Challenging Periods Reimagined: The Key Role of Sequencer Decentralization

Check out the complete second part of the Challenging Periods Reimagined Series by clicking here. This part focuses on sequencer decentralization and its integration into our proposed dynamic challenging period model. If you have not read the first part, we highly recommend that you do so. It is available here.

Below, AndreP3Sigma and I provide a brief introduction to this article.


Challenging periods are a hallmark of batches submitted to L1, as well as the sequencers behind them. Therefore, they must be trimmed, considering the sequencers who submit them to L1. A sequencer with a history of honest behavior and a clear commitment to the protocol should enjoy an advantage over new sequencers, malicious sequencers with unfamiliar addresses, or those showing no interest in protocol growth. Moreover, this advantage should benefit not only the sequencers themselves but also the users of the L2 protocol.
Furthermore, there is a growing movement towards decentralizing sequencers to increase security and protocol participation through yield mechanisms.

This second part of the series covers all these topics and completes the implementation of the Dynamic Challenging Period. It explains how the governance-adjusted time factor (introduced in Part I) is computed, including a novel mechanism for sequencer selection, economic incentives for sequencers, and penalty guidelines.

The article’s sections are now introduced.

Governance-adjusted time factor

The governance-adjusted time factor takes into account the reputation of sequencers. This is linked to the goal of transitioning to a decentralized network of sequencers. Therefore, this topic must be addressed first.

To achieve sequencer decentralization, the model enforces a multi-slot sequencer selection process that differentiates sequencers based on their honesty. The selection process is random and includes four reputation slots. Each slot represents the number of batches ever submitted by a sequencer.

At each batch epoch, a certain number of batches is attributed to each slot. This aspect is essential so that the process is not “Guilty until proven innocent” and allows all sequencers to advance in the reputation slots.

At the end of each epoch, sequencers that submitted batches are reallocated to new slots accordingly.

Multi-chain multi-slot sequencer selection process

The single-chain multi-slot sequencer process is the basis for sequencer selection, but it has a drawback: all sequencers must be available at all times, which can be resource-intensive. To address this, a multi-chain multi-slot sequencer selection process is used. A new chain is created when the number of sequencers exceeds a specific threshold.

The maximum number of sequencers per chain is determined by balancing network latency and network centralization. By establishing a parallelism between studies made on this topic and the Ethereum network, a maximum number of 1180 sequencers was defined.

When this number is exceeded, a new chain is created, and sequencers are randomly and equally distributed among the new number of chains. At each epoch, a sequencer in a given chain knows whether it has any chance of being selected or not. It can then choose to stay online or offline, making the whole process more resource-efficient. Moreover, if they decide to be offline, then the network’s latency may also decrease as there are fewer nodes communicating.

The shuffling mechanism that occurs at the beginning of each batch epoch ensures that every time the chains are composed of different sequencers and different slot fillings, contributing to a more decentralized and democratized selection process.

For a better understanding of the selection process, please refer to the corresponding sections of the article.

Governance-adjusted time factor function

As introduced, to ensure a fairer sequencing environment, a governance-adjusted time factor function has been created. The metric used in this model is the locking process of DAO tokens Psi of the protocol under consideration.

The governance-adjusted time factor function is defined as follows:

text{G}_text{T}(Psi) = begin{cases}left(frac{frac{23cdot n}{{24}cdot 7}-1}{psi}right)cdot Psi+1,, & Psi<psi
frac{23 cdot n}{{24}cdot 7}, , & Psigeq psi

where n is the number of 23h periods to which reduce the batch time to, and psi is the minimum amount of DAO tokens locked to achieve the maximum time discount.

The sequencer is incentivized to participate in the system because it benefits the ecosystem as a whole. Additionally, each sequencer gains an indirect economic benefit from the DAO token appreciation.

Any protocol seeking to adopt this model should determine a value for psi that aligns with the value of their governance token and hardware costs involved in being a sequencer, based on their own tech implementation.

Check the article’s “Applying the governance-adjusted time factor function” section for a clear understanding of the function’s derivation.

Economic incentive for sequencers

Locking benefits the ecosystem by reducing the challenging period. However, it’s necessary for sequencers to benefit from locking to encourage their participation. A new fixed percentage fee is introduced, where L2 users support the cost. A portion goes to the protocol treasury and the rest to the sequencer. The more DAO tokens locked, the higher the percentage they receive.

