Canonical LST: A Protocol-Native Liquid Staking Solution for Tezos

Arthur Breitman; Diane Gallois-Wong; Julien Tesson; Lucas Randazzo; Marina Polubelova; Mathias Bourgoin; Pierrick Couderc; Zaynah Dargaye

arxiv: 2605.00828 · v1 · submitted 2026-03-15 · 💻 cs.DC · cs.CR

Canonical LST: A Protocol-Native Liquid Staking Solution for Tezos

Mathias Bourgoin , Arthur Breitman , Pierrick Couderc , Zaynah Dargaye , Diane Gallois-Wong , Marina Polubelova , Lucas Randazzo , Julien Tesson This is my paper

Pith reviewed 2026-05-15 11:14 UTC · model grok-4.3

classification 💻 cs.DC cs.CR

keywords liquid stakingTezosprotocol nativesTEZcentralization riskaccrual designblockchain stakingdecentralization

0 comments

The pith

Tezos protocol embeds liquid staking natively to give any tez holder a public alternative without third-party operators.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper argues for enshrining liquid staking directly in the Tezos protocol as a way to mitigate centralization risks from intermediaries. It proposes Canonical LST, or sTEZ, as a public mechanism where any tez holder can participate in aggregated staking managed by the protocol itself. This complements direct staking and uses an accrual-based design in which the token's exchange rate to tez automatically reflects rewards and slashing events. By making the system part of the core protocol with governance through amendments, it aims to turn liquid staking into transparent network infrastructure rather than discretionary services. A sympathetic reader would care because this could reduce reliance on trusted third parties and promote more decentralized participation in staking.

Core claim

Canonical LST (sTEZ) is an enshrined, protocol-native mechanism that allows tez holders to participate in aggregated staking without third-party operators. It follows an accrual-based design where all slashing events and rewards are reflected in the token's exchange rate to tez, keeping balances fungible while exposing holders to the precise economics of staking. This ensures liquid staking functions as fundamental network infrastructure with deterministic lifecycle rules, transparent on-chain data, and governance anchored in the amendment process.

What carries the argument

The accrual-based sTEZ token whose exchange rate to tez adjusts dynamically for staking rewards and slashing events.

If this is right

Staking rewards and risks apply uniformly to all participants through the exchange rate mechanism.
Liquid staking becomes governed by the Tezos amendment process rather than commercial discretion.
Any tez holder can access aggregated staking directly via the protocol.
Centralization risks from liquid staking intermediaries are reduced.
It complements rather than replaces direct staking.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

If adopted, this approach could encourage other blockchain protocols to integrate similar native liquid staking features.
Protocol-native design might simplify regulatory compliance by avoiding third-party custody issues.
Observing staking concentration metrics before and after implementation would test the centralization reduction claim.
Integration with Tezos' existing governance could lead to faster iteration on staking mechanics.

Load-bearing premise

The Tezos protocol can securely manage aggregated staking pools and automatically adjust exchange rates without introducing operational risks or new centralization points.

What would settle it

A successful slashing event or reward distribution on the Tezos network where the sTEZ exchange rate fails to update accurately or where the protocol experiences downtime related to the staking mechanism.

Figures

Figures reproduced from arXiv: 2605.00828 by Arthur Breitman, Diane Gallois-Wong, Julien Tesson, Lucas Randazzo, Marina Polubelova, Mathias Bourgoin, Pierrick Couderc, Zaynah Dargaye.

**Figure 1.** Figure 1: Lifecycle overview for Canonical LST, including the freeze delay that protects against post-denunciation slashing before tez are released. To complement the figure, the walkthrough below highlights how deposits, transfers, and redemptions unfold for participants interacting with the Canonical LST protocol: Entry (Deposit and Mint). Staker 1 deposits tez to the interface contract (step 1). The Canonical LS… view at source ↗

read the original abstract

Canonical LST (sTEZ) is an enshrined, protocol-native mechanism designed to mitigate the centralization risks associated with liquid staking intermediaries. Intended to complement direct staking rather than replace it, Canonical LST provides a neutral, public alternative managed directly by the Tezos protocol. It allows any tez holder to participate in aggregated staking without reliance on third-party operators. sTEZ follows an accrual-based design: all slashing events and rewards are reflected in the token's exchange rate to tez, keeping balances fungible while exposing holders to the precise economics of staking. This approach ensures that liquid staking functions as fundamental network infrastructure--with deterministic lifecycle rules, transparent on-chain data, and governance anchored in the amendment process--rather than as a discretionary commercial product. This white paper summarises the motivation for enshrining liquid staking, the core mechanics, exchange-rate model, regulatory touchpoints, risk posture, and forward-looking roadmap for Canonical LST.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

