REStake ON SHIDO

Since I'm seeing loads of questions about the security of restaking on Cosmos-based chains like $SHIDO, especially concerning the use of REStake, I want to address these concerns and provide a comprehensive explanation.

Many users are worried about the potential risks involved in granting staking permissions to validators. This article aims to reassure you about the safety measures in place and explain why StakeAuthorization is a secure method that ensures validators can only withdraw and restake your funds within strict limits. Let's delve into the specifics of StakeAuthorization and understand why it provides robust security for your delegations.

Understanding StakeAuthorization

StakeAuthorization is a robust mechanism designed to authorise specific staking-related actions on behalf of a delegator. It allows a delegator (the granter) to authorise another account (the grantee) to perform actions such as delegating, undelegating, or redelegating tokens within predefined limits.

Here's a breakdown of the key components of StakeAuthorization:

  • Authorization Type: Specifies the type of action authorised—delegation, undelegation, or redelegation. Each action requires separate authorization.
  • MaxTokens: Sets a cap on the amount of tokens that can be managed under this authorization. If left empty, there is no limit, allowing flexibility in token management.
  • Validators List: Includes either an AllowList or a DenyList. The AllowList specifies which validators the grantee can delegate to, while the DenyList lists validators to which delegation is prohibited.

Security Features of StakeAuthorization

  • Granular Control

    Delegators can precisely control which validators their tokens can be delegated to through the AllowList and DenyList. This ensures that even if a validator is compromised, the tokens can only be staked with approved validators.

  • Limited Scope

    By setting the MaxTokens limit, delegators can restrict the maximum amount of tokens that can be managed, preventing excessive delegation that could risk their holdings.

  • Action-Specific Authorization

    StakeAuthorization requires separate permissions for delegating, undelegating, and redelegating. This separation of concerns adds an extra layer of security, ensuring that even if one authorization is granted, it does not automatically grant the others.

Safety Measures for Delegators

  • Control Over Funds

    The coins delegated through StakeAuthorization remain in the delegator's Keplr wallet. Validators, or any other entity, do not have the ability to withdraw, transfer, or dispose of these funds. Even if a validator or the restake app gets hacked, the funds are secure and remain under the control of the delegator.

  • Explicit Validator Lists

    By carefully defining the AllowList and DenyList, delegators can ensure their tokens are only staked with trusted validators. This prevents unauthorized staking actions with untrusted or malicious validators.

  • Gas Costs as a Deterrent

    The Cosmos SDK charges gas for each validator listed in the AllowList or DenyList. This cost structure discourages the creation of excessively large lists, which could complicate management and auditing of staking permissions.

  • Revocation and Management

    Delegators retain the ability to revoke or modify StakeAuthorizations as needed. The system is designed to iterate over and manage the state of these authorizations efficiently, ensuring that any changes or revocations are promptly reflected.

Conclusion

StakeAuthorization on Cosmos-based chains like $SHIDO provides a secure and flexible framework for delegating staking responsibilities. By allowing detailed control over staking actions and imposing strict limits on what can be done with delegator funds, it ensures that validators can only withdraw and restake tokens within the predefined boundaries set by the delegator. This granular control and security measures help maintain trust and safety in the delegation process, providing peace of mind to users.

For those interested in exploring the technical specifics, the Cosmos SDK documentation and GitHub repositories offer detailed examples and implementations. By understanding and utilising these features, delegators can confidently engage with validators while maintaining full control over their assets.