>The ALC is indistinguishable from a multisig, however the bridge was not able to choose its participants. Random multisigs are worse multisigs.
I agree that it is a multisig, but is random multisigs truly worse than a fixed set of validators (solution 2)? Would a user put more trust on 512 rotating, randomly selected validators or 20-ish fixed validators (as in bridges nowadays)?
I also agree that ALC is not derived from the consensus process, but at least the randomness is. But it's still a step up from the fixed 20-ish validators we have right now.
This really comes off as "I run an optimistic bridge and don't like these new light client bridges competing in the space".
The Committee Set might not have proper incentives financially, but we are still talking about a scenario in which the **Ethereum** protocol itself acts maliciously. There are social problems preventing this kind of attack from happening, as well as coordination problems.
Indeed, the Altair light client isn't accountable and so isn't secure enough for bridges.
>Therefore, this solution would require the light client to maintain a local view of the (very large) validator set
We spent rather a long time coming up with a good solution for avoiding that: https://eprint.iacr.org/2022/1205
and it works fine with a million BLS keys if Ethereum would be interested in adopting it.
>The ALC is indistinguishable from a multisig, however the bridge was not able to choose its participants. Random multisigs are worse multisigs.
I agree that it is a multisig, but is random multisigs truly worse than a fixed set of validators (solution 2)? Would a user put more trust on 512 rotating, randomly selected validators or 20-ish fixed validators (as in bridges nowadays)?
I also agree that ALC is not derived from the consensus process, but at least the randomness is. But it's still a step up from the fixed 20-ish validators we have right now.
This really comes off as "I run an optimistic bridge and don't like these new light client bridges competing in the space".
The Committee Set might not have proper incentives financially, but we are still talking about a scenario in which the **Ethereum** protocol itself acts maliciously. There are social problems preventing this kind of attack from happening, as well as coordination problems.