How Does Celo Work?

OP Stack-based optimistic rollup (Optimium) with decentralized sequencer from existing Celo validator set

Standard OP Stack rollup architecture. Unique aspect is using the existing Celo BFT validator set as a decentralized sequencer rather than a centralized one.

Decentralized sequencer using Celo's existing BFT validator set, with forced-inclusion via L1 host chain

Celo's use of its existing validator set running BFT consensus as a decentralized sequencer for an OP Stack L2 is a novel approach. Most OP Stack chains use centralized sequencers. Users can circumvent censorship by interacting with the L1 smart contract directly.

EigenDA v2 — transaction data posted to EigenLayer's data availability layer, secured by restaked ETH

EigenDA is an established external DA layer. Celo posts transaction roots on-chain and full data to EigenDA. Adds trust assumption beyond posting data directly to Ethereum.

Canonical L2 bridge to Ethereum with native bridge for ETH and ERC-20 tokens

Standard OP Stack bridge implementation. Withdrawal challenge period applies.

CELO token for transaction fees, validator staking, and on-chain governance voting

Standard governance token. Active governance with regular calls and proposals. Buyback-and-burn mechanism proposed in 2026.

Security Council with 6-of-8 threshold and instant upgrade power over L2 contracts (no exit window)

Standard security council pattern but with instant upgrade power — L2BEAT notes no exit window for users.

Native stablecoin support: cUSD, cEUR, cREAL — algorithmic stablecoins backed by CELO reserve

Celo's native stablecoins (Mento protocol) are a key ecosystem feature. Mento has been spun off as a separate protocol with its own governance.

CELO staking with validators running BFT consensus, earning block rewards and transaction fees

Carried over from the L1 era. Validators now serve as decentralized sequencers in the L2 architecture.

The Security Council can instantly upgrade bridge contracts with no exit window for users. A compromised 6-of-8 multisig could redirect or freeze bridged assets before users can react.

If EigenDA operators fail or withhold data, users cannot independently reconstruct the state needed for withdrawal proofs. This creates a dependency on EigenDA's restaked validator set beyond Ethereum's base security.

The decentralized sequencer posts data to EigenDA. If there is a mismatch between what the BFT validator set agrees on and what EigenDA makes available, it could create state inconsistencies that affect withdrawal proofs.

The migration from L1 to L2 changed the security model for Celo's native stablecoins. Edge cases in how the Mento stability mechanism operates within the L2 context could create temporary depeg risk during the stabilization period.

The proposed programmatic buyback-and-burn mechanism is governance-controlled and not yet implemented. If the proposal fails or is delayed, CELO continues as an inflationary token with validator rewards diluting non-staking holders.