Fatskills
Practice. Master. Repeat.
Study Guide: Blockchain and Web3 Development: Layer 2 and Scalability Scaling Challenges TRILEMMA Scalability Security Decentralization
Source: https://www.fatskills.com/cryptocurrency-bitcoin-blockchain-and-more/chapter/blockchain-and-web3-development-blockchain-and-web3-development-layer-2-and-scalability-scaling-challenges-trilemma-scalability-security-decentralization

Blockchain and Web3 Development: Layer 2 and Scalability Scaling Challenges TRILEMMA Scalability Security Decentralization

By Fatskills Exam Guides Team — the exam nerds behind 28,500+ quizzes and 2.1M practice questions across 500+ global exams.

⏱️ ~6 min read

What This Is

The Blockchain Trilemma states that a public network can at most excel in two of three properties—Scalability, Security, and Decentralization—but improving one usually hurts the others. In practice this means a fast, cheap chain may become more centralized or less secure, while a highly secure, fully decentralized chain may struggle to process many transactions per second. A concrete illustration is a Uniswap V3 swap on Ethereum: the protocol is fully decentralized and secure, but during peak demand (e.g., a token launch) gas fees skyrocket, showing the scalability side of the trilemma.


Key Terms & Code Snippets

  • Scalability: Ability of a blockchain to increase throughput (transactions per second) without degrading performance.
  • Security: Guarantees that the protocol resists attacks (e.g., double‑spends, re‑entrancy) and that funds cannot be stolen.
  • Decentralization: Distribution of consensus power across many independent validators/miners, preventing any single entity from controlling the network.
  • Layer‑1 (L1): Base blockchain (e.g., Ethereum, Solana). Scaling on L1 usually means protocol upgrades like sharding.
  • Layer‑2 (L2): Off‑chain or side‑chain solutions that inherit L1 security while boosting throughput (e.g., Optimistic Rollups, zk‑Rollups).
  • Rollup: Bundles many L2 transactions into a single L1 calldata batch; Optimistic Rollups assume honesty and use fraud proofs, ZK Rollups post a validity proof.
// Minimal L2‑friendly contract (uses immutable storage to save gas)
contract Counter {
uint256 public immutable start; // set once at deployment → cheaper reads
uint256 private _value;
constructor(uint256 _start) {
start = _start;
}
function inc() external {
_value += 1; // cheap state change
}
function value() external view returns (uint256) {
return start + _value; // compute on‑chain, no extra storage
} }
  • Gas‑Price Ceiling: A network‑wide limit on how much gas can be paid per transaction; L2s often enforce a lower ceiling to keep fees predictable.
  • Validator Set: The group of nodes that propose and attest to blocks. In a highly decentralized system the set is large and rotating; in a more centralized system it may be a handful of “trusted” validators.
  • Data Availability: Guarantees that all transaction data needed to verify a rollup block is published and accessible; critical for security in rollups.


Step‑by‑Step / Process Flow

  1. Choose the scaling approach – decide whether you’ll stay on L1 (e.g., use EIP‑1559 gas‑price tweaks) or move to an L2 (Optimistic or ZK Rollup).
  2. Write the contract – keep it “rollup‑friendly”: avoid heavy loops, use immutable/constant variables, and emit events for off‑chain indexing.
  3. Compile with Hardhat (or Foundry) targeting the appropriate Solidity version (≥0.8.17 for built‑in overflow checks).
    bash
    npx hardhat compile
  4. Deploy – for L2, use the bridge’s deployment script (e.g., @eth-optimism/contracts).
    bash
    npx hardhat run scripts/deploy.js --network optimism-goerli
  5. Verify data availability – after deployment, query the rollup’s data‑availability API (e.g., optimism.io/api/v1/data-availability) to ensure the block is fully posted.
  6. Integrate in the dApp – use ethers.js with the L2 provider URL; remember to set gasPrice manually for L2s that ignore EIP‑1559.
    js
    const provider = new ethers.providers.JsonRpcProvider(OPTIMISM_GOERLI_RPC);
    const contract = new ethers.Contract(address, abi, provider);
    await contract.inc({ gasPrice: ethers.utils.parseUnits('2', 'gwei') });

Common Mistakes

  • Mistake: Deploying a heavy‑loop contract on an Optimistic Rollup and assuming the same gas limit as L1.
    Correction: L2s often have tighter block‑gas caps; refactor loops into batch calls or use merkle‑tree proofs to stay within limits.

