Reserve Depletion and Security Runway in Proof-of-Stake Systems

Many proof-of-stake protocols finance validator rewards from two sources: transaction fees and a finite reserve of tokens. This creates a dynamic hand-off problem. Early in the life of the system, fees may be too small to fund the target level of security; later, fees may become sufficient. The central question is whether the reserve provides enough runway for the protocol to remain secure until this fee-only region is reached. We study this problem in a discrete-time stochastic model of validator participation. Token price and transaction demand fluctuate over time, while validators choose participation strategically. We solve the validator entry game and derive an exact state-dependent reserve threshold, i.e., the minimal reserve stock necessary and sufficient to sustain a target security level. This threshold separates three regions: infeasibility, reserve-dependent security, and fee-only security. Security fails if the reserve first falls below the state-dependent threshold, and a successful hand-off occurs exactly if the fee-only region is reached before that failure time. We derive stress-test guarantees that convert lower confidence bands for token price and demand into reserve requirements, and obtain explicit failure-probability and expected hand-off-time bounds. Finally, we extend the model to forward-looking validators and derive the Markov participation condition that captures how current participation affects future reserve-funded rewards. The main implication is that reserve policy should not be evaluated by nominal depletion dates or steady-state reward ratios alone. A protocol can have a large nominal reserve and still be close to security failure after adverse price or demand shocks. Conversely, once demand crosses the fee-only threshold, the reserve becomes redundant for security. This paper provides a tractable equilibrium framework for stress-testing this transition.