- Sovereign rollups inherit multiple aspects of security from the DA layer, such as liveness, safety, re-org resistance, and censorship resistance.
- Sovereign rollups can have a bridge to the DA layer. The design space for bridging between sovereign rollups is wide.
- Sovereign rollups don’t need a settlement layer because they do their own settlement.
Sovereign rollups combine features from multiple different blockchain designs. The unique design can create misconceptions about sovereign rollups, such as how they work, what security they have, or what kinds of features are possible.
We’re going to explore and answer some of those misconceptions.
Security covers multiple aspects. Sovereign rollups do inherit multiple aspects of security from the DA layer.
The most obvious security feature that sovereign rollups inherit from DA layers is data availability. The two key properties that data availability provides are:
ZK sovereign rollups use validity proofs to prove that all their transactions are correct - this covers the safety aspect. What data availability guarantees in this case is liveness. Without data availability, a ZK sovereign rollup can’t finalize new blocks, causing the chain to halt. Transactions can continue to successfully finalize in blocks so long as the sovereign rollup nodes can read and write data to the DA layer.
For an optimistic sovereign rollup, fraud proofs are used to prove if any transactions are invalid. All transaction data for a block is necessary for fraud proofs to work. That means without data availability, invalid transactions can’t get rejected. Therefore, optimistic sovereign rollups inherit security for liveness and safety guarantees from the DA layer.
Another element of security that sovereign rollups inherit is re-org resistance. A re-org attack occurs when a fork changes the blockchain’s history. The history change may remove transactions that were finalized or transactions that were in the process of finalizing.
Sovereign rollups are protected against re-org attacks because their transactions receive consensus from the DA layer. The DA layer provides consensus to sovereign rollup transactions by ordering and finalizing them on the DA layer.
Once sovereign rollup transactions get finalized on the DA layer, they will stay finalized as long as the DA layer doesn’t experience a re-org. Therefore, sovereign rollups inherit resistance from re-org attacks and consensus from the DA layer.
Optionally, sovereign rollups can also inherit censorship resistance from the DA layer. Censorship resistance is a property that sovereign rollups may want to inherit from the DA layer because it can help protect users against malicious or centralized sequencers from censoring their transactions.
There’s two main ways censorship resistance can come from the DA layer:
- No sequencers: Users have their transactions sent directly to the DA layer. The DA layer is responsible for including finalizing each individual transaction. Now, the sovereign rollup inherits censorship resistance from the DA layer.
- Sequencers: User transactions are published in a block to the DA layer. If the sequencer tries to censor a user, they can send a special inbox transaction directly to the DA layer. The inbox transaction would let users get their transactions included in the rollup chain even if a sequencer was censoring.
The native bridges of smart contract rollups have trust-minimized security because the settlement layer verifies the rollup’s entire block. Sovereign rollups can’t bridge to the DA layer if it doesn’t verify its transactions, right?
Sovereign rollups can have a bridge with their DA layer. If the DA layer supports smart contracts, the bridge can be trust-minimized, although the bridge may require governance for the rollup to preserve sovereignty. If there is no smart contract support, like with Celestia, then the bridge would require stronger trust assumptions.
Importantly, sovereign rollups can have bridges between each other. These bridges can be trust-minimized if both sovereign rollups use the same DA layer and have fraud or validity proofs. This is possible through light clients that verify proofs of bridged transactions.
The design space is broad, with many possible solutions for secure bridging between sovereign rollups.
Smart contract rollups on Ethereum need a settlement layer. Isn’t that also true for sovereign rollups?
Sovereign rollups do not need a settlement layer because they do their own settlement. The main component of settlement, in this case is transaction verification. Sovereign rollups don’t use the DA layer to verify their transactions. Verification is done by the sovereign rollup nodes instead.
This means sovereign rollups can use a blockchain as a DA layer even if it doesn't support smart contracts like Celestia.
Now, imagine a developer who wants to build a smart contract rollup on a DA layer that doesn't support smart contracts. They can deploy their smart contract rollup on an existing sovereign rollup. The sovereign rollup acts as the settlement layer, with a native bridge connection and proof verification.
These possibilities allow DA layers, even minimal ones like Celestia, to support a wide variation of rollups and other blockchain designs.