Source: Cobo Global
With the rise of Restaking, more Eigenlayer-based Restaking projects have appeared on the market. Restaking is intended to share the user's pledge share with other projects by sharing the trust of the Ethereum Beacon pledge layer, allowing users to gain more benefits while allowing other projects to enjoy the same consensus trust and security as the ETH Beacon layer. .
In order to help everyone better understand the interaction risks between different Restaking projects, the Cobo security team conducted research on the mainstream Restaking protocols and mainstream LST assets on the market, and sorted out the relevant risks, so that While everyone is enjoying the benefits, they can better control the corresponding risks.
Note: The relevant conclusions listed by the Cobo security team are based on before 0:00 UTC time on February 5, 2024.
The Restaking protocols currently on the market are basically built based on EigenLayer. For users, participating in Restaking means exposing themselves Among the following risks:
Currently required to participate in Restaking To interact with the project party's contract, users need to bear the risk of the contract being attacked;
Project funds built based on EigenLayer will eventually be stored in the contract of the EigenLayer protocol. If the EigenLayer contract is Attack, related project funds will also be lost;
In EigenLayer, there are two types of Restaking, namely native ETH Restaking and LST Restaking. For LST Restaking, funds are deposited directly in the EigenLayer contract. However, for Native ETH Restaking, funds are stored in the ETH Beacon chain; this means that users who perform LST Restaking may suffer losses due to EigenLayer contract risks;
Project Party There are high-risk permissions, and in some cases sensitive permissions can be used to misappropriate user funds.
LST Token Existence The possibility of de-anchoring, or the upgrade/attack of the LST contract may lead to deviations and losses in the value of LST.
Currently except EigenLayer , none of the mainstream Restaking protocols on the market support withdrawals. Assuming that the project party does not upgrade the corresponding withdrawal logic through the contract, users will never be able to get their assets back and will need to obtain liquidity from the secondary market to exit.
Based on the risk points listed above, the Cobo security team systematically investigated some of the mainstream Restaking protocols currently on the market and sorted them out. At present, it mainly includes:
The project completion level is low, and most projects do not implement withdrawal logic;
Centralization risk: User assets are ultimately controlled by multi-signature wallets. The project side has certain Rug Pull capabilities;
Based on the second point, when internal evil occurs or the multi-sign private key is lost, asset losses may occur.
In order to make the results more intuitive, the Cobo security team organized and categorized the survey results for everyone to view, as follows:
Since EigenLayer is the cornerstone of all projects, in addition to the ones mentioned in the table, there are also the following points that users need to pay attention to :
EigenLayer is currently deployed in the contract of the main network and has not yet fully implemented all the features in its white paper Functions (AVS, slash). Among them, the slash function only implements the relevant interfaces and does not yet have specific and complete logic. According to the contract code, the current slash is triggered by the owner of the StrategyManager contract (admin authority of the project party), and the execution method is relatively centralized;
In the process of EigenLayer native ETH Restaking, in addition to creating an EigenPod contract for Restaking fund management, you also need to run the Beacon chain node service yourself and bear the risk of being slashed by the Beacon chain. When users perform native ETH Restaking, it is recommended to choose a more reliable node service provider. In addition, since ETH is stored in the Beacon chain, during the withdrawal process, in addition to being initiated by the user, the node service provider also needs to help the user withdraw the relevant funds from the Beacon chain, that is, the withdrawal process requires the consent of both parties. ;
Since EigenLayer has not yet implemented the complete AVS and Slash mechanisms, the Cobo security team recommends that users not understand the related risks before Enable the delegate function in the EigenLayer protocol, otherwise it may cause certain financial losses.
In addition, through the code Review, some projects also have some code risks that may affect the security of user funds. When Cobo discovered relevant risks, it immediately communicated and confirmed with the project team. Some risk points and communication results are as follows:
All contracts in the current agreement are The contract can be upgraded, and the upgrade permission is 3/6 Gnosis Safe. However, the upgrade permission of the MLRT token contract of cbETH, ethX, and ankrETH in the MLRT token is the EOA address.
Cobo has contacted the Eigenpie team before the deadline, and the project team responded that they would upgrade the rights of all MLRT tokens within 24 hours. Get a multi-signature wallet.
During the recharge process, user acquisition is calculated When calculating the share share, the share value needs to be calculated, but the rsETHPrice in the calculation formula needs to be manually updated with the corresponding oracle. Except for stETH, the share price of the corresponding token contract is used as the price source. stETH directly adopts 1:1 conversion. When stETH is discounted in the secondary market, there will be a certain amount of arbitrage space during the recharge process.
