Facebook Instagram Linkedin Pinterest RSS X

    Shared Security Explained

    By
    Ali Hajimohamadi
    -
    0
    1

    Introduction

    Shared security means one blockchain or protocol helps secure many other chains, rollups, apps, or services instead of each one building its own security model from scratch.

    In Web3, this matters more in 2026 because modular blockchain design, restaking, appchains, rollups, and cross-chain infrastructure are growing fast. Founders now need to decide whether to inherit security from ecosystems like Ethereum, Cosmos, Polkadot, EigenLayer, and Celestia-based stacks or operate with more independence and more risk.

    Quick Answer

    • Shared security lets multiple networks or applications rely on a larger security base instead of bootstrapping validators and economic security alone.
    • It appears in systems like Ethereum rollups, Cosmos Interchain Security, Polkadot parachains, and restaking models such as EigenLayer.
    • The main benefit is faster launch with stronger trust assumptions than a new standalone chain usually has.
    • The main trade-off is reduced sovereignty, because the application or chain often follows another network’s rules, liveness, or governance constraints.
    • Shared security works best for teams that need credible security early and do not want to fund a full validator economy.
    • It fails when founders underestimate dependency risk, fee exposure, governance coupling, or the complexity of slashing and cross-chain coordination.

    What Shared Security Means

    At a practical level, shared security is a way to borrow trust.

    Instead of asking users to trust a brand-new validator set, token, or consensus network, a project plugs into an existing security layer. That security can come from staked assets, validator sets, fraud proofs, validity proofs, or protocol-level enforcement.

    There are several versions of shared security in the crypto stack right now:

    • Layer 2 security inheritance from Ethereum
    • Relay-chain security in Polkadot
    • Interchain Security in Cosmos
    • Restaked security through EigenLayer-style models
    • Data availability-backed systems in modular blockchain ecosystems

    How Shared Security Works

    1. A stronger base layer already has economic security

    This is usually a network with a large validator set, meaningful stake value, and established consensus. Examples include Ethereum and Polkadot.

    2. A smaller network connects to that security layer

    The smaller network may be a rollup, appchain, parachain, AVS, or consumer chain. It uses the base layer’s validators, proof system, settlement, or restaked collateral.

    3. Users trust the inherited security assumptions

    Instead of evaluating a weak standalone token economy, users evaluate the security model of the parent ecosystem. This reduces the trust gap for new projects.

    4. The project gives up some independence

    This is the part founders often ignore. Shared security usually means shared constraints too: upgrade paths, slashing logic, throughput limits, governance dependencies, or settlement timing.

    Main Shared Security Models in Web3

    Model How it works Example ecosystems Main trade-off
    Settlement-based inheritance Apps or rollups settle state to a stronger chain Ethereum rollups like Optimism, Arbitrum, zkSync, Base Depends on bridge design, sequencer model, and withdrawal assumptions
    Validator set sharing One validator set secures multiple chains Polkadot parachains, Cosmos Interchain Security Less sovereignty for the consumer chain
    Restaked security Existing staked assets secure additional services EigenLayer and AVSs Added complexity and slashing dependency risk
    Data availability security Apps rely on a specialized layer for data publication and availability Celestia ecosystem, modular rollup stacks DA security is not the same as full execution security

    Why Shared Security Matters Right Now in 2026

    Shared security matters now because the market has moved beyond the old idea that every serious crypto product needs its own fully sovereign Layer 1.

    Recently, founders have been launching rollups, app-specific chains, AVSs, and modular execution environments much faster. But speed creates a problem: security is still expensive.

    Shared security solves three current market pressures:

    • Bootstrap risk for new chains with thin validator participation
    • Capital efficiency pressure in ecosystems using restaking and modular architecture
    • User trust issues after years of bridge exploits, validator concentration, and weak token incentives

    For builders, the question is no longer just “Can we launch a chain?” It is “What exact security assumptions are we outsourcing, and what new dependencies are we accepting?

    Where Shared Security Is Used

    Ethereum Rollups

    Most Ethereum Layer 2s market themselves around inherited security. In practice, that usually means state settlement on Ethereum, with varying assumptions around sequencers, fraud proofs, validity proofs, and bridges.

    This works well for DeFi, consumer apps, and on-chain games that want Ethereum trust without Ethereum mainnet costs. It breaks down when teams oversimplify the phrase “secured by Ethereum” and ignore operational centralization.