The paper sketches a protocol-native accrual-based liquid staking token for Tezos that avoids third-party operators, but the design stays high-level with no threat model or update rules for the exchange rate.

read the letter

The main point is a proposal to embed liquid staking directly in the Tezos protocol as sTEZ, using an accrual exchange rate that folds rewards and slashing into the token's value against tez. This keeps balances fungible and removes the need for external operators, positioning the mechanism as core infrastructure governed through amendments rather than commercial products. The accrual approach is the clearest distinction from rebasing or reward-token models in other chains. The paper lays out the motivation and basic flow in straightforward terms, which helps readers see how it could complement direct staking without replacing it. It also flags regulatory angles and a forward roadmap, showing some attention to deployment realities. The soft spots sit in the missing mechanics. The description of rate adjustments is conceptual only, with no specification of the exact update rules, no handling for disputed slashing reports, baker collusion, or partitions, and no adversarial analysis of how the protocol would block incorrect rate changes or griefing. Without those details the central security claim remains an assumption. The risk posture section is referenced but not backed by any verification steps or edge-case checks. This work is aimed at the Tezos protocol and governance community plus researchers comparing native staking designs across proof-of-stake systems. A reader looking for a high-level alternative model will find it useful as a starting sketch. Anyone needing formal proofs, simulations, or a worked threat model will need more. I would send it for peer review. The idea raises practical questions worth referee input on specification and security, even though the current version is early-stage.

Referee Report

3 major / 2 minor

Summary. The manuscript proposes Canonical LST (sTEZ) as an enshrined, protocol-native liquid staking mechanism for Tezos. It claims that an accrual-based exchange rate, which adjusts to reflect all staking rewards and slashing events while keeping sTEZ balances fungible, enables any tez holder to participate in aggregated staking without third-party operators, thereby reducing centralization risks associated with commercial liquid staking services. The paper outlines motivations, core mechanics, the exchange-rate model, regulatory touchpoints, risk posture, and a forward roadmap.

Significance. If the security assumptions hold, the proposal could meaningfully advance decentralized staking infrastructure in Tezos by treating liquid staking as protocol-level functionality rather than a discretionary service. The accrual design preserves direct staking economics and anchors governance in the amendment process, offering a public alternative that complements rather than replaces individual staking. The conceptual framing is clear, though the absence of formal verification or empirical validation limits assessment of real-world impact.

major comments (3)

[exchange-rate model] Exchange-rate model section: The accrual-based mechanism is described conceptually but supplies no formal specification, equations, or pseudocode defining how the protocol computes and applies the sTEZ/tez rate upon rewards and slashing. This is load-bearing for the central claim that the design accurately reflects economics while maintaining fungibility and avoiding manipulation risks.
[risk posture] Risk posture section: No adversarial threat model or edge-case analysis is provided for protocol-managed rate adjustments, including scenarios such as disputed slashing reports, baker collusion, delayed updates, or network partitions. This directly affects the claim that the approach introduces no new operational or centralization vectors.
[core mechanics] Core mechanics section: The description of protocol-managed aggregated staking pools states that the Tezos protocol can securely handle participation and rate adjustments but offers no analysis of computational feasibility, scalability under high load, or prevention of griefing attacks on the rate oracle. This assumption underpins the entire proposal.

minor comments (2)

[abstract and roadmap] The abstract and roadmap section mention 'deterministic lifecycle rules' and 'transparent on-chain data' without concrete examples or pseudocode illustrating these rules in the main text.
[core mechanics] Notation for the sTEZ token and exchange rate is introduced without an explicit definition table or consistent use across sections, which could be clarified for readability.

