Fast and Secure Decentralized Optimistic Rollups Using Setchain

TL;DR

The paper tackles thecentralization risk of current optimistic L2 rollups by introducing a fully decentralized arranger built on Setchain, a Byzantine-tolerant grow-only-set primitive with epoch barriers. It formalizes the arranger as a combined sequencer and DAC, proves correctness, and demonstrates scalable empirical performance for hashing, signing, and translating batch data. It also designs economic incentives and fraud-proof mechanisms (with data-availability challenges and L1 arbitration) to deter misbehavior and punish violations, ensuring termination, availability, and integrity even under Byzantine conditions. The work shows that decentralization can be achieved without sacrificing throughput, with translation and verification tasks handling orders-of-magnitude more data than Setchain’s base capacity. This approach has practical implications for scaling Ethereum via robust, provably correct, and incentive-driven L2 infrastructure without centralized bottlenecks.

Abstract

Modern blockchains face a scalability challenge due to the intrinsic throughput limitations of consensus protocols. Layer 2 optimistic rollups (L2) are a faster alternative that offer the same interface in terms of smart contract development and user interaction. Optimistic rollups perform most computations offchain and make light use of an underlying blockchain (L1) to guarantee correct behavior, implementing a cheaper blockchain on a blockchain solution. With optimistic rollups, a sequencer calculates offchain batches of L2 transactions and commits batches (compressed or hashed) to the L1 blockchain. The use of hashes requires a data service to translate hashes into their corresponding batches. Current L2 implementations consist of a centralized sequencer (central authority) and an optional data availability committee (DAC). In this paper, we propose a decentralized L2 optimistic rollup based on Setchain, a decentralized Byzantine-tolerant implementation of sets. The main contribution is a fully decentralized "arranger" where arrangers are a formal definition combining sequencers and DACs. We prove our implementation correct and show empirical evidence that our solution scales. A final contribution is a system of incentives (payments) for servers that implement the sequencer and data availability committee protocols correctly, and a fraud-proof mechanism to detect violations of the protocol.

Figures (12)

• Figure 1: Optimistic Rollups (left) and Optimiums (right).
• Figure 2: Applying $\<add>(e)$ after epoch $3$ (left) and increasing to epoch $4$ (right).
• Figure 3: (a) Average size of compressed batches and batch tags for varying numbers of transactions per batch. (b) Signature aggregations per second, in terms of the number of signature aggregated per procedure.
• Figure 4: (a) Throughput of compressing, hashing and translating procedures for varying number of transactions per batch. (b) Signature verification per second. The dotted line represents the maximal number of signatures that each arranger process must verify (for $12,000$ TPS, the batch size of $4\,400$ and $128$ process). The dashed line represents the maximal number of signatures that each arranger must verify (for 12,000 TPS, the batch size of $400$ and $256$ process).
• Figure 5: Centralized Sequencer + decentralized DAC.

Theorems & Definitions (21)

• lemma 1
• proof
• lemma 2
• proof
• lemma 3
• proof
• corollary 1
• proof
• corollary 2
• proposition 1