Restaking takes ETH that's already staked — already securing Ethereum, already exposed to slashing — and commits it to secure additional systems at the same time. One pile of collateral, multiple jobs, multiple streams of yield. The previous post ended by noting that liquid staking tokens became the base collateral for exactly this, and it's worth understanding what that actually means, because the marketing version and the mechanical version tell two different stories.
The marketing version says: extra yield on ETH you've already staked. The mechanical version says: extra slashing conditions on ETH you've already put at risk. Both are true — they're the same sentence read from opposite ends. The yield exists because you're accepting new ways to lose the collateral. Most of the confusion around restaking comes from people hearing the first version and never quite arriving at the second.
Restaking exists because economic security is expensive to bootstrap, and there's a lot of demand for it.
Ethereum's security comes from staked ETH — misbehave as a validator and the protocol destroys part of your bond. That works because the bonded capital is enormous. But proof of stake only protects what the protocol itself can see. A whole layer of infrastructure lives outside that boundary: oracle networks, cross-chain bridges, data availability layers, shared sequencers. These systems need their own honesty guarantees, and historically each one had to launch its own token, recruit its own validators, and hope its new token was worth enough to make attacking it expensive. Early on, it rarely is. A service securing billions in value with a thin, volatile token is a mismatch that has been exploited repeatedly — most spectacularly in bridge hacks.
Restaking's answer: don't build new security, rent Ethereum's. Stakers opt their existing collateral into additional commitments, the new services get security backed by deep, established capital from day one, and they pay fees to the stakers for it. In restaking vocabulary these services are called AVSs — actively validated services. The term comes from EigenLayer, the protocol that introduced the model and is the subject of the next post.
There are two doors in, and the distinction matters.
Native restaking. A validator points its withdrawal credentials at a restaking protocol's smart contract. The 32 ETH bond still secures Ethereum exactly as before — the consensus layer neither knows nor cares — but on the way out, withdrawals now pass through a contract that can confiscate funds if the staker violated commitments to an AVS. The staker has voluntarily placed a second lien on their own collateral.
LST restaking. A holder deposits liquid staking tokens — stETH, rETH, and similar — into the restaking protocol. Simpler, no validator required, and it's how a large share of restaked capital actually arrived. Notice what's stacking here: the LST was already a claim on a protocol holding staked ETH. Restaking wraps that claim in another contract with its own slashing terms. Claim on a claim, each layer adding failure modes.
From there the flow runs through operators. Restakers mostly don't run AVS software themselves — they delegate to operators who do, the same division of labor liquid staking uses for validators. Each AVS defines its own slashing conditions: an oracle service might slash for signing false price data, a data availability layer for withholding data it attested to. Operators register for the AVSs they're willing to serve; delegators inherit the risk profile of whatever their operator signed up for. When an operator gets slashed, the loss flows back to the capital delegated to them.
And because the industry never met a wrapper it didn't like, there's a further layer: liquid restaking tokens (LRTs), which do to restaked positions what LSTs did to staked ones — issue a tradeable receipt so the locked capital can circulate in DeFi anyway. At that point a single unit of ETH can be simultaneously: securing Ethereum, securing several AVSs, and collateralizing a loan via its LRT. Every layer is somebody's yield and somebody's claim.
The hard constraint is arithmetic: the same collateral can back many promises, but it can only be lost once. If slashing events land on capital that's pledged across multiple AVSs, the losses don't stay compartmentalized — a slash triggered by one service reduces the collateral backing all the others. Individually rational commitments can sum to a systemic overcommitment, which is roughly how leverage always works. Restaking doesn't multiply money; it multiplies claims on the same money.
The softer constraint is social, and it was flagged early. In May 2023, Vitalik Buterin published an essay warning against "overloading" Ethereum's consensus — the concern that if a large restaking failure ever occurred, the losers might expect Ethereum itself to fork and make them whole, dragging the base layer's neutrality into the blast radius. The restaking protocols explicitly disclaim any such recourse. Whether that disclaimer holds under a large enough failure is untested, and honestly, untestable until it happens.
Worth saying plainly: slashing on the leading restaking protocol only went live in April 2025. Before that, the model's central enforcement mechanism existed on paper while tens of billions of dollars accumulated on the deposit side. The system has now operated with real slashing for over a year without a major event — that's evidence, but it's evidence from calm conditions.
Three shifts worth tracking as of mid-2026. First, the fee question is coming due: early restaking yield was dominated by points and token emissions rather than actual AVS revenue, and the market is slowly being forced to discover whether services will pay sustainable fees for rented security. Second, the model is spreading beyond ETH — competing restaking protocols accept a broader range of collateral, and Bitcoin-based variants are extending the same logic to a different asset entirely. Third, LRTs are repeating the liquid staking playbook, including its failure modes: at least one major LRT has already traded meaningfully below its backing during a rush for an exit that didn't yet exist — the June 2022 stETH episode, rhyming a layer higher.
AVSs paying material, sustained fees out of real revenue — that's the load-bearing confirmation, because it would mean the security marketplace works as an actual market. Alongside it: a slashing event that stays contained to the responsible operators without cascading across AVSs or LRT pegs, and restaked capital holding steady as emissions taper off.
A correlated slashing cascade — one failure propagating through shared collateral into losses across multiple services. Fee revenue failing to materialize, revealing the yield as circular token printing; capital would leave when the emissions do. An LRT depeg spiraling into forced unwinding across DeFi. And the tail risk: a failure large enough that the "Ethereum won't bail this out" disclaimer actually gets tested.
Now: restaking is live at scale, slashing is enforced, and the leading protocols are functioning — in benign conditions. Next: the fee-revenue question and the behavior of LRTs under the first real stress event; that's where this thesis gets tested. Later: restaking as a generalized security marketplace across multiple base assets — architecturally plausible, economically unproven.
This covers the restaking mechanism and what it stacks on top of ordinary staking risk. It is not an assessment of any restaking protocol, a yield comparison, or a recommendation to restake anything — and it deliberately stops short of EigenLayer's specific design, which gets its own post next. Which AVSs, operators, and concentration levels are worth watching, and at what thresholds — those are tracking questions. This is the static explanation; the tracked version lives elsewhere.