    Polkadot Parachains

    Polkadot uses a relay chain model where parachains can access shared validator security. This lowers the need for each parachain to recruit and incentivize a full independent validator economy.

    This works when interoperability and coordinated security are strategic priorities. It is less attractive for teams that want maximum governance independence or custom security rules.

    Cosmos Interchain Security

    Cosmos historically emphasized appchain sovereignty. Interchain Security changed that by letting consumer chains use validator security from the Cosmos Hub.

    This is useful for chains that want faster trust bootstrapping. It is less useful if a team’s core thesis depends on total autonomy, independent token economics, or highly custom validator incentives.

    EigenLayer and Restaking

    Restaking introduced a newer version of shared security. Instead of launching a full security economy, services can use already staked ETH through additional slashing conditions and validation frameworks.

    This is attractive for middleware, oracle-style systems, data services, and new crypto infrastructure. But it adds layered risk, especially when operators, slashing logic, and service-level assumptions are not clearly understood.

    Benefits of Shared Security

    Faster launch

    A startup can go live without spending years building validator participation, token liquidity, and economic trust. That matters for teams shipping under market pressure.

    Better early credibility

    Users, developers, and liquidity providers are more likely to engage if the project is backed by a known security framework. This is especially important in DeFi, stablecoin infrastructure, bridges, and institutional crypto products.

    Lower validator bootstrapping costs

    Running a standalone chain means incentives, monitoring, governance, token distribution, and often poor early decentralization. Shared security avoids much of that overhead.

    Stronger ecosystem alignment

    Projects inside Ethereum, Cosmos, or Polkadot ecosystems often gain distribution, wallet compatibility, tooling support, and developer mindshare alongside security benefits.

    Limits and Trade-Offs

    Less sovereignty

    The biggest hidden cost is independence. If your chain or service relies on another network’s validator set, settlement layer, or governance structure, you do not control the full stack.

    Security is not always complete

    This is a common founder mistake. Shared security can apply to consensus, settlement, or data availability, but not necessarily all three.

    For example, a rollup may inherit Ethereum settlement but still depend on a centralized sequencer. A bridge may use strong proofs but still expose users to upgrade-key risk.

    Dependency risk

    If the parent ecosystem changes economics, fees, governance, or technical standards, your project absorbs those changes. That is manageable for some products and dangerous for others.

    Complexity moves, not disappears

    Shared security often looks simpler in pitch decks than in production. Slashing logic, validator coordination, bridge design, interoperability layers, and failure domains still require serious engineering review.

    When Shared Security Works Best

    • Early-stage appchains that need trust before they have network effects
    • Rollups serving DeFi, gaming, or consumer apps with strong ecosystem alignment
    • Infrastructure protocols that need economic security but not full chain sovereignty
    • Founders raising capital who need a credible security story for users and investors

    When It Fails or Becomes a Bad Fit

    • Projects that need full governance independence
    • Chains with highly custom validator incentives
    • Teams that market inherited security without understanding the exact trust model
    • Products where dependency on another chain’s fees, liveness, or politics creates business risk

    Real Startup Scenarios

    Scenario 1: A DeFi startup launching a new chain

    If a DeFi team launches a standalone Layer 1, it must solve validator recruitment, token incentives, bridge trust, and liquidity fragmentation at the same time.

    Using shared security through a rollup or consumer-chain model usually works better early on because the trust base is clearer. It fails if the protocol’s roadmap later requires custom execution guarantees or sovereign monetary policy.

    Scenario 2: A middleware protocol using restaking

    A data verification or oracle startup may use EigenLayer-style restaked security to avoid launching its own token-heavy validator economy.

    This works when service demand is strong and slashing conditions are well designed. It fails when the team assumes restaked capital automatically creates robust real-world security.

    Scenario 3: A gaming appchain

    Game studios often want low fees, fast execution, and app-specific control. Shared security can help them launch quickly inside an existing ecosystem.

    But if the studio later needs aggressive customization, private sequencing, or unusual game-state logic, sovereignty can become more valuable than inherited security.

    Expert Insight: Ali Hajimohamadi

    Most founders treat shared security as a technical upgrade. It is usually a go-to-market shortcut first, and a security choice second.

    The contrarian point: inheriting Ethereum or Cosmos security does not automatically make your product trustworthy. Users care about the weakest visible dependency—often the bridge, sequencer, admin key, or withdrawal path.