This fee may be seen as a price to pay for a better user experience. By paying it, one is incentivizing sequencers to act honestly and reduce the challenging periods. Analogously with the proof-of-stake mechanism in Ethereum’s mainnet, this new fixed percentage fee may be implemented at 30% of the one already applied in L2.
The portion that goes directly to the sequencer depends on the number of DAO tokens locked, ranging from 10% to 90%, as follows:

text{I}_%(Psi) = begin{cases}frac{0.8}{psi}cdot Psi+0.1,,& Psi<psi
0.9,,& Psigeq psi

This fee distribution mechanism applies to every sequencer that submits a batch, regardless of the slot they are in, which makes the implementation attractive to newcomers.

Check the article’s “Economic Incentive for Sequencers” subsection for a more detailed explanation.

Penalizing a malicious sequencer

To discourage dishonest behavior, penalties are in place for malicious sequencers in optimistic rollups. If a sequencer is found to be malicious, their address is added to a blacklist and they cannot participate in sequencing using that address again. However, they can change their address and be added to the Newcomers slot. If the sequencer has locked DAO tokens at the time of the malicious behavior, a slashing mechanism will be in place. The percentage of slashing depends on the severity of the malicious behavior.

These penalties incentivize honest behavior among sequencers, ensuring a secure and trustworthy environment in optimistic rollups.


Optimistic rollups offer a promising solution to Ethereum’s scalability challenge, but come with challenges such as long challenge periods and a centralized sequencer. This two-part series proposes a dynamic challenge period model, which considers the value of the transaction batch and the cost of spamming the L1 network (Part I), and stimulates decentralization, increases security, and enhances user experience by providing a multi-chain multi-slot sequencer selection process with a set of incentives.

The proposed model establishes an incentive virtuous circle, which improves security and attracts more sequencers to participate in the network. As a result, challenge periods tend to be shorter (never less than 23 hours), improving the user experience and promoting the protocol.

It is essential to consider that the proposed model is still theoretical and requires further research and testing. Nonetheless, the model provides an innovative approach to address challenges faced by current optimistic rollup implementations. Furthermore, the proposed model can help optimistic rollups compete with ZK rollups in the medium-long term period, introducing new content to the novel of decentralized sequencers.

Challenging Periods Reimagined: Road to dynamic challenging periods

Check out Three Sigma’s new article, the first of a two-part series, about a novel approach to reduce and optimize Optimistic Rollup’s challenging periods.

Below, me and @AndreP3Sigma provide a brief introduction to this article.


Ethereum’s scalability challenge is a significant obstacle to its widespread adoption, which Layer-2 scaling solutions, like optimistic rollups, aim to address. Optimistic rollups aggregate transactions in batches off-chain, which are then submitted to Ethereum’s mainnet. However, this solution comes with its own set of challenges, such as the length of the challenging period and the use of a centralized sequencer. The length of the challenging period affects the security and efficiency of the system, while the choice between a centralized and decentralized sequencer impacts its reliability and control.

Solutions currently employ a 7-day challenging period, but no solid justification has been found for this value. It’s important to ask whether it makes sense that all types of transactions have the same challenging period. In fact, there may be a need to reduce the period according to transaction risk and sequencer history, while improving the user experience and maintaining security. This includes transitioning to a decentralized network of sequencers without, ideally, increasing L2 costs.

The first topic is introduced here.

Rationale for the Dynamic Challenging Period Model

The current 7-day challenging period is considered too long and expensive for a malicious sequencer to block the L1 network with invalid transaction batches. To prevent this, a challenging period should be set such that it is not profitable for a malicious sequencer to conduct a denial-of-service (DoS) attack on the network. Sequencer reputation and the aggregated value of the batch should be considered when determining the challenging period. A minimum challenging period should also be enforced to prevent invalid small-value transactions.

Furthermore, the challenging period of a given batch must end at the same time or after the previous batch to ensure that finalized batches imply the finality of previous batches. This condition is applied after a batch time is computed, as follows:

mathrm{T_B} = maxbig{mathrm{CP_{min}} , mathrm{G_T} cdot min{7 text{days} , text{T}(mathrm{S_{text{Total Cost}}}= mathrm{V_B})}big}


text{CP}_text{min}: The minimum challenging period required to submit a fraud proof for a given batch;

text{T}(mathrm{S_{text{Total Cost}}}= mathrm{V_B}): Function that gives the amount of time required for a malicious sequencer spend the same amount of value in a DoS attack that they could potentially earn from the aggregated value of the corresponding batch (mathrm{V_B}).

mathrm{G_T}: Governance-adjusted time factor (between a minimum threshold and 1), based on sequencer’s reputation, which will be addressed in a Part II of the series.

