# Collateral Risk Assessment - Mantle ETH (mETH) ![prisma_19042024_mantle-protocol-mETH](https://hackmd.io/_uploads/SJ09BsWWA.png) ### Useful Links - Website: [mantle.xyz/meth](https://www.mantle.xyz/meth) - Documentation: [gitbook.io](https://docs.mantle.xyz/meth/introduction/overview) - Social: [twitter.com/0xMantle](https://twitter.com/0xMantle) - Contracts: [docs.mantle.xyz/meth](https://docs.mantle.xyz/meth/components/smart-contracts) - Markets: ByBit ([mETH/ETH](https://www.bybit.com/en/trade/spot/METH/ETH?affiliate_id=9763), [mETH/USDT](https://www.bybit.com/en/trade/spot/METH/USDT?affiliate_id=9763)) | Agni Finance ([mETH/WETH](https://agni.finance/swap?inputCurrency=0xcda86a272531e8640cd7f1a92c01839911b90bb0&outputCurrency=0xdeaddeaddeaddeaddeaddeaddeaddeaddead1111)) | FusionX V3 ([mETH/ETH](https://www.bybit.com/en/trade/spot/METH/ETH?affiliate_id=9763)) | Butter.xyz ([mETH/WETH](https://stats.butter.xyz/#/pools/0xd14663df2b3a84e0dddc2393f10c979a4244d7f8)) - Dashboards: [meth.mantle.xyz/stats](https://meth.mantle.xyz/stats) | [Mantle Treasury](https://treasurymonitor.mantle.xyz/) # Introduction **This report is conducted by the Prisma independent risk and research team operated by [Llama Risk](https://cryptorisks.substack.com/) as part of a series on LSD collateral risk assessments. In this report, we examine Mantle's mETH.** This report will comprehensively cover all relevant risk factors of Mantle's mETH for collateral onboarding. Our approach involves both quantitative and qualitative analysis to help determine whether the collateral can be safely onboarded and to what extent there should be restrictions on the Protocol's exposure to the collateral. As Prisma will be onboarding a variety of LSDs as collateral, our review involves comparative analysis to determine suitability as collateral. Risks are categorized into: * **Market Risk** - risks related to market liquidity and volatility * **Technology Risk** - risks related to smart contracts, dependencies, and Oracle price feeds * **Counterparty Risk** - risks related to governance, centralization vectors, and legal/regulatory considerations These risk categories will be summarized in the final section of this report and are meant to assist tokenholders in their determination around mETH onboarding and setting suitable parameters. # Section 1: Protocol Fundamentals This section addresses the fundamentals of the proposed collateral. It is essential to convey (1) the value proposition of mETH, and (2) the overall architecture of the Protocol. This section contains descriptive elements that cannot be quantified and act as an explanatory introduction to the collateral. This section is divided into two sub-sections: * 1.1: Description of the Protocol * 1.2: System Architecture ## 1.1 Description of the Protocol Mantle is a DAO that develops and administrates several products on Ethereum related to DeFi and network infrastructure. Initially an L2 rollup built on Ethereum, it gradually developed a complete ecosystem, all of that in a completely decentralized way thanks to the contribution of its DAO members. The 19th of May 2023, the BitDAO community voted in favor of [BIP-21](https://snapshot.org/#/bitdao.eth/proposal/0xe81f852d90ba80929b1f19683da14b334d63b31cb94e53249b8caed715475693), a proposal to merge Mantle and BitDAO, which was the largest DAO by treasury size at the time. To enact this merger, the BIT token was made convertible for MNT tokens, a new token for the resulting unified ecosystem, and three products were inherited by the new platform: the Mantle network, the Mantle treasury, and the Mantle governance. Mantle LSP is a new product that was first proposed to the Mantle community in July 2023 [on their forum](https://forum.mantle.xyz/t/archived-mantle-lsd/7085). In August 2023, a [governance proposal](https://snapshot.org/#/bitdao.eth/proposal/0xa34107e34b4dc4ff4cd16b77d66e62a51f4d35457a4f4b1f68ab8ac821f58561) was accepted to allow the staking of treasury ETH into Mantle mETH, which would bootstrap the Mantle LSP with 40,000 ETH right away. In October 2023, a first permissioned alpha was launched with a 1,000 mETH cap. This cap was then gradually increased to 600,000 mETH until the launch of "Mainnet v1" in December 2023. Mantle LSP aims at being a simple yet powerful and secure liquid staking solution, administered through best in class decentralization practices through its DAO. Tightly integrated within Mantle's ecosystem, especially when it comes to its governance, Mantle LSP is yet another option for liquid stakers with its own set of strenghs and weaknesses. In this report, we will provide a complete risk analysis of this protocol and of the mechanisms with which it integrates with the Mantle DAO. ### 1.1.1 Underlying Collateral Like most liquid staking tokens, mETH is a yield-bearing asset with a soft peg to ETH that is backed by staked ETH. Only two operations are available for users: they can deposit ETH into Mantle's contracts in exchange for mETH, a receipt token, or later redeem this same mETH in exchange for an amount of ETH corresponding to the ETH principal plus any staking rewards accumulated during the liquid staking token holding period. Deposited ETH is automatically allocated to a set of professional node operators working on behalf of Mantle. The allocation is triggered by offchain services operating with limited permissions that are enforced by the smart contracts for security. The flow of capital is strictly unidirectional; user deposits to the staking contract are allocated to validators operated by node operators. Upon withdrawal, ETH is sent back to the staking contract where users can get back their ETH principal plus staking rewards. It is important to note that node