FABRKNT
GitHub
Intro to Reth — Welcome to Rust Ethereum
Why the Rust Ethereum Stack
Lesson 2 of 11·CONTENT16 min25 XP

Treat this page as a workbench, not a blog post. The goal is to extract a reusable mental model from the source and carry it into the rest of the Fabrknt stack.

Course
Intro to Reth — Welcome to Rust Ethereum
Lesson role
CONTENT
Sequence
2 / 11

Lesson 1 — Beyond the 5 subsystems — the 4 forces that make Ethereum specific

Question

L0 framed Ethereum as a composition of 5 subsystems. So what makes it Ethereum? Four forces — adversarial environment / consensus determinism / immutability / open membership — distinguish it from general systems engineering.

Principle (minimum model)

  • Adversarial environment. Attackers always exist + economically incentivised. Latency attacks / front-run / MEV / sandwich. Design assumes the worst case.
  • Consensus determinism. Every node, given the same input, must produce byte-for-byte the same output. wrapping_add / no floats / fixed iteration order. The consensus contract.
  • Immutability. Deployed contracts can't be patched (except SELFDESTRUCT, soon gone). Design for "this will exist forever".
  • Open membership. Anyone can validate / run a node / deploy a contract. No permission system → sybil resistance + DoS defence + economic staking become mandatory.
  • 4 forces × 5 subsystems determines every design choice. Choosing MDBX = I/O perf + crash safety. revm's wrapping arithmetic = consensus determinism. reth-network peer scoring = adversarial. Tokio task budgets = DoS defence.

Worked example + steps

Beyond the 5 subsystems — the 4 forces that make Ethereum specific

The previous lesson loaded the on-ramp framing: Ethereum is database + distributed system + compiler + networking + concurrency runtime, glued by consensus. Every subsystem is a well-studied SE problem. The "blockchain" part is the glue, not the substance.

That framing is the right starting point. It buys you the right to read Reth source without "this is magic" reactions. But it's also a deliberate simplification — and if you carry only that framing into Inside REVM / Inside Reth, you'll miss why some of Ethereum's design choices look the way they do.

There are 4 forces that distinguish Ethereum's specific instance of systems engineering from a generic one (think: a web2 backend running PostgreSQL + Tokio + a custom VM). Load them now. Each one shows up later in the curriculum as a specific lesson topic; this lesson is the map.

Force 1: Adversarial environment

Paxos and Raft — the canonical distributed-system algorithms — assume nodes can fail (crash, become slow, partition) but are not malicious. The classic literature calls this Crash Fault Tolerance (CFT). Most production distributed systems (Spanner, Kafka, etcd) live in this regime: nodes belong to the same company, run the same code, and have no incentive to lie.

Ethereum doesn't get to make those assumptions. Nodes are operated by mutually distrustful parties, some of which actively try to break the system for profit. The literature for this regime is Byzantine Fault Tolerance (BFT) — and BFT is qualitatively harder than CFT. PBFT (1999) was a major academic milestone precisely because BFT in an asynchronous network had been considered nearly impossible.

The adversarial environment is the single load-bearing reason Ethereum's design looks weird in places:

  • Gas isn't just "CPU + memory metering." It's the DoS-prevention mechanism. If gas were free or unmetered, an attacker could submit one transaction that loops forever and freeze every node. Gas pricing per opcode is a control-theory feedback loop — the price of each operation is calibrated against the cost of executing it adversarially.
  • Slashing isn't just a punishment. It's the economic safety net that makes consensus work without a trusted authority. A validator who double-signs loses staked capital — the loss has to exceed the attack's profit for the system to be safe. This is game theory wired into the protocol, not a code-level check.
  • Consensus isn't just Paxos with hashes. Casper FFG + LMD-GHOST, HotStuff, Tendermint — every modern BFT consensus has explicit economic and timing assumptions that classical Paxos doesn't make.

Analog from outside crypto: payment-processing networks like Visa run on top of standard distributed-systems substrate but add a fraud-detection layer because they assume merchants and cardholders can be adversarial. Ethereum is the same shape — except the fraud-detection layer is the consensus protocol itself, not a separate system bolted on top.

Where this shows up in the curriculum: Consensus Engineering tier (BFT, slashing, validator economics), Validator Operations tier (slashing detection, key management).

Force 2: Cryptographic verifiability

Ethereum's "database" is technically MDBX (a B+tree with MVCC). But MDBX alone is just a key-value store. What makes Ethereum's database fundamentally different from a PostgreSQL deployment is one specific structural addition: a cryptographic accumulator — the Merkle Patricia Trie (MPT).

The MPT means every account, every storage slot, every contract code blob — every piece of state — is included in a single 32-byte hash called the state root. Given that 32-byte hash and a small Merkle proof, a third party can verify any individual piece of state without trusting whoever served the proof, and without holding the database themselves.

This is the load-bearing difference from PostgreSQL. A PostgreSQL deployment can tell you "Alice's balance is 100" — but you have to trust the database (or its operator) to believe it. Ethereum can tell you "Alice's balance is 100, here's a 1KB proof, verify it against the state root you already trust." The trust assumption shifts from the operator to the cryptography.

Practical consequences worth loading now:

  • Every state-changing operation costs more than a comparable PostgreSQL update. The MPT has to be re-hashed up to the root on every change. This is why SSTORE costs 20,000 gas while MLOAD costs 3.
  • Light clients are possible. A phone-sized client that doesn't hold the full database can still verify chain state, because it only needs the state root + proofs. This is a structural property of the MPT.
  • Stateless verification is possible. Validators don't need to hold the full state — they need access to proofs for whatever transactions they're verifying. Active area of protocol research.

