Byzantine fault-tolerant consensus protocols have provable safety and liveness properties for static validator sets. In practice, however, the validator set changes over time, potentially eroding the protocol's security guarantees. For example, systems with accountable safety may lose some of that accountability over time as adversarial validators exit. As a result, protocols must rate limit entry and exit so that the set changes slowly enough to ensure security. Here, the system designer faces a fundamental trade-off. Slower exits increase friction, making it less attractive to stake in the first place. Faster exits provide more utility to stakers but weaken the protocol's security. This paper provides the first systematic study of exit queues for Proof-of-Stake blockchains. Given a collection of validator-set consistency constraints imposed by the protocol, the social planner's goal is to provide a constrained-optimal mechanism that minimizes disutility for the participants. We introduce the MINSLACK mechanism, a dynamic capacity first-come-first-served queue in which the amount of stake that can exit in a period depends on the number of previous exits and the consistency constraints. We show that MINSLACK is optimal when stakers equally value the processing of their withdrawal. When stakers values are heterogeneous, the optimal mechanism resembles a priority queue with dynamic capacity. However, this mechanism must reserve exit capacity for the future in case a staker with a much higher need for liquidity arrives. We conclude with a survey of known consistency constraints and highlight the diversity of existing exit mechanisms.

翻译：拜占庭容错共识协议对于静态验证者集合具有可证明的安全性与活性保证。然而在实际中，验证者集合会随时间变化，这可能削弱协议的安全保障。例如，具有可问责安全性的系统会随着恶意验证者的退出而逐渐丧失部分可问责性。因此，协议必须对进入和退出进行速率限制，以确保集合变化足够缓慢从而维持安全性。在此，系统设计者面临一个根本性的权衡：较慢的退出会增加摩擦，降低参与质押的吸引力；较快的退出能为质押者提供更多效用，但会削弱协议的安全性。本文首次对权益证明区块链的退出队列进行了系统性研究。在协议所施加的一系列验证者集合一致性约束条件下，社会规划者的目标是设计一个约束最优的机制，以最小化参与者的负效用。我们提出了MINSLACK机制——一种动态容量的先到先服务队列，其中每个周期可退出的权益数量取决于先前退出数量及一致性约束。我们证明当质押者对其提款处理赋予相同价值时，MINSLACK机制是最优的。当质押者具有异质性价值时，最优机制类似于具有动态容量的优先级队列。然而，该机制必须为未来预留退出容量，以防出现对流动性需求更高的质押者。最后，我们综述了已知的一致性约束，并揭示了现有退出机制的多样性。