    A rule I use: if your business dies when the parent ecosystem changes policy, fees, or governance, you do not have shared security—you have strategic dependency.

    That is fine early on. It becomes dangerous when founders keep scaling as if they are sovereign when they are not.

    How to Evaluate a Shared Security Model

    Founders should not stop at the phrase “secured by X.” Ask what exactly is inherited and what is not.

    • Consensus: Who validates the system?
    • Settlement: Where is finality enforced?
    • Execution: Who orders transactions?
    • Data availability: Where is transaction data published?
    • Bridging: How do assets move in and out?
    • Governance: Who can upgrade or pause the system?
    • Slashing: What behavior is punishable and enforceable?

    Pros and Cons Summary

    Pros Cons
    Launch faster without building a full validator economy Reduced sovereignty and more dependency on another ecosystem
    Gain user trust more quickly Security may cover only part of the stack
    Lower early infrastructure overhead Operational complexity still exists in bridges, upgrades, and coordination
    Benefit from ecosystem tooling and distribution Changes in the parent protocol can affect your roadmap and economics

    When to Use Shared Security

    Use shared security if your main goal is to ship faster with credible trust assumptions and your product does not require deep sovereign control from day one.

    Avoid it, or plan an eventual migration path, if your long-term advantage depends on owning your own validator economy, governance stack, and execution rules.

    FAQ

    Is shared security the same as decentralization?

    No. A project can use shared security and still have centralized components such as sequencers, multisigs, or upgrade keys. Security inheritance does not automatically mean full decentralization.

    Does every Layer 2 have shared security?

    Not in the same way. Some Layer 2s inherit settlement from Ethereum, but differ in proof systems, bridge assumptions, and operational centralization. The phrase is often used too broadly.

    Is restaking the same as shared security?

    Restaking is one form of shared security. It lets existing staked assets secure additional services, but it introduces its own slashing logic and dependency risks.

    Why don’t all projects use shared security?

    Because some projects need sovereignty, custom economics, or special execution rules. Others do not want to rely on another protocol’s governance or fee environment.

    What is the biggest risk founders miss?

    The biggest risk is assuming inherited security covers the whole product. In many systems, the weakest point is not consensus. It is the bridge, sequencer, admin control, or upgrade mechanism.

    Is shared security better for startups than launching a new Layer 1?

    Usually yes in the early stage, especially for DeFi, infrastructure, and app-specific rollups. It gives faster trust and lower coordination cost. It is less ideal for teams whose strategy depends on long-term sovereignty.

    Final Summary

    Shared security is a way for chains, rollups, and crypto protocols to rely on a larger security base instead of building trust alone. It is now a core design choice across Ethereum rollups, Polkadot parachains, Cosmos consumer chains, and EigenLayer-style restaking systems.

    It works best when a startup needs speed, credibility, and ecosystem support. It breaks when founders confuse borrowed trust with full independence.

    In 2026, the smart question is not just whether a protocol has shared security. It is which parts of the stack are protected, which dependencies remain, and whether those trade-offs fit the business model.

    Useful Resources & Links

    Ethereum

    Optimism

    Arbitrum

    zkSync

    Base

    Polkadot

    Cosmos

    Cosmos Interchain Security Docs

    EigenLayer

    Celestia

    Previous articlezkRollups Explained
    Next articleShared Liquidity Explained
    Ali Hajimohamadi
    Ali Hajimohamadi
    https://hajimohamadi.net
    Ali Hajimohamadi is an entrepreneur, startup educator, and the founder of Startupik, a global media platform covering startups, venture capital, and emerging technologies. He has participated in and earned recognition at Startup Weekend events, later serving as a Startup Weekend judge, and has completed startup and entrepreneurship training at the University of California, Berkeley. Ali has founded and built multiple international startups and digital businesses, with experience spanning startup ecosystems, product development, and digital growth strategies. Through Startupik, he shares insights, case studies, and analysis about startups, founders, venture capital, and the global innovation economy.
    Instagram Linkedin

    RELATED ARTICLESMORE FROM AUTHOR

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here

    Startupik Startup magazine
    The Startupik Magazine was founded on November 11, 2017, aiming to build a comprehensive portal for all startup activists and enthusiasts in the world.
    Facebook Instagram Linkedin Pinterest RSS X
    © Copyright © 2017 Startupik Inc. All rights reserved.