operators are not required to provide a bond nor have to sign a contract to operate on behalf of Mantle. The enforceability of contractual obligations is an unexplored matter since Mantle has not publicly designated an entity to liaise with node operators. Consequently, the relation between Mantle and the node operators can be considered as being solely based on trust, and the only incentive for node operators to behave is the risk for them to lose their reputation. Throughout our communications, the Mantle team has remained oddly secretive regarding its relationship with node operators. ### 1.1.2 Yield Accrual Mechanism mETH accrues yield through an increasing exchange rate for ETH, thanks to accumulated rewards from Mantle's validators. At all times, the total supply of mETH is always equal to the total amount of ETH principal deposited into the Mantle staking protocol. It does not use the rebase token pattern, where one's balance of mETH would automatically increase at fixed intervals. Instead, a `ReferenceRate` distributes yield through rate updates based on the total controlled ETH within the system divided by the total mETH supply: ![image](https://hackmd.io/_uploads/B1CYkV9xR.png) A notable innovation brought by Mantle is a mechanism used to mitigate what is called *Unstake Griefing*. Because of the beacon chain entry and exit queue, staked ETH can spend anywhere between zero to several months without earning rewards. Since mETH exchange rate is a direct function of the amount of ETH into the system, a large amount of ETH in the entry or exit queue could negatively impact the exchange rate of mETH. One could even exploit the mETH exchange rate by timing their deposits and withdrawals to maximize the amount of staked ETH in the entry and exit queue. ![image](https://hackmd.io/_uploads/rJtok49xR.png) To mitigate *Unstake Griefing*, Mantle adds a discount to the exchange rate when users unstake their ETH: it is equal to the reward loss induced by the time spent in both the entry and exit queue. Therefore, one would pay a penalty that is proportional to the sum of both queue lengths, hence incentivizing users to wait until they reduce in size. The loss due to the entry and exit queues is therefore that of specific unstaking requests instead of being socialized across all stakers. The exchange adjustment rate is a parameter of the staking contract that can only be updated by the `STAKING_MANAGER_ROLE` assigned to the Mantle Security Council wallet, a [6/13 multisig address](https://etherscan.io/address/0x4e59e778a0fb77fBb305637435C62FaeD9aED40f). ### 1.1.3 Provider Fee Mantle levies a [10% fee](https://docs.mantle.xyz/meth/concepts/accounting/calculating-fees#protocol-fee) on all staking rewards. Node operators are paid, in part, using this 10% fee. Any remaining revenue after payment to node operators accrues to the Mantle treasury, and therefore to all MNT token holders. This fee is set into the Return Aggregator smart contract and can be updated by the `AGGREGATOR_MANAGER_ROLE`, which is subject to a medium security risk rating, and that is assigned to the Mantle Security Council wallet, a [6/13 multisig](https://etherscan.io/address/0x4e59e778a0fb77fBb305637435C62FaeD9aED40f). The staking exchange rate is given by the following formula: $$mETH = (1 - exchangeAdjustmentRate) * (mEthSupply / totalControlled) * ethAmount$$ The withdrawal exchange rate is given by the following formula: $$ETH = (totalControlled / mntEthSupply) * mEthAmount$$ ### 1.1.4 Node Operator Set Mantle delegates the responsibility of running validators to 4 professional node operators: - [Blockdaemon](https://www.blockdaemon.com/), 0.99% of total stake. - [P2P](https://p2p.org/), 2.67% of total stake. - [A41](https://www.a41.io/stake), 1.11% of total stake. - [StakeFish](https://stake.fish/), 2.11% of total stake. The allocation of deposited ETH to node operators and the exit of validators is done through offchain services operated by Mantle; those tasks are respectively done by the Allocator service and the Initiator service. Those services expose HTTP endpoints that return the information needed to start and exit validators. ### 1.1.5 Validator Selection Professional node operators are selected based on several factors including the fee they charge on the validator's staking rewards and their track record and reliability as node operators. It is important to note that node operators are in charge of the validator keys, and are expected to set the correct withdrawal address when a validator is created. However, before funding a validator, the Initiator offchain service will validate the validator information provided by the node operators against the information available onchain to make sure that no attempt is made to steal funds. Once set, the withdrawal cannot be changed. In essence, the only way a node operator could steal funds from an active validator is by changing the fee recipient for execution and MEV rewards. This is easily mitigated by having the Guardian offchain service monitor the validators at all times to detect such attempt. ### 1.1.6 Validator Collateralization Validators are not collateralized, meaning that the professional node operators have no direct economic incentives to operate as expected. They only have their reputation to protect, the loss of which could result in reduced future opportunities and revenues. It is interesting to note that the staking contract has a topUp function that only the `TOP_UP_ROLE` can call and send ETH to. Although not clearly acknowledged, the documentation hints at a situation where, if the total ETH principal backing mETH were to be lower than expected, Mantle could step-in and make mETH holders whole again. Scenarios where the ETH