You are reading an excerpt from our free but shortened abridged report! While still packed with incredible research and data, for just $20/month you can upgrade to our FULL library of 50+ reports (including this one) and complete industry-leading analysis on the top crypto assets.
Becoming a Premium member means enjoying all the perks of a Basic membership PLUS:
- Full-length CORE Reports: More technical, in-depth research, actionable insights, and potential market alpha for serious crypto users
- Early access to future CORE ratings: Being early is sometimes just as important as being right!
- Premium Member CORE+ Reports: Coverage on the top issues pertaining to crypto users like bridge security, layer two solutions, DeFi plays, and more
- CORE report Audio playback: Don’t want to read? No problem! Listen on the go.
Introduction
Arbitrum, developed by Offchain Labs, is the top Ethereum optimistic rollup scaling solution, with an increasing number of TVL, users, developers, and decentralized applications (dApps). Arbitrum One is currently the L2 network that has the highest TVL.
How Optimistic Rollups Inherit L1 Security
Optimistic Rollups (ORs) are not secured by cryptographic zero-knowledge validity proofs. Instead, ORs “optimistically” assume all transactions are valid, but allow for/use dispute resolutions, a withdrawal period, and crypto-economic incentives to maintain the data’s integrity. Essentially, it’s an “innocent until proven guilty” model with watchdogs in place. For a more detailed overview of rollups, check out our previous piece.
Anyone may submit a rollup block. However, all other nodes can execute the same transactions, essentially “checking the work” of the submitter. Only one honest actor is needed to submit the fraud proof and challenge any questionable block. This means fraud proofs are not sent with every batch of transactions. Instead, they’re only used when an entity wants to dispute a transaction, e.g., attempt to prove whether there are any fraudulent transactions in a rollup batch.
Challenge window
By default, Optimistic rollups “optimistically” assume submissions are valid. However, that’s not always the case. To combat this seemingly reckless optimism, checks and balances are put into place. There’s a period of time called the “challenge period,” after withdrawals, where anyone can identify and dispute transactions they believe are incorrect or fraudulent. If the whistleblower can mathematically prove fraud occurred by submitting the correct fraud proof, the rollup will revert the fraudulent transactions, penalize the fraudulent actor, and even reward the watcher.
Withdrawals require the user to wait for the one- to two-week period to end before an operator picks up the transaction data and submits it on-chain. This is one drawback of Optimistic rollups: the large waiting period for asset withdrawals from the L2 layer to the L1 chain. The drawback to this system is the delay when users move funds between the rollup and Ethereum and for transactions to be considered final. Because “watchers” need time to detect fraud, users’ funds typically take a week to be withdrawn and available for further use. ORs can only be considered safe with a ~ one-week challenge window.
However, the benefit of a challenge period is it allows any invalid transaction on the L2 to be disputed by any party and ultimately helps keep the data valid, increasing safety for users. Note these dispute windows are expected to come down over time and, in fact, some third-party solutions already exist to remove this delay entirely.
However, this approach taken by OR does have disadvantages, including:
- Long wait times for fraud proofs.
- Vulnerability to attacks if the value in a roll-up exceeds the operator's deposit.
- Extended wait times for withdrawing funds back to Ethereum.
- Possibility of transaction order tampering by centralized sequencers.
L2 solutions like Arbitrum fully inherits the security of the L1 blockchain. This inheritance is achieved through the process of rollups, where transactions are submitted to the L2 protocol in batches, reducing the data and cost posted to the L1. The L1 provides security to the L2 in two essential ways:
- Data Validity: This method uses validity or fraud proofs to verify the L2 state. L2 protocols periodically publish their state to the L1 chain, providing a cryptographic validity proof. In cases of suspected incorrect state root submission, honest observers can raise an alarm, leading to an automatic chain rollback.
- Data Availability: This ensures users can recreate the state of the L2 network independently, enabling trustless exits to L1. Achieving data availability involves recording L2 transactions on L1 or utilizing an external data availability layer with cryptographic guarantees
Arbitrum Security: Strengths and Weaknesses
Despite Arbitrum being the leading rollup solution at the moment, it still is not a complete product and has several known vulnerabilities. Below are various risks you should be aware of while using Arbitrum chains.
