Home /Security /Slashing & Penalties
⚖️
Slashing

Slashing & Penalty Mechanics

As restaking grows to $20B+ in ETH restaked, slashing risk is now a first-order concern for stakers. This guide breaks down exactly what triggers slashing in EigenLayer and PoS, how penalties are calculated, what correlation penalties mean for your position, and the difference between fraud proof and validity proof slashing systems.

ETH Restaked (EigenLayer)
$20B+
Slashable Offenses
3 core types
Max Penalty (single)
100% of stake
Slashing Events (all time)
~12
EigenLayer mainnet

🔴 What Triggers Slashing

⛓️

Double Signing

CRITICAL — Highest penalty

Signing two different blocks or attestations for the same slot. This is the most severe offense — it proves malicious behavior, not honest mistakes. Double signing within an epoch is typically punished more heavily than cross-epoch double signing.

Base penalty range 1% – 10% of stake
EigenLayer context AVS-specific — can be higher
Detection Slasher daemon + challenge period
Example: Operator signs Block 100 on Chain A and Block 100 on Chain B simultaneously. Slasher detects both signatures.
📡

Inactivity Leak

HIGH — Duration-dependent

Validator fails to produce blocks for an extended period — Ethereum's penalty for being offline. The leak rate increases the longer you're offline. Designed to eventually reduce idle validators to near-zero balance.

Leak rate 0.5%/epoch, increasing
Trigger threshold 2+ consecutive epochs missed
Recovery Re-sync and attest to exit leak
Example: Validator offline for 4,096 epochs (18 days). Leak reduces stake by ~22.8% via quadratic decay formula.
⚠️

AVS-Specific Violations

MEDIUM — Variable by AVS

Each Actively Validated Service (AVS) defines its own slashing conditions. These can be more or less severe than Ethereum's base rules. Operators must read each AVS contract carefully.

Examples Censorship, data unavailability, equivocation
Scope Determined by AVS operator contract
Penalty AVS-defined, often 0.1%–5%
Example: Data availability AVS slashes operators who serve conflicting block data to light clients over a 24-hour window.
🔀

Equivocation

HIGH — Often conflated with double signing

Signing two different messages that contradict each other. In many contexts, equivocation and double signing are the same offense. Some AVS contracts distinguish between 'same slot' equivocation (worse) and 'same epoch, different slots' (less severe).

Also called Attestation equivocation, message equivocation
Evidence type Two signed messages, same validator
Challenge window Typically 2–14 days depending on AVS
Example: Validator signs attestation for slot 100 saying 'block X' and later signs attestation for slot 100 saying 'block Y'. Challenge period allows slasher to present both signatures.

🧮 Slashing Penalty Calculation

Slashing penalty = Base Penalty + Correlation Penalty. The formula is designed to prevent mass-slashing events from wiping out operators proportionally.

Penalty Formula
Base Penalty + Correlation Penalty = Total Slash
Correlation penalty is computed as a function of how many validators are being slashed simultaneously

Base Penalty

Double Signing (same slot)
3% – 10%
Double Signing (cross epoch)
1% – 5%
Inactivity Leak (18 days)
~22.8%
AVS-Specific (per AVS)
0.1% – 5%

Base penalties are defined per AVS slashing contract. Some AVS contracts have tiered penalties based on offense frequency — first offense is a warning, second offense triggers the full penalty.

Correlation Penalty

When multiple validators are slashed simultaneously, a correlation penalty is added to distribute the damage fairly and prevent cascading failures.

Correlation Factor = f(N slashed / N total)
Correlation Penalty = base × (1 + correlation_factor)
1 validator slashed +0% correlation
5% of pool slashed +3–5% additional
10% of pool slashed +8–12% additional
20%+ of pool slashed +15%+ additional (cap applies)

🧮 Interactive Slashing Calculator

Model validator rewards vs potential slashing penalties over time. See how long it takes to recover from a slashing event given different reward rates.

Annual Rewards (gross)
1.60 ETH
Total Slash Amount
3.20 ETH
Net After Slashing
30.40 ETH
Recovery Time
2.0 years
Risk-Adjusted APY
~2.6%
Stake Value Over Time (years)
With Rewards Post-Slash Recovery Point
Year-by-Year Breakdown
YearStake (no slash)Stake (with slash at Y1)Cumulative Reward

⚖️ Fraud Proof vs Validity Proof Slashing

The slashing mechanism depends heavily on the underlying consensus model. Understanding this distinction is critical for restakers in EigenLayer AVSs.