Simulated Author's Rebuttal

3 responses · 0 unresolved

Thank you for the detailed review. We appreciate the referee's feedback on the need for more formal specifications and analyses in the manuscript. Below we respond to each major comment and commit to revisions where appropriate.

read point-by-point responses

Referee: [exchange-rate model] Exchange-rate model section: The accrual-based mechanism is described conceptually but supplies no formal specification, equations, or pseudocode defining how the protocol computes and applies the sTEZ/tez rate upon rewards and slashing. This is load-bearing for the central claim that the design accurately reflects economics while maintaining fungibility and avoiding manipulation risks.

Authors: We agree with this assessment. The exchange-rate model is central to the proposal, and the current manuscript presents it at a conceptual level. In the revised version, we will add a formal specification including mathematical equations for the rate adjustment upon rewards and slashing events, pseudocode for the computation process, and a discussion on maintaining fungibility and mitigating manipulation risks. This will provide the necessary rigor to support the claims. revision: yes
Referee: [risk posture] Risk posture section: No adversarial threat model or edge-case analysis is provided for protocol-managed rate adjustments, including scenarios such as disputed slashing reports, baker collusion, delayed updates, or network partitions. This directly affects the claim that the approach introduces no new operational or centralization vectors.

Authors: The referee is correct that a comprehensive adversarial threat model is missing. We will revise the risk posture section to include a detailed threat model covering the mentioned scenarios (disputed slashing reports, baker collusion, delayed updates, network partitions) and explain how the protocol-native design leverages Tezos' existing consensus and governance mechanisms to address them without introducing new centralization risks. revision: yes
Referee: [core mechanics] Core mechanics section: The description of protocol-managed aggregated staking pools states that the Tezos protocol can securely handle participation and rate adjustments but offers no analysis of computational feasibility, scalability under high load, or prevention of griefing attacks on the rate oracle. This assumption underpins the entire proposal.

Authors: We acknowledge the need for analysis on feasibility and security. In the revised manuscript, we will include an assessment of computational feasibility for rate adjustments within Tezos' protocol constraints, discuss scalability based on projected load, and propose mechanisms to prevent griefing attacks, such as rate update throttling and oracle verification using on-chain data. revision: yes

Circularity Check

0 steps flagged

No significant circularity in the protocol proposal

full rationale

The paper is a design proposal for a protocol-native liquid staking mechanism (sTEZ) in Tezos. It describes high-level mechanics, an accrual-based exchange-rate model, governance, and risk posture without presenting any mathematical derivations, equations, fitted parameters, or self-referential definitions. No load-bearing steps reduce by construction to prior inputs, self-citations, or ansatzes from the authors' work. The central claims rest on conceptual protocol changes rather than any closed-loop derivation, making the analysis self-contained against external benchmarks.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 1 invented entities

The design rests on domain assumptions about Tezos protocol security and governance rather than new mathematical derivations.

axioms (1)

domain assumption The Tezos protocol can securely aggregate and manage staking without introducing new centralization or operational failures
Invoked to support the claim that protocol-native management is safer than third-party operators.

invented entities (1)

sTEZ token no independent evidence
purpose: Fungible representation of staked tez with accrual-based exchange rate
New token introduced to implement the liquid staking mechanism.

pith-pipeline@v0.9.0 · 5486 in / 1183 out tokens · 70135 ms · 2026-05-15T11:14:53.779397+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

6 extracted references · 6 canonical work pages

[1]

2014 , url =

L .M Goodman , title =. 2014 , url =

work page 2014
[2]

2024 , url =

Tezos Documentation , title =. 2024 , url =

work page 2024
[3]

2025 , note =

Placeholder , title =. 2025 , note =

work page 2025
[4]

2023 , note =

Nomadic Labs , title =. 2023 , note =

work page 2023
[5]

Enshrined Contracts Specification (Draft) , year =

work page
[6]

Canonical Liquid Staking Token -- Design Choices , year =

work page

[1] [1]

2014 , url =

L .M Goodman , title =. 2014 , url =

work page 2014

[2] [2]

2024 , url =

Tezos Documentation , title =. 2024 , url =

work page 2024

[3] [3]

2025 , note =

Placeholder , title =. 2025 , note =

work page 2025

[4] [4]

2023 , note =

Nomadic Labs , title =. 2023 , note =

work page 2023

[5] [5]

Enshrined Contracts Specification (Draft) , year =

work page

[6] [6]

Canonical Liquid Staking Token -- Design Choices , year =

work page