Why does it take a 7-day challenge period to transfer funds from Optimism to Ethereum mainnet?

Written by: yyy
A few days ago, Coinbase announced that it had entered the market and built an L2 based on OP Stack - @BuildOnBase, and the sentiment of "Bullish on Optimism" was ignited again. Taking this opportunity, this tweet will talk about the challenging period of Optimism.
As we all know, the withdrawal of Optimism's second-layer funds to the Ethereum mainnet requires a 7-day challenge period.
Why 7 days? 3 days? 5 days?
Before answering this question, let us first understand why we need to set a challenge period.
Rollups improve the performance of the Ethereum mainnet by separating the execution layer from Ethereum. This means that transactions are executed on the second layer, but in order to inherit the security of the Ethereum mainnet, transactions occurring on the second layer must be verified on the mainnet.
Simply put, the Ethereum mainnet needs to confirm that the transactions submitted by the sequencer actually occurred on the second layer, that is, the validity of the transactions.
Rollup is divided into zk-Rollup and Optimistic Rollup due to different ways of verifying transaction validity.
Verification methods are mainly classified into two categories: zero-knowledge proof and fraud proof. Under the zero-knowledge proof mechanism, transactions have near-instant finality.
For ORUs based on fraud proofs, the finality of transactions depends on the length of the challenge period, which explains why it takes 7 days for Optimism funds to be withdrawn from the second layer to the main network.
Under the ORUs mechanism, it is optimistically assumed that all Rollup transactions submitted by the sequencer are valid. Then, during the challenge period, if the validator finds an invalid transaction, it can initiate a fraud proof.
If no one challenges after the challenge period, the transaction is deemed valid and final.
But does the challenge period really need to be as long as 7 days? Let’s simplify the entire challenge process: the validator finds invalid transactions by reconstructing the state root, and then issues a fraud proof. This series of actions takes time, which means that the challenge period cannot be 0.
We assume that the above challenge process is very fast and is completed in 10 blocks (about 2 minutes).
Of course, it is impossible to have such a fast response, so we slow down the time by 10 times, 100 blocks (about 20 minutes), which is much shorter than 50400 blocks (7 days).
The above discussion is based on the most ideal situation. What if someone in the network does something malicious? How long does it take to discover the malicious behavior?
Or to put it another way, how long does it take to extend the challenge period to prevent malicious behavior? The malicious behavior here refers to the issuance of a large number of transactions to cause gas to soar over a period of time, thereby preventing fraud proofs from being accepted by validators.
Let’s make another assumption here. Suppose there is a $2 billion risk exposure on Optimism, and the malicious actor is willing to pay $1 million in gas tips (priority fees) per block to "front-run" transactions containing fraud proofs.
Then, the maximum time that the network can be “held hostage” is 2000 blocks (6.67 hours). Of course, the examples given above are based on some very simple and crude assumptions.
It seems that no matter how you look at it, the challenge period does not need to be as long as 7 days. It is difficult to understand the nonlinear relationship between the length of the challenge period and security.
Perhaps 7 is a very meaningful number for the founder of Optimism, just like everyone guessed that Satoshi Nakamoto was a football fan based on Bitcoin’s 4-year halving cycle.
So, can we reduce the challenge period of ORUs to 3-5 days without reducing security? Yes, but it will not improve the user experience much.
What about shortening the challenge period to 1-2 days? It seems to make sense that this can effectively optimize the user experience.
@0xMantle, an ORU incubated by BitDAO, can shorten the challenge period to 1-2 days. The optimization logic of the challenge period is based on the MPC solution.
Simply put, the sequencer does not submit the transaction batch directly to Ethereum, but first submits it to the MPC network, which is jointly signed by the MPC nodes and confirmed to be valid before submitting it to Ethereum.
Therefore, the core differences are:
Optimism submits the batch containing the state root as the execution result to Ethereum;
Mantle submits the batch containing the state root jointly signed by the MPC nodes to Ethereum as the execution result.
The purpose is to reduce the trust risk of Rollup execution results.
But MPC verification is ultimately an off-chain verification solution, which is better than nothing and provides users with an extra psychological comfort.
To make an inappropriate analogy, the MPC verification scheme is like a decentralized zk scheme. The security of the former is based on economic assumptions, while the latter is based on cryptographic verification.
The above are some thoughts and discussions about the challenge period of ORUs. They are not very logical and should be used as suggestions. BTW, I still look forward to seeing ORUs (time-sharing levels) with significantly shortened challenge periods in the future.