Analog from outside crypto: Git's content-addressed storage (every commit references its tree via hash), ZFS's Merkle-tree integrity checks, IPFS's content addressing. All applications of the same idea — the database's contents are cryptographically committed, so any piece can be proven without holding the whole.

Where this shows up in the curriculum: Expert tier (Merkle Patricia Trie & state proofs lesson), Cross-chain Bridges (light clients as bridge verification primitives), Stateless Ethereum.

Force 3: Transaction ordering as a market

In a standard distributed system — Kafka, a payment queue, a CDC pipeline — transaction order is an implementation detail. The system picks an order (FIFO, partition-key based, timestamp), and that's the end of it.

Ethereum can't make this assumption. Every block has hundreds to thousands of transactions competing for the same scarce resources (block space, storage slots, AMM liquidity). Which transactions go first inside a block has direct monetary value — front-running a large swap, sandwich-attacking a price-impact order, capturing arbitrage between DEX pools. This value has a name: MEV (Maximal Extractable Value).

The result is that transaction ordering itself becomes its own systems-engineering layer, with its own pipeline:

  • Mempool — transactions wait here, visible to everyone watching
  • Searchers — scan the mempool for profitable orderings, submit bundles
  • Builders — assemble blocks from searcher bundles + public mempool, optimizing for total fee + MEV
  • Relays — sit between builders and validators, distributing blocks
  • Validators — pick the most profitable block, sign it, propose it

That's 5 distinct components, each with its own performance characteristics, trust assumptions, and failure modes. None of them existed in 2015. They emerged because the adversarial environment (Force 1) + a public mempool + per-block scarce resources made transaction ordering economically valuable.

Analog from outside crypto: high-frequency trading order routing (which exchange to send the order to, at what time), exchange matching engine design, ad-auction pipelines (header bidding, programmatic ad exchanges). All shapes of ordering matters, who orders has power, ordering becomes its own optimized layer.

Where this shows up in the curriculum: Building tier (MEV searcher app, frontrun-resistant order router capstone), Expert MEV in production.

Force 4: Live system migration

Standard distributed systems handle schema migrations and rule changes by stopping the world, running the migration, and restarting. Kafka clusters get rolling upgrades with two minutes of degraded throughput. PostgreSQL gets a maintenance window. Even strict 24/7 systems like Visa coordinate upgrades over hours with rollback plans.

Ethereum can't do that. There's no single operator who can call a maintenance window. The chain has to keep producing blocks every 12 seconds while every node — operated by thousands of independent parties — simultaneously switches to new consensus rules at one specific block height. This is hot-swap migration with zero downtime, coordinated across mutually distrustful operators.

The mechanism: every Reth/Revm version carries the entire history of Ethereum's consensus rules inside one binary. A field called spec_id (or equivalent) selects which rules apply at any given block height. When the chain reaches the activation height of a new hard fork, every node simultaneously switches its rule set. Validators who haven't upgraded fall off the canonical chain; validators who have upgraded continue.

This is why Reth/Revm source has so many match spec_id and if hardfork >= branches. Every line of code that touches a consensus-affecting behavior has to know about every hard fork that ever changed that behavior. The code looks complex because it carries the full historical specification.

Analog from outside crypto: spacecraft computer firmware updates (you can't physically reach the satellite, you must update in flight), telephone-network protocol upgrades (the AT&T transition from analog to SS7 happened while every call kept connecting), Visa's payment-network hard forks (chip cards, contactless, tokenization — all coordinated upgrades across millions of merchant terminals with no downtime).

Where this shows up in the curriculum: Expert tier (Custom ChainSpec — fork, genesis, precompile schedule; production Reth fork operations).

The updated mental model

Carry both lessons forward:

5 subsystems (from the previous lesson):

  • Database, distributed system, compiler/VM, networking, concurrency runtime

4 forces (this lesson):

  • Adversarial environment, cryptographic verifiability, transaction ordering as a market, live system migration

The 5 subsystems tell you what Ethereum is made of. The 4 forces tell you why those subsystems look the way they look.

When you read Reth and see code that doesn't fit the generic SE pattern — a weird gas-pricing constant, a Merkle re-hash on every storage write, a payload builder with private orderflow handling, a 14-branch match spec_id — one of these 4 forces is the reason.

Once you have both halves of the model, you can stop treating Ethereum's specifics as "blockchain magic." The 5 subsystems give you the SE substrate; the 4 forces give you the constraints that shape it. Together they're enough to read Reth/Revm/Alloy without either failure mode — "this is magic" or "this is just Paxos with extra steps."

Where you'll meet each force again

ForceConcrete curriculum touchpoints
Adversarial environmentConsensus Engineering (BFT, validator economics, slashing), Validator Operations (slashing detection, MPC keys)
Cryptographic verifiabilityExpert MPT lesson, Cross-chain Bridges (light clients), Stateless Ethereum
Transaction ordering as a marketBuilding tier (MEV searcher, frontrun-resistant router capstone), Expert MEV in production
Live system migrationExpert Custom ChainSpec, Expert Reth fork operations, hardfork-specific code paths inside Inside Revm and Inside Reth

The on-ramp framing alone is enough to start reading. These 4 forces are what make the framing sharp. Both lessons are short on purpose — most of the substance lives in the courses they map to.

Summary (3 lines)

  • 4 forces = adversarial environment + consensus determinism + immutability + open membership. These distinguish Ethereum from general systems engineering.
  • 4 forces × 5 subsystems product determines every design choice — wrapping arithmetic, peer scoring, task budgets, MDBX choice all fall out.
  • Next lesson: the three-pillar role split (Reth / Revm / Alloy) and why this stack is worth learning.
← Previous
Lesson 0 — Ethereum as systems engineering — the mental model you'll need
Next →
Lesson 2 — Why learn Reth, Revm, and Alloy?