Opinion: L2s, supposedly secured by Ethereum, are no longer living up to the name
TechFlow Selected TechFlow Selected
Opinion: L2s, supposedly secured by Ethereum, are no longer living up to the name
Two-thirds of L2 assets have moved away from Ethereum's security protection.
Navigating Web3 tides with focused insightsAuthor: Ishita
Translation: TechFlow
Ethereum's development over the past decade has revolved around a simple promise: scaling the network without sacrificing decentralization. According to its roadmap, the answer lies in a rollup-centric future. In this architecture, Layer 2 networks (L2s or "Rollups") execute transactions off-chain to achieve lower costs and higher throughput, while still deriving core security from Ethereum as the base layer (Layer 1).
Almost all major Rollup projects—including Arbitrum, Optimism, Base, zkSync, and Scroll—center their branding on being “secured by Ethereum.” This slogan is powerful and central to their marketing narrative, but does it truly reflect reality? Upon closer examination of how these Rollups actually operate and how assets flow within them, this claim appears increasingly ambiguous.
This article will dissect the gap between slogan and reality, starting with bridges (where user funds reside), moving to sequencers (responsible for transaction ordering), and then governance (where rules are set).
The Reality of Rollup Bridges
Rollups claim to be “secured by Ethereum,” but this statement obscures how users actually interact with these systems.
To use a Rollup—whether for DeFi, payments, or applications—you must first transfer assets onto it. However, Ethereum has no built-in functionality for directly sending assets to or from a Rollup—you cannot simply “teleport” ETH to a Rollup. This necessitates bridges. Bridges act as entry and exit points between Ethereum and Rollups, determining the actual security experienced by users.
How Bridges Work
Deposits
When you deposit ETH into a rollup, you are actually sending it to a bridge contract on Ethereum. This contract locks your ETH and instructs the rollup to mint an equivalent amount of ETH in your L2 wallet. For example, if you deposit 1 ETH, the bridge contract securely holds that 1 ETH on Ethereum, while your rollup account shows 1 ETH. Since the ETH is locked on Ethereum, this deposit is trust-minimized.
Withdrawals
Withdrawals are significantly more complex. The process reverses that of deposits:
-
You burn (or lock) tokens on the Rollup.
-
You send a message to the Ethereum bridge contract: “I burned tokens on L2; please release my locked ETH.”
-
The problem: Ethereum cannot see what happens inside the Rollup—it is blind to L2 computation.
Therefore, Ethereum only releases your funds when the bridge provides proof that the withdrawal is valid. Such proofs may include:
-
Fraud Proofs (Optimistic schemes): Transactions are assumed valid by default unless challenged during a dispute window.
-
Validity Proofs (Zero-knowledge schemes): Cryptographic proofs demonstrate upfront that all transactions follow the rules, allowing Ethereum to immediately trust the outcome.
-
Multisigs or Committees: Reliance on trusted parties for attestation.
Bridges are the key access point for users to enter Rollups. Think of them as windows into a house. Even if the house (Rollup) remains standing, a broken window (Bridge) prevents safe entry or exit. Similarly, a compromised bridge cuts off user access, even if the Rollup’s core mechanisms continue functioning.
Thus, the bridge layer defines the true security perspective of a Rollup. Whether assets are genuinely “secured by Ethereum” depends on which bridge you use and its trust model—not the Rollup itself.
Bridge Models and Their Assumptions
-
Canonical Bridges: These are the “official bridges” directly tied to Ethereum for each Rollup. When users lock assets here, Ethereum validators guarantee they can eventually withdraw back to Layer 1—even if the L2 stops operating. This is the only bridging method that directly inherits Ethereum’s security properties.
-
External Bridges: Bridges like Wormhole, LayerZero, and Axelar optimize user experience through fast chain-to-chain transfers but rely on their own validator committees or multisig mechanisms. These bridges are not enforced by Ethereum consensus. If these off-chain operators are hacked or collude maliciously, users may lose funds—even if Ethereum itself operates perfectly.
-
Native Issuance: Tokens minted directly on the Rollup, such as USDC on Base or OP on Optimism. These assets never go through canonical bridges and cannot be redeemed on Layer 1. Their security derives from the Rollup’s governance and infrastructure, not Ethereum.
