases, where liquidations can be completed in seconds. Decentralized sequencing is done immediately and is much more applicable when real funds are involved. - To preserve a clear progression, move the current Stage 2 “fully code-controlled end-state” requirements (e.g., permissionless proof/challenge systems, long upgrade exit windows, and SC restricted strictly to adjudicable on-chain bug conditions) into a Stage 3 tier. Stage 3 can then be defined as “protection from a malicious security council”, in line with the previous stages, where assumptions around the security council are gradually reduced.
Finally, as noted in the proposal, adopting “SC permanently inactive” as a Stage 1 requirement would largely collapse the Stage 1 ↔ Stage 2 distinction into “upgradability-only”, while disregarding the other censorship-resistance mechanisms between Stages. We view preserving a meaningful ladder as important: keep Stage 1 stable, use Stage 2 to measure concrete censorship-resistance mechanisms — such as forced transactions and sequencing decentralization — and reduce Stage 3 to upgradability as L2Beat proposed.