principal amount could become lower than expected includes slashing events and security breach of the contracts resulting in loss of funds, for instance. Most likely, the decision to `topUp` the ETH balance would have to go through governance voting, and the funds would come from the Mantle treasury. ### 1.1.7 Governance Model All Mantle products, including Mantle LSP, undergo a DAO Governance process. The Mantle DAO is made up of MNT token holders who can propose and vote for protocol changes. Voting is handled by Snapshot (an offchain process) and executed onchain by the Mantle team. The Governance model is transparent, with an extensive documentation available [here](https://docs.mantle.xyz/governance). #### Governance Process The typical governance proposal process is as follow: - A governance proposal is made on the [Mantle forum](https://forum.mantle.xyz/). MIPs (Mantle Improvement Proposal) are debated and improved upon by the community. - Once sufficient support from the community is gathered, the MIP is submitted to a vote through the Governance Module. This Governance Module is currently the [snapshot.org](https://snapshot.org/#/bitdao.eth) offchain voting system. The voting strategy is linear, with a minimum proposal threshold of 200,000 MNT tokens, and a quorum threshold of 100,000,000 MNT tokens for a positive vote to be accepted. The minimum voting duration is 7 days. - If accepted, an MIP is executed by the Mantle Core Team. Although changes could be deployed onchain in a trustless way, most changes are currently being deployed offchain by the Mantle Core Team, hence requiring a certain level of trust from the community. The Mantle Governance system was effectively born from the merger between BitDAO and Mantle through the ratification of [BIP-21](https://snapshot.org/#/bitdao.eth/proposal/0xe81f852d90ba80929b1f19683da14b334d63b31cb94e53249b8caed715475693). Conversion of BIT tokens for MNT tokens on a 1-1 basis was then enacted by [MIP-22](https://snapshot.org/#/bitdao.eth/proposal/0x950dac4d5715b8aa8eab29c484b1c9dd0eed161141262b0425874f65be4d9f8e). It is important to note that the Mantle Governance and its underlying DAO are fully flexible and upgradable, and that MNT token holders can vote to change any aspect of the Mantle Governance process, as well as any Mantle product under its control. #### Tokenomics On the 7th July 2023, the initial distribution of the MNT tokens was such that 51% of the MNT tokens were circulating, while 49% were held within the treasury. As of today (17th of March 2024), we count a total of 6,219,316,795 MNT tokens; of those, we estimate that at least 2,866,781,565 (46%) are still held within Mantle's treasury and various wallets. This initial distribution is not subject to any vesting period. ![image](https://hackmd.io/_uploads/r1dTkVqeR.png) Source: [Mantle governance documentation](https://docs.mantle.xyz/governance/parameters/tokenomics) The MNT token is both a governance token and a utility token. Currently, the unique utility of the token is to serve as a gas token on the Mantle Network, the L2 chain that preceded the creation of mETH. MNT tokens that are currently being held within the treasury are expected to be used for the following applications: - User incentives to drive Mantle product adoption and synergies. - Technology partner incentives to foster collaboration with third-parties. - Compensation for the Mantle core team and advisers who contribute to the success of the project. The current allocation of assets and the various treasury strategies can be monitored using the [Mantle Treasury dashboard](https://treasurymonitor.mantle.xyz/). ## 1.2 System Architecture Diagram ### 1.2.1 Network Architecture Overview The Mantle LSD has a simple objective: allow users to stake their ETH in exchange for a receipt token, mETH, and then to later redeem their principal ETH plus staking rewards by burning this token. The architecture reflects this simple goal by being concise and straightforward, utilizing both on and offchain components. Users can deposit any amount of ETH into the [Mantle staking contract](https://etherscan.io/address/0xe3cBd06D7dadB3F4e6557bAb7EdD924CD1489E8f). Once multiples of 32 ETH are accumulated into the staking contract, offchain services will request node operators to create new validators and fund them. Withdrawal requests are served using ETH deposits from new stakers in priority and, if not sufficient, offchain services will exit validators to fulfill them. The Oracle involves an offchain and onchain component. Oracles clients transmit consensus layer data to execution layer contracts, including the amount of ETH in validators, number of validators with ETH, number of validators deposited and withdrawn, and rewards and principals received. The [OracleQuorumManager](https://docs.mantle.xyz/meth/components/smart-contracts#oraclequorummanager) ensures consensus of the oracles and the [Oracle contract](https://docs.mantle.xyz/meth/components/smart-contracts#oracle) receives and validates the oracle data with sanity checks. The [Allocator](https://docs.mantle.xyz/meth/components/off-chain-systems#allocator) offchain service moves ETH around the different smart contracts depending on deposit and withdrawal requests, and can request node operators to exit validators if needed. The [Initiator](https://docs.mantle.xyz/meth/components/off-chain-systems#initiator) offchain service is responsible for monitoring deposits and will create new validators by interacting with node operators if needed. Consensus layer rewards and execution rewards are respectively received by two different smart contracts. A [ReturnsAggregator](https://docs.mantle.xyz/meth/components/smart-contracts#returnsaggregator) smart contract