Case Study: Smoothing Pool Oracle for Ethereum Validators

Alvaro Revuelta

4 min read
Case Study: Smoothing Pool Oracle for Ethereum Validators

Dappnode engaged us to design and implement Smooth, a “smoothing pool” that enables Ethereum validators to stabilize their staking rewards by pooling and proportionally redistributing them.

As of July 2025, Smooth manages over $100 million in subscribed stake and has distributed more than $1 million in rewards. We’re proud to have architected and secured this mission-critical protocol.

Key Technologies: Golang | Solidity | Docker

The Client

Dappnode empowers anyone to run blockchain nodes from home. By selling plug-and-play hardware with preinstalled software, they make it possible to launch and manage Ethereum validators in just a few clicks. Today, thousands of validators rely on Dappnode’s platform for secure, self-custodial staking.

The Problem

Individual Ethereum validators face high variance in annual rewards because:

  • Block proposal frequency is determined randomly.
  • Per-block rewards fluctuate based on network conditions and tips.

This unpredictability discourages smaller participants. Dappnode needed a solution to smooth out reward variance without introducing trust assumptions.

The Solution

Here’s how we tackled the problem:

  • Whiteboard sessions with Dappnode to capture and refine requirements.
  • Proof of Concept (PoC): Rapidly built to validate key design assumptions and uncover unknowns.
  • Protocol specifications: Authored precise, unambiguous documentation defining the system’s behavior.
  • Production-quality development: Implemented the software following rigorous industry best practices.
  • Comprehensive testing: Verified correctness via unit, integration, fuzz, and invariance tests.
  • Cloud deployment: Containerized and deployed a 24/7 solution with automated failover.

We started capturing the requirements, with multiple whiteboard sessions where we agreed the protocol should:

  • Be permissionless
    • Anyone can join or leave at will, and if Dappnode disappears, their funds remain claimable.
  • Be trustless
    • State settlement is distributed across entities so that no single party can misappropriate funds.
  • Be auditable
    • All data derives from on-chain sources, allowing anyone to reconstruct the full state.
  • Be fair
    • A built-in penalty mechanism deters and penalizes validators that fail to fulfill their duties, like missing block proposals.

To satisfy these requirements, we split the design into two core components:

  • Oracle (off-chain)
    • Calculates rewards, constructs and signs a Merkle tree of the distribution state, and submits roots on-chain.
  • Smart Contracts (on-chain)
    • Store Merkle roots, manage subscriptions/unsubscriptions via emitting events and allows used to claim their share in a trustles manner.

With the architecture defined, we built our first proof of concept. This PoC gave us working code to iterate against, validate open questions, and refine the protocol.

“Talk is cheap. Show me the code”

Linux Torvalds

We continued writing the protocol specifications. At Bilinear Labs, we view detailed specs as indispensable. They are an exercise in abstraction that keeps implementation blinders off. Our specifications deliverables included:

  • Finite State Machines illustrating the validator lifecycle (states and triggering events).
  • Executable algorithms in Python rather than pseudocode, for immediate validation.
  • General documentation. Merkle trees definitions, API specification and documentation.

For example, a finite state machine with the validator lifecycle, showing states and events triggering transitons.

And the rewards calculation algorithm, that redistributes remainders, as decimals can’t be used in the EVM.

def calculate_val_rewards_and_fee(fee_percent_over1000, total_reward, eligible_validators):
    pool_fee_no_remainder = (total_reward * fee_percent_over1000) // 10000
    to_share_validators = total_reward - pool_fee_no_remainder
    per_validator_reward = to_share_validators // eligible_validators
    remainder = to_share_validators % eligible_validators
    final_pool_fee = pool_fee_no_remainder + remainder

    assert (per_validator_reward*eligible_validators+final_pool_fee) == total_reward

    return final_pool_fee, per_validator_reward

Once the PoC and specifications were ready, we:

  • Engineered for adversarial threats, defining clear attack vectors.
  • Adopted a minimalist code philosophy: every line must deliver customer value. Superfluous code was stripped out.
  • Held peer-review rounds to weed out unnecessary complexity before declaring development complete.

Given the immutable nature of blockchain, correctness is non-negotiable. We implemented four verticals of testing:

  • Unit Testing
    • Targeting 100% coverage to validate individual functions.
  • Integration Testing
    • Verifying that components interoperate correctly.
  • Fuzz Testing
    • Subjecting inputs to unpredictable, malformed data to uncover edge-case failures.
  • Invariant Testing
    • Continuously asserting that on-chain liabilities never exceed held assets. The contract should never owe more than it has.
Testing can’t prove the absence of bugs, but its presence. Each test acts like another layer of cheddar cheese; the more layers, the harder it is for a bug to slip through.

Finally, we containerized every service with Docker and deployed:

  • A resilient pair of Ethereum consensus and execution clients.
  • Automated failover mechanisms to switch seamlessly if a node goes offline.
  • 24/7 monitoring and alerting to maintain near-perfect uptime, using Prometheus and Grafana.

The Challenges

Throught the project, we faced two challenges that we had to carefully trade off a solution with Dappnode:

  • MEV rewards: Some block rewards don’t come from just the EIP1559 tip but from Maximal Extractable Value. These rewards are hard to track with just on-chain data since each block builder pays them differently. Most of them are the last transaction of the block, but there are some exceptions.
  • Validator address: Indexing the deposit contract to use the deposit address proved cumbersome, so we required participants to register via a withdrawal credential (0x01) address, enforcing non BLS signing keys.

The Conclusions

We’re proud to have partnered with Dappnode to deliver this mission-critical software enabling their users to earn stable Proof-of-Stake rewards for a modest fee (recouped within months) and to see it run flawlessly, with zero incidents and complete safety at every step.

The Impact

  • $100 million+ in aggregated stake.
  • $1 million+ in smoothed payouts.
  • Secured by Bilinear Labs oracle.
“Bilinear Labs transformed our vision for Smooth into reality. Their deep technical expertise and relentless focus on security turned a complex protocol into a mission-critical, 24/7 service. The results speak for themselves.”

Pol Lanski, CEO at Dappnode.

Discover how Bilinear Labs can assist in designing and optimizing your decentralized systems.

📧 Get in touch: contact@bilinearlabs.io

| Twitter | Linkedin | Github |

Read more