Vitalik Buterin States “Centralized Anything is Evil by Default”

Co-founder of Ethereum, Vitalik Buterin tweeted and warned the crypto community saying that anything centralized was evil by nature. Moreover, he further mentioned in the tweet that those following De-Fi and self-custody ethos were better off. However, he admitted that DeFii wasn’t risk-free.

The «centralized anything is evil by default, use defi and self-custody» ethos did very well this week, but remember that it too has risks: bugs in smart contract code.

Important to guard against it:

* Keep code simple
* Audits, formal verification, etc
* Defense in depth

— vitalik.eth (@VitalikButerin) November 16, 2022

Additionally, in a follow-up tweet, Buterin expressed his worry about ZK-rollup 2y, a layer-2 blockchain protocol that processes transactions, performs computations, and stores data off-chain and holds assets in an on-chain smart contract.

Furthermore, Buterin in his tweet wrote:

The one I worry about most is if we have $10B in a ZK-rollup 2y from now and it gets hacked because of a bug in the circuit constraint code or the EVM wrapper around it.

Moreover towards the bottom of the aforementioned tweet, Buterin briefly explains how to guard ZK-rollup and Ethereum Virtual Machine (EVM) against bugs and exploitation.

In particular, Buterin advises the developers to keep code simple and verify formally to guard against bugs in smart contracts running on Ethereum Virtual Machine (EVM).

EVM is a piece of software that executes smart contracts and computes the state of the Ethereum network after each new block is added to the chain.

Subsequently, he touched on the procedures to follow in order to guard ZK-rollups. He proposed to harden roll-ups with multi-proofs.

He concluded by saying that ZK-EVMs will not be bug-free for a long time. However, he stated, “but we can minimize the chance of bugs leading to catastrophic outcomes with multiple implementations!”

Interestingly, he mentioned: “there is a tradeoff space of “security against bugs” vs “security against bad governance” and said “Keeping governance involved but only in emergencies seems like a good idea”

Source