then concentrates the rewards and split them into user rewards (90%) and service fee (10%). The user rewards are sent to the staking contract and can be either withdrawn by users or be compounded by funding new validators. According to the Mantle documentation, half of the service fee (5% of the total rewards) is used to pay professional node operators, while the remaining 5% accrues to the Mantle Treasury. The simplicity of this architecture is by design: according to the Mantle documentation, it is easier to secure a smaller amount of code. It is indeed common engineering wisdom to create simple components and later combine them in more complex ways rather than try to build something complex from the ground up. ### 1.2.2 Architecture Diagram Below is a simplified representation of the different functional parts behind mETH. ![image](https://hackmd.io/_uploads/rkcC1E5gA.png) Source: [Mantle documentation](https://docs.mantle.xyz/meth/components/architecture) ### 1.2.3 Key Components **Staking contract** The main contract of the protocol, and the only one with which users ever have to interact. It supports staking (deposits) and withdrawal requests from users (burning of mETH tokens), and also keeps track of the total amount of ETH deposited and accrued rewards. **Offchain services** A total of 4 offchain services are enabling the mETH architecture: the TVL consensus *Oracle*, the *Initiator*, the *Allocator*, and the *Guardian*. Of those, only the *Guardian* has a passive role and is not required for the mETH system to operate nominally, since its task is to pause the system if an unexpected state is detected. For more details about those offchain services, please refer to section [4.2.1 Dependencies](#421-Dependencies). **Return aggregator** Receives all staking rewards from the execution and consensus layer, as well as the staking principal of a validator (32 ETH) in case of validator exits. Uses the *Oracle* to split the rewards between users and the protocol. # Section 2: Performance Analysis This section evaluates mETH from a quantitative perspective. It analyzes token usage and competitive metrics and addresses any subsidized economic activity. This section is divided into three sub-sections: * 2.1: Usage Metrics * 2.2: Competitive Analysis Metrics * 2.3: Subsidization of Economic Activity ## 2.1 Usage Metrics ### 2.1.1 Total Value Locked (TVL) The total supply is currently limited by the protocol to 600,000 mETH. DefiLlama tracks ETH TVL in Mantle mETH over time: <iframe width="640px" height="360px" src="https://defillama.com/chart/protocol/mantle-staked-eth?denomination=ETH&theme=light" title="DefiLlama" frameborder="0"></iframe> The chart provided below displays the Total Value Locked (TVL) for the Mantle ETH Staking protocol over the past 90 days denominated in USD. ![image](https://hackmd.io/_uploads/SyUllVce0.png) Source: [Defi Llama](https://defillama.com/yields/pool/b9f2f00a-ba96-4589-a171-dde979a23d87) | Time | Growth | | --- | --- | | 7 day | 0.68% | | 30 day | 10.77% | | 90 day | 31.28% | This early surge in TVL aligns with the strategic distribution of mETH and the incentivization offered by the additional yields from the Mantle treasury. The TVL stabilization, despite a decrease in the broader crypto market, suggests a sustained confidence in the protocol, likely influenced by Mantle LSP’s performance and its competitive yield offerings compared to other ETH staking protocols. ### 2.1.2 Transaction Volume Transaction volume shows onchain transfer value of mETH over the observed time period. ![image](https://hackmd.io/_uploads/SJL-xVqlC.png) Source: [Bitquery](https://ide.bitquery.io/mETH---Transfer-amount-and-count---90d) Transfer count shows the onchain daily transfers of mETH based on onchain data over the observed time period. ![image](https://hackmd.io/_uploads/SyvGxNce0.png) Source: [Bitquery](https://ide.bitquery.io/mETH---Transfer-amount-and-count---90d) | | Transfer Count | Transfer Volume - mETH | Transfer Volume - mETH | Avg Txs Size | | --- | --- | --- | --- | --- | | Average | 374.51 | 15,019.85 | $40,193,290 | $123,431 | | Max | 2418 | 17,1756.39 | $424,493,784 | $930,015 | | Min | 50 | 552.32 | $1,937,501 | $7,846 | ### 2.1.3 DEX Volume DEX volume shows the aggregate daily trade volume across all onchain venues over the observed time period. ![image](https://hackmd.io/_uploads/B1LXxVqeR.png) Source: [Bitquery](https://ide.bitquery.io/mETH-DEX-trading-volume---Ethereum) | | Trades | Trading Volume in $ | | --- | --- | --- | | Average | 78.42 | $991,796 | | Max (day) | 1344 | $10,174,479 | | Min (day) | 1 | $9 | ### 2.1.4 Average Transaction Size The average transaction size shows the daily average transfer size based on onchain data over the observed time period. ![image](https://hackmd.io/_uploads/BJVNgV9lR.png) Source: [Bitquery](https://ide.bitquery.io/mETH---Transfer-amount-and-count---90d) ### 2.1.5 Trading Volume to Market Capitalization Ratio Trading volume to market cap ratio shows the global daily trade volume divided by the daily mETH market cap to normalize trade volume to the size of the market. ![image](https://hackmd.io/_uploads/SkXSxN9x0.png) Source: [Defi Llama](https://defillama.com/protocol/mantle-staked-eth) and [CoinGecko](https://www.coingecko.com/en/coins/mantle-staked-ether/historical_data) ### 2.1.6 Active Addresses/Users Active addresses shows daily unique addresses that initiate a mETH transaction. ![image](https://hackmd.io/_uploads/SkfUg4ceC.png) Source: [Dune](https://dune.com/queries/3558104/5987663) Daily active addresses seems to be correlated with overall market activity, which is to be expected. ### 2.1.7 User Growth We measure user growth by observing daily unique addresses that are holders of