Distribution of Rollup Assets
As of August 29, 2025, Ethereum Rollups collectively secure approximately $43.96 billion in assets, distributed as follows:
-
External Bridges: $16.95 billion (39%) — largest share
-
Canonical Bridges: $14.81 billion (34%) — assets secured by Ethereum
-
Native Issuance: $12.20 billion (27%) — native Rollup assets
Historical Trend Analysis
From 2019 to 2022, canonical bridges were the primary driver of Rollup adoption. Nearly all early growth occurred via canonical bridges, keeping Ethereum at the center.
However, starting in late 2023, the landscape began shifting:
-
Canonical bridges continued growing, but their market share started declining, peaking in 2024.
-
Native issuance gradually expanded, especially between 2024 and 2025.
-
External bridges saw sharp growth from late 2023 onward, surpassing canonical bridges by early 2025—marking Ethereum’s loss of majority control over Rollup assets.
-
Today, two-thirds of Rollup assets (external + native) fall outside Ethereum’s direct security umbrella.
Breakdown by Rollup Ecosystem
Market concentration is extremely high: the top six Rollups account for 93.3% of total value locked (TVL). Asset distribution across ecosystems:
-
Canonical Bridges: 32.0%
-
Native Issuance: 28.8%
-
External Bridges: 39.2%
Overall Pie Chart Pattern Analysis
-
External Bridges Dominate: On platforms like Arbitrum and Unichain, users prioritize fast exits and liquidity, favoring third-party bridges.
-
Canonical Bridges Dominate: On Linea (and secondarily OP Mainnet), more L1-originated collateral flows through official bridges.
-
Native Issuance Dominates: On zkSync Era and Base, assets are minted directly on L2 (e.g., native USDC on Base) and flow in via direct onboarding.
Key Point: Most assets on large Rollups now lie beyond Ethereum’s direct security guarantees. The actual security users receive depends on the trust mechanisms behind each bridge model—not the Rollup itself.
Beyond Bridges: What Other Risks Exist?
Bridge models determine asset custody, but even if all assets flowed through canonical bridges, users would still face other trust and security vulnerabilities. Three areas are particularly critical: transaction sequencing, governance structure, and the impact of composability on user experience.
1. Sequencers: Centralized Control Points
Sequencers decide the order and packaging of transactions. Currently, most Rollups use centralized sequencers—a design that is efficient and profitable but introduces significant risks:
-
Transaction Censorship: Sequencers can refuse to include certain transactions, enabling censorship.
-
Blocking Withdrawals: Sequencers control when withdrawal transactions are batched to Ethereum, allowing them to indefinitely delay withdrawals.
-
Complete Downtime: If a sequencer goes offline, Rollup activity halts until it resumes. (For example, Arbitrum once experienced a 78-minute outage.)
Ethereum offers a “force inclusion” mechanism, allowing users to submit transactions directly to Layer 1 to bypass the sequencer. However, this does not guarantee fairness, as the sequencer still controls block ordering—enough to degrade user experience. For example:
-
Suppose you attempt to withdraw funds from Aave on L2.
-
You submit a force-inclusion request via Ethereum, meaning the sequencer cannot ignore your transaction.
-
However, the sequencer can insert its own transaction before yours—e.g., borrowing more from the same pool.
-
By the time your withdrawal executes, the pool lacks sufficient liquidity, causing the withdrawal to fail.
-
Though your transaction was “included,” the outcome was compromised.
Additionally, force inclusion faces practical issues: delays can last hours (sometimes over 12), throughput is limited, and submitted transactions may still be reordered. Thus, this mechanism functions more like a slow safety valve than a guarantee of fair execution.
Decentralized sequencers are gaining attention. Projects like Espresso and Astria are building shared sequencing networks to improve resilience and interoperability.
A core concept is “pre-confirmations”: sequencers or shared networks can commit early to including a transaction, even before final confirmation on Ethereum. This reduces latency issues from decentralization, offering faster assurances to users while maintaining neutrality.
Still, centralized sequencers dominate due to simplicity, profitability, and institutional appeal—at least until competition or user demand forces change.
2. Governance and Incentive Risks: Corporate L2s
Who operates a Rollup matters greatly. Many leading Rollups are run by companies or venture-backed teams—e.g., Coinbase’s Base, Offchain Labs’ Arbitrum, OP Labs’ Optimism.