- Funds can be stolen if the invalid state gets submitted to layer 1 and none of the whitelisted validators checks the published state. Currently, permissionless access to become a validator is not present. Funds can also be stolen if the contract receives a malicious code upgrade. Currently, there is a ~12-day delay on code upgrades/.
- User funds can be lost if some mistakes are present in Nitro and Wasm one-step prover implementation.
- MEV can be extracted as there is only one sequencer present because it can front-run user transactions as only the sequencer can order transactions.
- If transaction data becomes unavailable, user funds can be lost.
- Users can also be censored if members of data availability committed (DAC) restrict their access to external data
The specific delay of 12 days and 9 hours associated with code upgrades further complicates the security landscape. These challenges underscore the importance of comprehensive security measures in any blockchain solution. Projects built on Arbitrum must prioritize robust security protocols to protect user funds. Collaboration with renowned blockchain security companies like Halborn could enhance the security posture of projects on Arbitrum, instilling the confidence required to serve users and investors effectively.

Source: L2Beat
Early Issues
Arbitrum One experienced downtime for ~45 minutes in September 2021 when a bug caused a large burst of transactions to overload the system. Optimism (OΞ) also experienced a temporary outage (~one hour) in November 2021 in which its L2 transactions were halted.
Beyond downtime, Arbitrum (and most rollups) remained very centralized around the core team/company. Control over the core code (and thus, users’ funds) in Arbitrum is maintained with a 4/6 multisig design. This means only four people are needed to collude/be compromised in order to have complete control over the rollup. The multi-sig address is seen here.
“The admin of all contracts in the system, capable of issuing upgrades without notice and delay. This allows it to censor transactions, upgrade bridge implementation potentially gaining access to all funds stored in a bridge and change the sequencer or any other system component (unlimited upgrade power). It is also the admin of the special purpose smart contracts used by validators.” -Source
Additionally, rollups currently use sequencers to collect and order users' transactions in a mempool before they get executed and posted to the DA layer. This poses a potential issue regarding the Maximum Extractable Value (MEV) as the sequencer is generally centralized (one company) in current rollup implementations. Arbitrum is built by Offchain Labs, which currently operates Arbitrum's sequencer and illustrates the long road ahead many rollups have towards achieving true decentralization. The current solution would be to decentralize the sequencers, which many rollups plan to do, although this presents its own challenges.
In the event the L2 node is offline, users must be able to withdraw funds from the bridge. Up until recently, becoming a validator for Arbitrum has not been completely permissionless. Arbitrum implemented a whitelist. As previously discussed, validators send new L2 state roots to Ethereum mainnet. Due to the existence of a whitelist, if all validators were to fail, nobody could publish L2 state roots, and users' funds would subsequently be frozen. But as of Q3 2022, the whitelist has been effectively removed with a new process in place should a validator go offline.
In the new system, if validators do not submit new state roots within a week, anyone can become a validator and submit the transactions. This is a big step in the right direction for decentralizing the rollup chain.
The Centralized Sequencer
In Arbitrum, the Sequencer plays a vital role in aggregating and posting batches of transactions from the Layer 2 chain to the Ethereum mainnet. However, the Sequencer's lack of decentralization presents a unique challenge. In an anomaly where the Sequencer behaves unexpectedly, there is no mechanism to hold it accountable.
A notable incident occurred in June 2023 when a disruption in the Sequencer's batch poster prevented batched transactions from being posted. Though the issue was resolved on the same day, it highlighted the risks associated with centralization.
Conclusion
Arbitrum's rise as a leading L2 solution has brought both opportunities and challenges. While its market dominance is a testament to its potential, the security lapses and centralized aspects of its architecture warrant careful consideration. The ongoing efforts by the Arbitrum team to address these issues reflect a proactive approach to enhancing security. Investors, users, and developers must remain vigilant and informed about the evolving landscape to navigate the complex world of decentralized finance successfully. The case of Arbitrum serves as a valuable lesson in the delicate balance between innovation, growth, and security in the blockchain space.