mETH. ![image](https://hackmd.io/_uploads/SJKPgNql0.png) Source: [Dune](https://dune.com/queries/3558195/5987818) Users reached a peak of ~3500 unique holders at the end of January 2024, and then stabilized at around 3000. ## 2.2 Competitive Analysis Metrics ### 2.2.1 Market Share As of April 5, mETH has reached a peak dominance of 3.98% in the overall LSD market. Its dominance quickly grew since inception in December 2023 and has stabilized in the 3.75%-4% range in recent months. This ranks it #4 in LSDs by TVL, following stETH, rETH, and WBETH. ![image](https://hackmd.io/_uploads/HJiuxV5xC.png) Source: [Defi Llama](https://defillama.com/lsd) | Date: 3/22/2024 The chart below shows mETH's trend in market dominance over time. ![image](https://hackmd.io/_uploads/rJPKeN9gC.png) Source: [Defi Llama](https://defillama.com/lsd) ### 2.2.2 Inflows Share In the figure below, we compare the flows of 4 of the biggest LSDs by TVL against mETH (stETH, cbETH, rETH and WBETH). Notably, stETH appears in blue, and mETH appears in red. Since its inception, we can see that mETH had a comparatively high inflow — sometimes higher than the absolute volume of stETH — although not consistently higher than the average stETH inflow. This echoes the high growth rate of mETH, reaching almost 4% of the LSD market share over a 4 months period. ![image](https://hackmd.io/_uploads/BJl89lEcxA.png) Source: [DeFillama](https://defillama.com/lsd) ### 2.2.3 Protocol Staking Yield DeFillama indicates a mean APY of 6.84% since mETH inception. We can see that mETH started at around 4% — which is the expected yield for Ethereum staking — and then increased to around 7%. This is because of the "Double-Dose Drive" staking incentive that is funded by the Mantle Treasury. ![image](https://hackmd.io/_uploads/ByLieV5eA.png) Source: [DeFillama](https://defillama.com/yields/pool/b9f2f00a-ba96-4589-a171-dde979a23d87) The Compass Staking Yield Reference Index Ethereum (STYETH Index) measures the annualized daily staking yield obtained when staking on the Ethereum blockchain. Against this benchmark, we can observe the relative performance of mETH staking yield over time. ![image](https://hackmd.io/_uploads/H1m3gNqe0.png) Source: [DefiLlama](https://defillama.com/yields/pool/b9f2f00a-ba96-4589-a171-dde979a23d87) and [Compassft](https://www.compassft.com/indice/styeth/) ### 2.2.4 Slashing Rate To the best of our knowledge, no validator operated on behalf of Mantle has been slashed. ## 2.3 Subsidization of Economic Activity ### 2.3.1 Existence of an Incentive Program The mETH "Double-Dose drive" incentive is the principal way that Mantle uses to incentivize the use of mETH. We believe this incentive significantly contributed to the high growth rate of mETH over the last 4 months. Apart from that, Mantle LSP also indirectly benefits from two ecosystem wide incentive programs: the Mantle Grants Program and the Mantle EcoFund. **mETH Double-Dose drive** The [Mantle Double-dose drive](https://www.mantle.xyz/blog/announcements/meth-double-dose-drive) initiative rewards early adopters of mETH by doubling the staking yield to reach an average yield of 6.84%. This is achieved by topping-up the balance of ETH in the mETH staking contract using the *topUp* function with funds from the Mantle treasury. Starting December 22 2023, it is expected to last a minimum of 2 months (end April 1th 2024). **Mantle grants program** The [Mantle Grants Program](https://www.mantle.xyz/grants) aims at fostering the development of the Mantle ecosystem by allocating 25,000 MNT tokens to eligible projects that are "casual in nature". It is not centered uniquely on mETH and considers applications of various nature including but not limited to: social, art, prediction markets or on-chain games. Retrospective grant applications are accepted, and a minimum allocation of 10 grants per month is targeted. Applications can be made through an [online form](https://airtable.com/app11C8uDclyLyrmk/shrHZoXk9GpAWelTR). #### Mantle EcoFund The [Mantle EcoFund](https://www.mantle.xyz/ecofund) is a 200 million dollars capital pool that invests in technology partners and applications based on the Mantle ecosystem. Approved July 15th 2023 via the [MIP-24 proposal](https://snapshot.org/#/bitdao.eth/proposal/0x395e58727038c5a855977248a1dd6e07356674c11f0293eb4b0f68de4e73792f), it targets projects with the potential to onboard 1000+ daily active users on Mantle Network and that foster synergies with other applications in the ecosystem. Applications can be made using an [online form](https://airtable.com/app11C8uDclyLyrmk/shrHZoXk9GpAWelTR). A predefined set of target applications is provided, including but not limited to: - Sustainable Yield: ETH Staking-Sourced - Structured Product: Vault, ETF, Financial NFT - Lending: Liquidation and non-Liquidation types - DEX: AMM # Section 3: Market Risk This section addresses the ease of liquidation based on historical market conditions. It seeks to clarify (1) the Liquid Staking Basis & Volatility of mETH, and (2) the liquidity profile of the collateral. Market risk refers to the potential for financial losses resulting from adverse changes in market conditions. This section is divided into 2 sub-sections: - 3.1: Volatility Analysis - 3.2: Liquidity Analysis ## 3.1 Volatility Analysis ### 3.1.1 Liquid Staking Basis (LSB) Liquid Staking Basis compares the mETH market price to the fair value of underlying ETH in the system. The fair value is characterized by an increase in the internal mETH rate oracle over time. The mETH internal exchange rate is queried from the mETH consensus oracle and the market price is provided by DexGuru (Uniswap v3 pool). The chart below calculates the LSB at each timestep as: $$LSB= mEthPrice/(mEthRate*EthPrice)-1$$ ![image](https://hackmd.io/_uploads/BknTgV5xC.png) Source: Etherscan and [DexGuru](https://dex.guru/token/eth/0xd5f7838f5c461feff7fe49ea5ebaf7728bb0adfa) The absolute LSB shows the overall magnitude of the deviation without respect to positive or negative deviations. ![image](https://hackmd.io/_uploads/rkFCg4cgR.png) Source: Etherscan and [DexGuru](https://dex.guru/token/eth/0xd5f7838f5c461feff7fe49ea5ebaf7728bb0adfa) mETH has experienced increased deviation from its underlying ETH in the second half of March, which coincides with a few observations: 1. The Mantle "[Double Dose Drive](https://www.mantle.xyz/blog/announcements/meth-double-dose-drive)" expired on April 1, which had doubled yield to mETH holders for a 3 month period, 2. The ETH TVL in mETH plateaued in mid-March, with sizable withdrawals processed in early April, 3. A market reversal saw ETH retrace from its highs on March 13, and 4. The ETH staking validator queue began growing in mid-March to a 6-month high. <!-- ![mETH _ ETH - _Fair Price_ vs _Market Price_ - for past 90 days](https://hackmd.io/_uploads/rJPwU1n1A.png) Source: Etherscan and [CoinGecko](https://www.coingecko.com/en/coins/mantle-staked-ether/historical_data) ![image](https://hackmd.io/_uploads/SkoQ6x0Ap.png) Source: [coingecko.com](https://www.coingecko.com/en/coins/mantle-staked-ether) API --> ### 3.1.2 LSD Volatility Over the course of the last 60 days, the volatility of daily returns has been contained within a relatively narrow range, oscillating between -5% and +5%. A significant downturn was observed in January 2024. Conversely, March 2024 has been characterized by two distinct spikes in value. ![image](https://hackmd.io/_uploads/BygbWE5lA.png) Source: [DefiLlama](https://defillama.com/docs/api) | Standard Deviation (avg daily deviation) | 3.31% | | --- | --- | | **Annualized volatility** | **63.20%** | ### 3.1.3 Yield Volatility Yield volatility shows the variation in staking yield over time. Volatility may impact the desirability of the LSD. ![image](https://hackmd.io/_uploads/SkVQb49l0.png) Source: [Mantle documentation - mETH Stats](https://meth.mantle.xyz/stats/apy) | Standard Deviation (avg daily volatility) | 29.48% | | --- | --- | | **Annualized Volatility** | **563.20%**| ## 3.2 Liquidity Analysis ### 3.2.1 Supported DEXs and CEXs mETH DEX venues on mainnet are exclusively on Uniswap V3. The wstETH/mETH pool has been inactive since ~14-Feb-2024, making the WETH/mETH UniV3 pool the sole mainnet DEX venue. ![image](https://hackmd.io/_uploads/SJ7V-45xR.png) Source: [Messari](https://messari.io/project/mantle-staked-ether/markets) The token is also supported on decentralized exchanges on Mantle network: Agni Finance (more than $3m in 24h volume), Merchant Moe, FusionX. CEX availability is limited to Bybit with mETH/ETH and mETH/USDT trading pairs. ### 3.2.2 LSD Token Total On-chain Liquidity <!-- ==imo this is ok, but if you want I will create charts for liquidity TVL over time and liquidity APY for last 30 or 90 days. When we have our custom chart we can calculate liquidity growth over 7, 30 or more days, and we need liquidity data for each day because we need use "daily liquidity TVL" for liquidity uitilization rate (Liq Util Rate = On-chain Volume / Liquidity TVL)== --> mETH liquidity on Ethereum is concentrated on Uniswap, which earned the highest mETH [liquidity score](https://coinmarketcap.com/currencies/mantle-staked-ether/) across its trading venues per Coinmarketcap rankings. Uniswap V3 Token Liquidity on March 18: ~$15.6m TVL. This is not the TVL of the pool, rather it is a calculation of the available counterparty assets in the pool to find the value that can be swapped into. ![image](https://hackmd.io/_uploads/H18r-NqlR.png) Source: [Dex.guru](https://dex.guru/liquidity/token/eth/0xd5f7838f5c461feff7fe49ea5ebaf7728bb0adfa?amm=uniswap_v3&pool_address=0x04708077eca6bb527a5bbbd6358ffb043a9c1c14) By comparison, the [Uniswap ETH/mETH](https://etherscan.io/address/0x04708077eca6bb527a5bbbd6358ffb043a9c1c14) had a TVL of ~$33.75m. The mETH/WETH Uniswap V3 liquidity pool has maintained a stable TVL ranging from $28.9m to $42.5m since its creation. ![image](https://hackmd.io/_uploads/SkLU-N5xC.png) Source: [Defi Llama](https://defillama.com/yields/pool/05171ab2-0920-42fd-8cea-660548b9ea58) Over the past month, the average APY of the liquidity pool was 0.72%, with a range of 0.03% to 4.41%. ![image](https://hackmd.io/_uploads/ByGwbN5gA.png) Source: [Defi Llama](https://defillama.com/yields/pool/05171ab2-0920-42fd-8cea-660548b9ea58) The token is also available natively on [Mantle](https://explorer.mantle.xyz/token/0xcDA86A272531e8640cD7F1a92c01839911B90bb0?tab=token_transfers) with a max supply of [102,920.587 mETH](https://explorer.mantle.xyz/token/0xcDA86A272531e8640cD7F1a92c01839911B90bb0?tab=token_transfers). The most liquid pools are: - Agni Finance METH/WETH - Merchant Moe METH/WETH - FusionX v3 METH/WETH Note that, being an Optimistic Rollup, the withdrawal of funds from Mantle Network to Ethereum mainnet can take up to a week, inhibiting the availability of this liquidity for Ethereum-based applications. ### 3.2.3 Token Distribution The following observations can be made regarding the mETH token distribution: - The top 25 holders concentrate 96.40% of the total supply of mETH. - 35.7% of the supply is currently being restaked into [EigenLayer](https://app.eigenlayer.xyz/). - 20% of the supply is deposited on the Mantle Network L2. - The Mantle Treasury holds ~9% of the supply. ![image](https://hackmd.io/_uploads/SySOb45e0.png) Source: [Etherscan](https://etherscan.io/token/tokenholderchart/0xd5f7838f5c461feff7fe49ea5ebaf7728bb0adfa?range=25) ### 3.2.4 Liquidity Utilization Rate We observe the liquidity utilization of the UniV3 WETH/mETH pool, being the sole source of DEX liquidity. Liquidity utilization takes the daily pool volume divided by the daily pool TVL over the observed time period. ![image](https://hackmd.io/_uploads/S18KWNclR.png) Source: [Defi Llama](https://defillama.com/yields/pool/05171ab2-0920-42fd-8cea-660548b9ea58) and [Bitquery](https://ide.bitquery.io/mETH-DEX-trading-volume---Ethereum) ### 3.2.5 LSD Leverage Ratio <!