OpenZeppelin, the Security Member of the ARDC, reviewed the proposal to adopt Timeboost for security and implementation risks. There are no issues with the proposed design at this time.
Summary
Financial markets reward first actors. Because Arbitrum’s Sequencer is “first come, first serve” and fully open, anyone that sees an opportunity to make a profit can send a transaction to realize the gain. The trouble is that a lot of these opportunities become visible to the entire market at the same time, incentivizing all market actors to send a transaction to the network in the hope that they’re first. The first motivation for this AIP is to address spikes in network traffic that have caused the Sequencer to go down in the past. This AIP works toward smoothing out the spikes by removing the incentive for everyone to send transactions to the market. It removes this incentive by creating an auction for the right to jump the transaction line for a period of time (one minute is suggested). If someone has the right to jump in front of you, there’s no incentive to race to be first. This ties into a second described motivation for the AIP: by auctioning this right, the DAO can be compensated for providing these financial opportunities in the first place. The auction and it’s surrounding infrastructure is designed by Offchain Labs, with Espresso Systems collaborating, and is called “Timeboost.”
Review
This AIP is in it’s theoretical phase. There is no code or decentralized version today, but community approval would grant Offchain Labs and Espresso Systems the runway to develop those things. Those details are where most of our security concerns will be so we look forward to reviewing their work when it’s available. The auction mechanics are sound and use well-understood methods. The roles in the system and their responsibilities are well separated and as simple as can be. We have no security concerns about the centralized version of Timeboost as it is described in this AIP.