Slashing

The penalty mechanism that can destroy a portion of a validator's staked SOL for provably malicious behavior like signing two conflicting blocks, protecting the network by making attacks financially painful.

What is Slashing

Slashing is a system that destroys some or all of a validator's staked tokens for provably malicious action. Solana has never automatically slashed validators before, which is surprising for anyone coming from Ethereum, and it looks like it'll stay that way for a while longer. However, with two proposals (SIMD-0204 and SIMD-0212) for programmatic slashing being added to the network, Solana is about to get a new security feature. We're about to get a mechanism to catch double-signing and other harmful behavior by slashing violators' stake — first by detecting it, and then in 2026 by punishing it.

Slashing works like a rental security deposit. The deposit doesn't physically stop you from destroying an apartment; rather it stops you from destroying an apartment because it costs you money. There's a set of terms, which you agreed to upon moving into the property, that specifies the amount you would be fined. Solana validators "stake" their SOL into an account on the blockchain, and slashing is the rental company taking some of your deposit upon the discovery of violation of the property's terms.

How Slashing Is Being Built on Solana

SIMD-0204 is all about detection, and nothing else. It describes an on-chain program, where users can provide a proof that slashable behavior occurred and the program checks the proof and puts it on-chain in an immutable way. The proposal defines duplicate block violations, where a validator signs two blocks with the same slot number but different transaction payloads, and anyone can provide proof of a violation within an epoch (~2 day) of the time the violation occurred. It checks that a signature exists and confirms the block number; nothing else, and no tokens are slashed. It's just a permanent record of the malicious activity. Think of SIMD-0204 as the construction of a new courthouse, where there isn't yet a set of rules for how violations will be sentenced.

SIMD-0212 is the proposal for the actual penalties themselves, where penalties are determined by a formula and validators' stake is deducted at epoch boundaries (every ~ 2 days). It gives weights to various violations — voting violations have a weight of 1, while duplicate block violations have a weight of 10, given that the latter is much more dangerous to the network than the former. It's still being discussed within the community at this time, which means the formula could change in some meaningful way before the proposal is activated.

Given the current state of affairs, SIMD-0204's timing makes sense. The Alpenglow update, expected on mainnet in late 2026, will introduce finality and liveness guarantees that are based on the assumption that bad actor stake gets slashed (in Votor's 20+20 security model, a stake of 20% could be adversarial; that's possible because the 20% of "bad stake" can't get away with too much malicious behavior before it gets slashed).

How Solana's Approach Compares to Ethereum

Ethereum's Beacon Chain, launched in late 2020, included a slashing program. Slashed validators lose an initial penalty of roughly one ether, face additional penalties based on the proportion of total slashed validators at the time of the violation, and get ejected from their stake. To date, 400+ validators have been slashed. The vast majority of these have been the result of operational issues (multiple clients trying to act as leader or failover for the same block at the same time) rather than adversarial behavior. It's a constant threat to the network — stakers know this.

Solana has done things in reverse order. We are first building for scale and then working towards adding penalties, until now. The only real slashing that has ever been available on Solana is social, where it is possible (but has never been exercised) for the community to decide to restart the blockchain without the stake of some malicious validator, a very blunt instrument. Many have pointed out the validity of this criticism — PoS protocols without slashing operate without economic deterrence to bad behavior. On the other hand, it is also true that Solana validators already operate under some degree of economic pressure. Vote transaction fees cost a validator approximately 2 SOL per epoch. And both are valid points, which is why these SIMDs exist.

The Ethereum experience with slashing also highlights what is the most important risk for stakers: the false positive. Most duplicate block incidents result from an operator running two failover nodes with the same validator stake, but some can actually be adversarial. The weighting of penalties within SIMD-0212 is based on keeping the penalties proportional to the level of harm done.

Why Slashing Matters

Adding a slashing mechanism changes Solana from a security model that is purely social to one that is economic in nature. Once slashing is in effect, the cost of misbehaving in consensus becomes a price in SOL, the tokens that get destroyed. Slashing gives more weight to guarantees like Alpenglow's finality (which is based on the assumption that stake has been penalized by bad behavior), by backing it with collateral. For delegators like yourself, you might now want to consider not just your validator's track record but also its operational practices. You want to make sure it runs a solid setup and doesn't run two failover nodes at the same time. Your validator might cost you 7-9% APY today, but after this update it might cost you your entire stake. Choosing a validator based on its reliability and transparency has always been a good thing to do, but it's about to become a mandatory one.

Contents

Writen By

Stay Updated - Follow us on X

Project review threads, dApp insights, announcements, news, and more.