  • Mistake: Relying on tx.origin for access control (e.g., require(tx.origin == owner)).
    Correction: Use msg.sender and role‑based libraries (OpenZeppelin’s AccessControl) because tx.origin can be spoofed through a malicious contract, breaking security.

  • Mistake: Ignoring data‑availability attacks on rollups (e.g., assuming the data is always on‑chain).
    Correction: Verify that the rollup’s data‑availability layer is “full” (e.g., Celestia) or add a fallback proof‑of‑fraud mechanism.

  • Mistake: Treating an L2 as fully decentralized because it inherits L1 security.
    Correction: Remember that the sequencer (the entity that orders L2 transactions) can be a central point of failure; monitor its uptime and consider multi‑sequencer designs.

  • Mistake: Hard‑coding gas limits in contract calls, which become obsolete after a network upgrade.
    Correction: Query the provider for eth_maxPriorityFeePerGas or use estimateGas each time to stay adaptive.


Blockchain Developer Interview / Practical Insights

  1. “Explain the trade‑offs between Optimistic and ZK Rollups.”
  2. Expect you to discuss latency (challenge period vs instant finality), proof generation cost, and data‑availability requirements.

  3. “When would you prefer a side‑chain over a rollup?”

  4. Look for answers about custom VM execution, lower security guarantees, and the need for fast finality (e.g., gaming).

  5. “How does delegatecall affect decentralization?”

  6. Interviewers want to see you understand that delegatecall lets a proxy contract execute code from another contract, which can centralize upgrade logic and become a single point of failure if the implementation is compromised.

  7. “What is a ‘sequencer‑downtime’ scenario and how do you mitigate it?”

  8. Mention fallback to a “fallback sequencer” or using a “commit‑reveal” scheme that lets users submit transactions directly to L1 if the L2 sequencer stalls.

Quick Check Questions

  1. Scenario: A contract uses tx.origin to restrict withdrawals to the contract owner.
    Answer: Dangerous – a malicious contract can trick the owner into calling it, making tx.origin the attacker’s address, thus bypassing the check.

  2. Scenario: Your dApp runs on an Optimistic Rollup but you notice users’ transactions are pending for 7 days.
    Answer: The 7‑day pending time is the fraud‑proof challenge period; users must wait for it to expire before the state is considered final.

  3. Scenario: You see a rollup that publishes only transaction hashes on‑chain, not full calldata.
    Answer: This is a data‑availability risk – if the off‑chain data is lost, the rollup’s state cannot be reconstructed, compromising security.


Last‑Minute Cram Sheet (10 one‑liners)

  1. ⚠️ Re‑entrancy is mitigated by the Checks‑Effects‑Interactions pattern or by using ReentrancyGuard.
  2. EIP‑1559 splits gas into baseFee (burned) + tip (miner/validator reward).
  3. Optimistic RollupFraud proof (challenge period); ZK RollupValidity proof (instant).
  4. Gas‑price ceiling on L2s keeps fees predictable; always query eth_gasPrice from the L2 provider.
  5. Immutable variables cost 0 gas on reads after deployment – great for constants on L2.
  6. Sequencer = the entity that orders L2 transactions; centralization risk if only one sequencer exists.
  7. Data Availability must be “full” (on‑chain) for security; otherwise a “data‑availability attack” can freeze the rollup.
  8. Solidity 0.8.x includes built‑in overflow checks, removing the need for SafeMath in most cases.
  9. ERC‑20 vs ERC‑777: ERC‑777 adds hooks (tokensReceived) and is backward compatible but more complex.
  10. Layer‑1 sharding (e.g., Ethereum’s upcoming “Danksharding”) aims to increase throughput while preserving decentralization, but it introduces cross‑shard communication latency.


ADVERTISEMENT