-- ==@Marin: we need only provide info for Ethereum and looks that mETH isnt supported on Ethereum as collateral. But "Meth Lab" sounds reliable== --> mETH is only onboarded as collateral on the Mantle Network (not Ethereum). It is accepted as collateral on the following lending protocols: - [INIT Capital](https://app.init.capital/lend-borrow?collateral=0x5071c003bb45e49110a905c1915ebdd2383a89df&chain=5000) - 12,829.66 mETH deposited in total (close to the cap of 17,000 mETH) for estimated 7.26% APY. - [Lendle](https://app.lendle.xyz/marketdetail?asset=mETH&contract=0xcda86a272531e8640cd7f1a92c01839911b90bb0) - 80% Max LTV, low utilization rate (6.2%), 5.58K mETH supplied and 345.92 mETH borrowed. - [Meth Lab](https://www.methlab.xyz/meth-lab) - See for yourself. - [Timeswap](https://app.timeswap.io/#/markets) - USDT/mETH and WETH/mETH markets ![image](https://hackmd.io/_uploads/BJKc-N9eR.png) Source: [Timeswap](https://app.timeswap.io/#/markets) - [MYSO Finance](https://app.myso.finance/) - mETH/USDC and mETH/MINU markets ![image](https://hackmd.io/_uploads/Hk5sZN5gA.png) ![image](https://hackmd.io/_uploads/rJDhbN9gC.png) Source: [MYSO Finance](https://app.myso.finance/) - [Aurelius](https://app.aurelius.finance/markets/0x1388/meth) - CDP protocol with relatively low utilization rate, 65% max LTV, borrowed amounts are far less than provided liquidity. ![image](https://hackmd.io/_uploads/Sk56-Vqe0.png) Source: [Aurelius](https://app.aurelius.finance/markets/0x1388/meth) For holders of mETH, the avenues for generating yield primarily revolve around liquidity provision on DEXs and engagement with yield aggregators. Below are some of the key yield-generating venues observed for mETH: - [Uniswap V3 (Ethereum)](https://app.uniswap.org/add/0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2/0xd5f7838f5c461feff7fe49ea5ebaf7728bb0adfa/500?chain=mainnet): liquidity provision on WETH-METH (0.05%) - [Circuit Protocol (Mantle)](https://www.circuit.farm/#/): yield aggregator for mETH with $3.32m TVL on Lendle strategy and another $1.07m on Merchant Moe METH-WETH LP ![image](https://hackmd.io/_uploads/ryaC-EceA.png) Source: [Circuit](https://www.circuit.farm/#/) - [Stratum Exchange (Mantle)](https://app.stratumexchange.com/liquidity/0x2B54Ce089586dBd414682b2382E7e05bE547777c) - liquidity provision on METH-WETH (vAMM: volatile V2 pair 0.1%) ### 3.2.6 Slippage On a slippage snapshot taken on April 8, a swap of ~1448 mETH ($5.5m) produced a slippage around 1%. ![image](https://hackmd.io/_uploads/B13yGE5xC.png) Source: [Defi Llama - liquidity](https://defillama.com/liquidity) | Date: 4/8/2024 # Section 4: Technological Risk This section addresses the persistence of collateral properties from a technological perspective. It aims to convey (1) where technological risk arises that can change the fundamental properties of the collateral (e.g., unresolved audit issues) and (2) do any composability/dependency requirements present potential issues (e.g., is a reliable price feed oracle available?). This section is divided into three sub-sections: * 4.1: Smart Contract Risk * 4.2: Product and Layer Composability ## 4.1 Smart Contract Risk ### 4.1.1 Protocol Audits The Mantle mETH contracts were subjected to a total of 4 audits: - [Hexens](https://1633802790-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCmiq1MQrm4dWpxTw2pun%2Fuploads%2FG407rVeB9SxJVhM28PEC%2FMantle_SCs_Aug23(Public)(Liquid%20Staking%20Protocol).pdf?alt=media) (2023-08-25): 22 findings including 3 high risks and 6 medium risks. No critical findings. - [MixBytes](https://github.com/mixbytes/audits_public/blob/master/Mantle%20Network/Mantle%20Network%20METH%20Secuity%20Audit%20Report.pdf) (2023-10-30): 14 findings including 3 high risks and 4 medium risks. No critical findings. - [Secure3](https://github.com/Secure3Audit/Secure3Academy/blob/main/audit_reports/MantleLSDmntEth/Mantle-LSD-mntETH_final_Secure3_Audit_Report.pdf) (2023-10-12): 4 findings including 1 high and 1 medium risk. - [Verilog](https://1633802790-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCmiq1MQrm4dWpxTw2pun%2Fuploads%2FJgFbWoSYWVOJkwVeRceq%2FMantle_LSP_L2_Report.pdf?alt=media) (2023-11-21): 3 findings, none deemed as high or medium risk. The TVL consensus Oracle received 2 audits: - [Hexens](https://1633802790-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCmiq1MQrm4dWpxTw2pun%2Fuploads%2FMlIxHGCEPsOGBFdgxvrJ%2FMantle_Sep23(Public)%20(Oracle).pdf?alt=media) (2023-10-02): 8 findings including 3 high risks and 4 low risks. - [Secure3](https://github.com/Secure3Audit/Secure3Academy/blob/main/audit_reports/MantleLSDOracle/Mantle-LSD-Oracle-Service-Core_final_Secure3_Audit_Report.pdf) (2023-10-13): 9 findings including 4 medium and 5 low. The Mantle team either fixed important issues, or provided relevant justification for not considering the finding as a risk — something that often happened. This is indicative of both Mantle's engineering seriousness and commitment to a high quality codebase. In their interactions with auditors, the Mantle team often appeared to be proficient and proactive when it comes to the technical understanding of the system. ### 4.1.2 Concerning Audit Signs Here are some notable *high risk* findings: - **Front-running of the beacon chain deposit**. Initially reported as part of the [LiDo