These teams owe primary duties to shareholders and investors, not to Ethereum’s social contract.
-
Shareholder Duty → Profit Pressure: Fees start low to attract users, then rise as liquidity and apps become locked in (a classic “platform tax” model). Future increases in sequencer fees, priority integrations, or rule changes favoring the operator’s broader business may follow.
-
Lock-in Effect → Leverage: With billions in TVL and accumulated users, exit costs grow high, allowing operators to alter economics or policies with limited migration risk.
-
Cultural Misalignment: Ethereum relies on open development meetings, multi-client diversity, and open governance (e.g., EIPs). Corporate Rollups often prefer top-down management, typically holding admin keys or multisig powers to pause, upgrade, or freeze systems—prioritizing compliance or profit over neutrality. Over time, these Rollups may resemble “walled gardens” rather than open extensions of Ethereum.
The result is a growing gap between Ethereum’s open ethos and the incentive structures shaping corporate Rollups. This divergence affects not just governance but also how applications interact and how users experience the system.
3. Composability and User Experience
Ethereum’s “magic” lies in atomic composability: smart contracts can synchronously read and write within a single transaction (e.g., swapping assets on Uniswap, repaying Aave debt, and triggering a Maker action—all at once). However, L2s break this composability:
-
Asynchronicity: Cross-Rollup messages incur delays; official withdrawals may take days, and third-party bridges add trust assumptions.
-
Siloing: Liquidity and state are fragmented across different L2s, weakening Ethereum’s seamless DeFi experience.
What’s the solution?
Ethereum-native rollups—designed and governed to Layer-1 standards—could enable synchronous L2→L1 reads, L1→L2 writes, and atomic cross-rollup writes, restoring much of Layer-1’s composability while expanding blockspace. Without these, user experience (UX) will continue drifting toward convenience layers that lack Ethereum-level security.
The Future of Rollups
If “secured by Ethereum” is to transcend mere slogan, core security must rest on Layer 1—not on off-chain committees or a single company’s sequencer. Three design philosophies illustrate potential paths forward:
Native Rollups: Move Verification Fully On Ethereum
-
Instead of requiring users to trust independent fraud-proof systems, unauditable zero-knowledge provers (zk provers), or security committees, Rollups provide a transaction trace that Ethereum can re-execute itself.
-
In effect, withdrawals and state correctness become rights enforceable on Layer 1, not promises: if a Rollup claims your balance is X, Ethereum can directly verify it.
-
This design reduces the bridge attack surface, minimizes reliance on pause keys, and aligns Rollups with Ethereum’s future upgrades.
-
The trade-off is higher cost on Layer 1, but the payoff is clear: disputes are ultimately resolved by Layer 1.
-
No native Rollup has launched yet.
Order-Based Rollups Using Ethereum Validators
-
Currently, a single sequencer can reorder or delay transactions—enough to practically undermine the “force inclusion” mechanism.
-
With order-based designs, the canonical transaction order is determined by Layer 1 consensus, making censorship and last-minute reordering far more difficult.
-
Force inclusion becomes a normal path, not a slow safety valve. Projects can adopt “pre-confirmations” to maintain smooth UX while letting Layer 1 serve as the final arbiter of order.
-
This design sacrifices some L2 revenue and flexibility but eliminates the biggest single point of control in current architectures.
-
Core teams currently researching order-based Rollup designs include Taiko, Spire, and Puffer.
Key Storage Rollups: Addressing Key and Upgrade Risks
-
Rather than having each Rollup and app independently handle account recovery, session keys, and key rotation, a minimal “key storage” Rollup standardizes this logic and synchronizes it everywhere.
-
Users rotate or recover keys in one place, and changes propagate across all Layer 2s. Operators need fewer emergency keys; admins require fewer “god-mode” switches.
-
The result: fewer compromised wallets, fewer emergency upgrades after incidents, and a clearer separation between account security and application logic.
-
Key storage Rollup designs remain theoretical and have not launched.
In summary, these design philosophies collectively address real user problems: trust-dependent withdrawal mechanisms, transaction ordering controlled by a single company, and fragile key and upgrade pathways.
Bringing verification, sequencing, and account security under Ethereum’s umbrella is how Rollups can truly be “secured by Ethereum”—not just in name, but in practice.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