🔍 Fraud Proof Systems

Optimistic
Core Principle
Assume correct until proven wrong. State is provisional — anyone can challenge during a challenge window (typically 7 days).
Slashing Trigger
Challenger provides fraud proof → original submitter is slashed. The submitter's bond (typically 1–10 ETH) is partially burned, partially paid to the challenger.
Examples
Optimism, Arbitrum, Base, Metis — optimistic rollups that use fraud proof for rollup block verification.
Slash Amount
Challenger receives: bond amount × some % (often 50% of bond). Protocol receives: remaining 50%.
Bounty Hunter Opportunity
The most profitable form of slashing in DeFi. A successful fraud proof challenge can earn you 5–20 ETH depending on the protocol's bond size.
Risk to Operators
Submitting incorrect state (even accidentally) gets slashed. Must run challenge monitoring software to detect when you've been incorrectly challenged.

🔐 Validity Proof Systems

ZK / SNARK
Core Principle
Mathematical proof guarantees correctness. Invalid state cannot be generated — the proof itself proves validity. No challenge period needed.
Slashing Trigger
Slashing for 'malicious' behavior: sequencer equivocation (signing conflicting blocks), withholding data availability, or violating ZK proving commitments. Not for generating invalid proofs (impossible).
Examples
zkSync Era, StarkNet, Polygon zkEVM, Scroll — ZK rollups that submit validity proofs to Ethereum L1.
Slash Amount
AVS-defined. Typically 1%–10% for honest mistakes (equivocation), higher for demonstrably malicious behavior.
Bounty Hunter Opportunity
More limited than fraud proof systems — you can only catch operators who violate ZK proving duties, not operators who submitted invalid computation (which doesn't exist in ZK).
Risk to Operators
Lower risk of accidental slashing since computation is proven correct mathematically. Higher risk of equivocation slashing if the sequencer signs conflicting blocks.

Key Differences Summary

Aspect
Fraud Proof
Validity Proof
Challenge period
7–14 days
None (instant finality)
Can submit bad state?
Yes, if not challenged
No — mathematically impossible
Slashing trigger
Challenger catches bad state
Operator violates proving duties
Bounty opportunity
High (fraud proof challengers)
Lower (ZK proving violations only)
Operator risk
Accidental slashing if challenge monitoring fails
Equivocation / data withholding only
Finality guarantee
After challenge window
Instant (per block)
Known slashing events
Multiple (Fraud proof systems have caught exploits)
Few (ZK systems are newer, less exploited)

📊 Slashing Percentage by Offense Type

A reference table of slashing penalties across different protocols. Percentages represent fraction of stake slashed — varies by AVS.

Offense
First Offense
Repeat Offense
Detection Method
Challenge Window
Double Signing (same slot)
5–10%
20–100%
Slasher + attestation verification
2–7 days
Double Signing (cross epoch)
2–5%
10–50%
Beacon chain slashings detection
2–7 days
Inactivity Leak (per epoch)
~0.05%/epoch
Same rate
Beacon chain uptime tracking
Continuous (automatic)
Equivocation (same epoch, diff slots)
1–3%
5–20%
Slasher detection + cross-reference
2–14 days
AVS-Specific: Data unavailability
0.5–2%
2–10%
AVS-specific monitoring
AVS-defined
AVS-Specific: Light node data mismatch
0.1–1%
1–5%
Light client challenge
AVS-defined
AVS-Specific: Censorship (severe)
5–15%
20–100%
Multi-client verification
AVS-defined

🛡️ Operator Risk Mitigation Checklist

For EigenLayer operators and restakers — how to minimize slashing risk while maximizing restaking rewards.

🖥️ Infrastructure

📡 AVS Selection

💰 Position Sizing

🔔 Monitoring

🏛️ EigenLayer Slashing Specifics

How slashing works in EigenLayer

EigenLayer's slashing mechanism is built on top of Ethereum's existing slasher. When a validator commits a slashable offense on Ethereum (double signing, equivocation), the beacon chain slashings are automatically detected. The AVS slashing contract then applies additional slashing based on the AVS's defined conditions. If you're operating for multiple AVSs simultaneously, each can apply its own additional slashing penalty.

Slashing is cumulative across AVSs

If you slash for the same offense on multiple AVSs, each applies its own penalty. This means a single double-signing event could trigger slashing from all 5 AVSs you're operating for simultaneously. Operators must be extremely careful about double-signing — it's not just one slash, it's potentially 5 separate slashings from 5 different AVS contracts.

Delegation and slashing

When you delegate ETH to an operator via EigenLayer, you're also exposed to that operator's slashing risk. If the operator double-signs, your delegated ETH is also slashed proportionally. This is why operator reputation and track record matters — a history of offline events is a red flag. Choose operators with documented infrastructure best practices.

Queued exits and unbonding

Unlike Ethereum's 4-month validator exit queue, EigenLayer allows operators to reduce their AVS commitments faster in some cases. However, any pending slashing evidence at the time of exit will still be applied — you cannot exit your way out of a pending slash. The unbonding period for EigenLayer-restaked ETH is typically shorter than Ethereum's validator exit, but the exact duration depends on the restaking token.