On top of this, the aforementioned condition of previous batches being finalized first must be applied. To gain a full understanding, refer to the corresponding section of the article.

Minimum Challenging Period

The discussion of how short the challenging period can be has already been brought up in 2020. Ethereum’s consensus mechanism was still Proof-of-Work, with a minimum of 4.5 hours being derived, assuming a 15-second block time. However, there were consensus failures lasting more than that. The minimum challenging period must not be shorter than this time range. If it were, a malicious sequencer could take advantage of the network’s instability and increase the likelihood of successfully submitting fraudulent batches in the mainnet.

For the current model, one of the first consensus failures in Ethereum’s blockchain, which lasted around 21 hours until its resolution, is considered. To determine the minimum challenging period, it was assumed that the probability of a malicious sequencer leading a successful DoS attack on the L1 network would decrease exponentially as the number of submitted blocks increases:

mathrm{P_text{sucessful DoS attack}}=text{e}^{-A_1cdot, mathrm{N_text{blocks}}}

If the attack is to be successful in just one block, then one may consider that as a quasi-certain attack: mathrm{P_text{sucessful DoS attack}} = 99% implies A_1 = 0.001. Contrarily, if one assumes that an unlikely attack has mathrm{P_text{sucessful DoS attack}} = 0.1%, then the attempt of attack has to be sustained for 6908 blocks. Given a 12-second block time, the equivalent time period is 23 hours. Considering it exceeds the 21-hour consensus failure resolution described, the minimum challenging period in the present model will be:

mathrm{CP_{min}= 23text{ hours}}

For more information on the results, please refer to section “Minimum Challenging Period” of our report.

Understanding the time for equalizing batch value with cost of spamming L1 network

The goal of this section is to explain how to find the time required for a malicious sequencer to spend the same amount as possible earnings from an invalid batch during a DoS attack on Ethereum’s mainnet. The malicious sequencer submits transactions that are prioritized at the top of the block and consume all available gas to prevent other honest L1 network transactions (including fraud proofs) from being included in the blockchain. This creates an adversarial environment where gas prices increase as the malicious sequencer tries to outbid other traders in the mempool. Over time, fewer agents are willing to pay high fees, leading to less competition and a decrease in the rate of escalation of gas prices. Therefore, the evolution of gas prices, thus the transaction cost, over a large time scale, is considered to be logarithmic.

By integrating the transaction cost evolution function over time in a DoS attack, a total cost function was derived. This function represents the cost that a malicious sequencer would incur to spam the network for an increasing number of blocks. The function is given below:

mathrm{S_{text{Total Cost}}}= (t+10^{-2})cdot 7.2222 cdot ln{(t + 10^{-2})}-tcdot big[7.2222cdot (1+ln(10^{-2}))-text{GasPrice} cdot text{GasUsed}big]+text{GasPrice}cdot text{GasUsed}-7.2222cdot 10^{-2}cdot ln(10^{-2})

where text{GasPrice} is the price of gas at t=0, and text{GasUsed} is the gas usage of a block, which may be considered equal to 15 million (regular limit).

Each time a batch is being submitted, the current gas price is obtained from an oracle and, by utilizing this function, the equation mathrm{S_{text{Total Cost}}}= text{V}_text{B} is solved and the corresponding value of text{T} is computed. For example, with a initial gas price of 50.9 Gwei and block gas usage of 15 million, a batch with an aggregated value of 400 million USD will have a text{T} of 88 hours.

For more information on the results, please refer to section “Understanding the time required for equalizing batch value with the cost of spamming L1 network” of our report.


Part I introduces the concept of the challenging period in optimistic rollups, during which users can dispute incorrect transactions. The length of this period affects system security and efficiency. The proposed dynamic model reduces the period based on transaction risk (and sequencer honesty, in Part II), improving user experience without compromising security. Potential attack vectors are addressed and a minimum challenging period of 23h is recommended. Lastly, the model estimates the time required to balance batch value with the cost of spamming the L1 network during a DoS attack by a malicious sequencer.

Check out the Twitter discussion at


Next week, Part II will be released. The following topics will be addressed:

  • Governance-adjusted time factor (mathrm{G_T});
  • Decentralized Sequencer Network, based on a novel selection process;
  • New economic incentive to attract sequencers and push them to be honest;
  • Notes on malicious behaviour penalization and on how eigenlayer novel approach can be included.