Everyone in crypto is familiar with 2f+1 quorum consensus—you need two-thirds of validators signing to prove agreement. That works for small consensus tasks. Walrus's Red Stuff protocol shows why that approach breaks for blob storage and introduces something better: verifiable commitments without signature quorums.
The 2f+1 Signature Problem at Scale
Here's what Byzantine consensus traditionally does: collect 2f+1 signatures from validators, verify the signatures, aggregate them into a proof. This works for proving a single value or state transition.
Now apply this to blob storage. Each blob needs 2f+1 validator signatures confirming they received and stored it. At Ethereum scale—thousands of blobs per block—you're doing thousands of 2f+1 signature aggregations. Each blob needs O(f) signatures. Each signature needs verification. The compute explodes.
Signature aggregation helps, but you're still gathering cryptographic material from 2f+1 different validators, aggregating it, and verifying the result. For one blob, this is manageable. For terabytes of blobs, it becomes the bottleneck.
Red Stuff exists because this approach doesn't scale to modern data volumes.
Why Quorum Signatures Are Expensive
Each validator in a 2f+1 quorum needs to sign independently. Their signature is unique to them. You can't batch signatures from different validators—they're all different.
So for each blob, you do this:
Collect signatures from 2f+1 validators
Aggregate them (non-trivial cryptography)
Verify the aggregated signature
Store or broadcast the proof
At scale, this is expensive. Each blob gets a constant-factor overhead just for consensus overhead. Add up the blobs and you're spending significant resources just gathering and verifying signatures.
This is why traditional blob storage is expensive—quorum signing becomes the bottleneck.
Red Stuff's Different Approach
Red Stuff uses a fundamentally different idea: instead of gathering 2f+1 individual signatures, you get a single commitment that proves 2f+1 validators agreed.
How? Through a verifiable commitment scheme. The committee collectively creates one commitment that's cryptographically tied to 2f+1 validators' participation. Verifying the commitment proves the quorum without collecting individual signatures.
This is massively more efficient.
The Verifiable Commitment Insight
A verifiable commitment is a single, small piece of cryptographic material that proves something about the underlying data without revealing it. For blob storage, the commitment proves:
A quorum of validators received the blob
They agreed on its encoding
They committed to storing it
All without 2f+1 individual signatures
The commitment is compact—constant size regardless of quorum size. Verification is fast—you check the commitment once, not 2f+1 signatures.
This is where the scaling win happens.
How This Works Practically
Here's the protocol flow:
Validators receive a blob. Instead of each creating an independent signature, they collectively compute a commitment. This commitment represents their joint agreement.
The commitment is:
Deterministic (same blob, same committee = same commitment)
Verifiable (anyone can check it's correct)
Non-forgeable (attackers can't create a fake commitment)
Compact (constant size)
A validator trying to cheat—claiming they stored data they didn't, or lying about the encoding—breaks the commitment. Their participation makes the commitment unique. You can detect their dishonesty.
Why Signatures Become Optional
With traditional 2f+1 signatures, you gather material from each validator. Red Stuff shows you don't need individual signatures at all. You need collective commitment.
This is architecturally cleaner. No individual validator is claiming anything. The committee as a whole is claiming something. That's stronger—it's not "2f+1 validators each said yes" but "the committee collectively verified this."
Scalability Gains
For a single blob:
Traditional: 2f+1 signatures (roughly 100 bytes × 2f+1) = kilobytes of signature material
Red Stuff: one commitment (roughly 100 bytes) = constant size
For 10,000 blobs:
Traditional: kilobytes × 10,000 = megabytes of signature material to collect, aggregate, verify
Red Stuff: 100 bytes × 10,000 = megabytes to store commitments, but near-zero verification overhead per blob
The savings compound. Batch verification, parallel checks, and efficient storage all become possible with Red Stuff's commitment model.
Byzantine Safety Without Quorum Overhead
Red Stuff maintains Byzantine safety without the signature quorum overhead. A Byzantine validator can't forge a commitment because they'd need f other validators to collude. The protocol is designed so that one validator's lie is detectable.
This is different from traditional consensus where you're betting on the honesty of a statistical majority.
Verification Scalability
Here's where it gets elegant: verifying a Red Stuff commitment is O(1) per blob, not O(f) like traditional signatures. You don't verify f signatures. You verify one commitment.
For terabytes of blobs, this is transformative. Verification becomes the least expensive part of storage.
Composition With Other Protocols
Red Stuff commitments compose nicely with other protocols. A rollup can include Red Stuff commitments for all its data blobs in a single transaction. A light client can verify thousands of blobs with minimal overhead.
Traditional signature quorums don't compose as cleanly. Each blob drags its overhead with it.
The Economic Implication
Cheaper verification means cheaper validator economics. Validators don't need to dedicate massive resources to signature verification. They can focus on actual storage and repair.
This translates to lower costs for users storing data and better margins for validators maintaining infrastructure.
Comparison: Traditional vs Red Stuff
Traditional 2f+1 signing:
Per-blob: O(f) signature collection and verification
Scales linearly with validator count
Becomes bottleneck at large scale
Expensive to verify in bulk
Red Stuff commitments:
Per-blob: O(1) commitment verification
Scales linearly in principle but negligible per-blob overhead
Remains efficient at any scale
Efficient bulk verification
Trust Model Shift
Traditional approach: "2f+1 validators signed, so you can trust them."
Red Stuff approach: "The committee's commitment is mathematically unique to this exact blob, so it can't be forged."
The second is stronger. It's not betting on 2f+1 validators being honest. It's proving the commitment is unique.
Red Stuff transforms blob storage from a protocol bottlenecked by signature quorums to one bottlenecked by actual storage and repair. You move from O(f) verification per blob to O(1) verification per blob. Commitments replace signatures. Mathematical uniqueness replaces probabilistic quorum safety.
For decentralized storage scaling to real data volumes, this is the architectural breakthrough that makes terabyte-scale storage economical. Walrus Red Stuff doesn't just improve signing efficiency. It eliminates the need for signature quorum overhead entirely. That's what enables storage at scale.