KelpDAO responded on February 5 that the exchange rate of the Lido contract is named 1 stETH = 1 ETH. Because KelpDAO has not yet opened the withdrawal function, arbitrageurs cannot Take advantage of this strategy. In response to this issue, the KelpDAO team will add a circuit breaker when withdrawals are launched that will check the market price of stETH, compare it with the contract price of stETH, and apply necessary guardrails if the deviation is large.
OperatorDelegator is responsible for routing protocol funds to EigenLayer, It corresponds to different recharge proportions, but during the process of configuring OperatorDelegator, the protocol did not check whether the proportions of all OperatorDelegators are greater than 100%, resulting in the possibility of OperatorDelegator-1 (70%) and OperatorDelegator-2 (70%). This problem mainly affects users’ fund withdrawals. Since the withdrawal logic is currently incomplete, it is impossible to evaluate the specific impact on the principal.
The Renzo team stated that in this specific case funds would be transferred to the incorrect OperatorDelegator contract for deposits, or from the incorrect OperatorDelegator extract. Renzo stated that although this technical issue will cause a mismatch in Renzo’s expected allocations to different operators, it will not affect the calculation of total value locked (TVL) or the security of funds. At the same time, the Renzo team will upgrade the contract in the future to solve this technical problem.
In addition to the risks of the protocol itself, the risks of LST cannot be ignored during the restaking process. The Cobo security team also conducted research on the mainstream LST tokens on the market and organized the results for everyone to view. As follows:
How to effectively reduce the risk of participating in Restaking?
Restaking is an emerging concept. Neither the contract layer nor the protocol layer has passed the corresponding time test. In addition to the risks listed above, there may be other unknown risks. So is there a relatively safe best interaction guide that can effectively reduce risks during interaction?
Based on the current research conclusions, the Cobo security team has compiled a relatively safe interaction path for everyone.
For users who use larger funds to participate in Restaking, directly participating in EigenLayer's Native ETH restaking is a good choice. The reason is that for Native ETH restaking, the recharged ETH assets are not stored in the EigenLayer contract, but in the Beacon chain contract. Even in the worst case scenario where a contract attack occurs, the attacker cannot immediately obtain the user's assets.
For users who also want to use large funds to participate but are not willing to endure a long redemption time, they can choose the relatively safe stETH as a participating asset to directly participate in EigenLayer.
For users who want to earn extra income, they can choose a part of the funds to participate in projects based on EigenLayer such as Puffer, KelpDAO, Eigenpie and Renzo according to their risk tolerance, but it should be noted that , since none of the above projects currently implements the corresponding withdrawal logic, users participating in such agreements need to consider the corresponding exit risks at the same time, and the liquidity of the relevant LRT in the secondary market should also be considered during the investment process.
The projects currently listed in this article all have the ability to upgrade and suspend the contract. At the same time, the project party can also perform high-risk operations for the project through multiple signatures. . For advanced users, you can configure corresponding contract monitoring to monitor related contract upgrades and the execution of sensitive operations of the project side.
At the same time, teams and users who want to invest in ETH to participate in the project can cooperate with Cobo Argus to trigger automated robots and single-signature authorization configurations for the Safe multi-signature wallet, based on TVL changes in the pool, fluctuations in ETH prices, and Whale's move to set up automatic deposit functionality to EigenLayer and various re-staking protocols.
Legally speaking, Alexey Pertsev’s case is more important to the future of DeFi than the simple fraud cases against SBF and Do Kwon or Changpeng Zhao’s failure to put in place the required anti-money laundering protocols.
JinseFinanceEigenlayer abstracts a new type of fact (intersubjective), which cannot be solved by the previous solution (ETH Restaking), so a new solution (Staking and Slashing based on EIGEN tokens) is proposed.
JinseFinanceSAFT and SAFE are a simple, flexible and efficient financing method, and they only take up a few pages of paper. SAFT is used to raise currency rights, and SAFE is used to raise equity.
JinseFinanceBitcoin is an ultra-secure asset. As an ultra-safe asset, Bitcoin’s supply curve is closer to the inelastic level (S0) than every other known commodity and monetary good!
JinseFinanceThis article attempts to provide an in-depth look at the risks that EigenLayer has addressed, including potential pitfalls faced by the EigenLayer service and its operators, as well as the potential for systemic threats to Ethereum as a network.
JinseFinanceWhy EigenLayer is the next billion dollar airdrop opportunity and an estimate of how big an airdrop you can get by participating in the EigenLayer opportunity.
JinseFinanceGoogle Cloud has joined the "EigenLayer Operator Working Group" along with more than 65 operators and independent participants.
Olive
Coinlive Analysts at JPMorgan now assert that optimism among individual investors in cryptocurrencies is on the rise, with a brighter market ...
BitcoinistThe ‘Ethereum is a security’ debate has been going on for a while now. With the move to proof of ...
Bitcoinist