bug bounty program](https://research.lido.fi/t/mitigations-for-deposit-front-running-vulnerability/1239), this bug allows a malicious node operator to front-run beacon chain deposits by changing the withdrawal address. After the front-runned transaction goes through, they can exit the validator and steal the principal. Frax was also vulnerable to this threat. Mantle has opted to prevent such attack using the offchain *Initiator* service instead of onchain (to save gas). - **Lack of checks on the *exchange adjustment rate***. Originally used to account for the time ETH spends in the entry and exit queues, this rate can be set to have extreme values by the *STAKING_MANAGER_ROLE*, such that users would get 0 mETH in exchange for their ETH. ETH could also be stolen by front-running deposit transactions. The fix was to bound this parameter in a range that is acceptable. - **Invalid split between principal and rewards by the Oracle**. This bug was found in the TVL consensus *Oracle* offchain service, and can cause a full validator's balance to be counted as reward only when a validator exits. This stems from the fact that a validator's balance is only updated at the end of an epoch — during this update the state of the validator will be moved to *WithdrawalDone* if the new balance is 0. The issue was mitigated by taking into account that a withdrawn validator can have the *WithdrawalPossible* state until the end of the epoch. It must be noted that although the *critical* risk category exists within all auditor's risk frameworks, no critical risk was found by any auditor, except for one particular auditor for the reason that it lacked the intermediary *high risk* level. ### 4.1.3 Bug Bounty A maximum bounty of 500,000$ is available on [ImmuneFi](https://immunefi.com/bounty/mantlelsp/) since November 28 2023. Critical theats are rewarded with 10% of the funds at risk, with a minimum of 100,000$ to incentivize security researchers against withholding a critical bug report. During this program, [an issue impacting Lido contracts](https://github.com/lidofinance/lido-dao/issues/803?utm_source=immunefi) has been found to also impact Mantle mETH contracts. This medium severity threat can prevent users from withdrawing their funds by front-running their transactions. ### 4.1.4 Immutability **Pausing capability** All contracts can be paused thanks to the Pausing contract, which is called by other contracts before running state changing functions to check if the call should proceed or not. Multiple entities have the `PAUSER_ROLE`, including the Oracle contract and the different offchain services. Negative externalities are limited by several mechanisms: - Only the `UNPAUSER_ROLE`, assigned to the MantleSecurityCouncil and the MantleAdmin (see [5.1.2](https://hackmd.io/ZFDKcngQTlWhj3AA1AtYEg?both#512-Access-Control:~:text=snapshot.org.-,5.1.2%20Access%20Control,-The%20Mantle%20mETH)), may unpause contracts. - Individual aspects of the protocol can be paused separately (AllocateETH, InitiateValidators, Staking, Unstaking, and SubmitOracleRecords), hence maintaining usability for users. - A malicious Guardian service may only pause contracts temporarily until his role is removed by the MantleSecurityCouncil. **Upgradability** All contracts use the TransparentUpgradableProxy from OpenZeppelin, a production tested implementation of the [TransparentProxy](https://docs.openzeppelin.com/upgrades-plugins/1.x/proxies#upgrading-via-the-proxy-pattern) pattern. Only the MantleSecurityCouncil wallet, a [6/13 multisig](https://etherscan.io/address/0x4e59e778a0fb77fBb305637435C62FaeD9aED40f), can propose, execute or cancel smart contract upgrades. **Timelock** Smart contract upgrades are protected by a timelock that allows users time to exit the protocol before protocol updates are executed, or the Mantle team to cancel such upgrade if deemed malicious or not desired. This timelock is implemented using the TimelockController from OpenZeppelin and is located at address [0xc26016f1166bE7b6c5611AAB104122E0f6c2aCE2](https://etherscan.io/address/0xc26016f1166bE7b6c5611AAB104122E0f6c2aCE2). Although everything is in place for the timelock to work, the current delay is set to 0, meaning that an upgrade can be proposed and accepted in a single transaction. Allegedly, Mantle plans to activate the timelock by increasing this value once the protocol reaches maturity. **Off-chain Services** The code for the Initiator, the Allocator and the Guardian offchain services are not open-source. Although it is true that their capabilities are limited by the onchain permission system and the smart contract functions they can call, the Initiator must interact with node operators to request the creation of new validators and fund them, while the Allocator can request one or more validators to exit. Those are important responsibilities which warrant additional scrutiny. It also begs the question of the handling of validator keys, concerning whether they are solely held by node operators or additionally by Mantle. The Mantle team has declined to provide any technical details regarding those offchain services, how they interact with node operators, which information is shared with them, and how. We consider this hidden aspect of the architecture a security issue because if the validator keys were to fall into the wrong hands, one could put user funds at risk. According to the documentation, the Mantle team decided to keep the code private for security reasons. Without more information, we must consider worst case scenarios, which include the following: - An attacker could impersonate Mantle in its interaction with the node operators and either request the creation of new validators or exit existing ones. - The validator keys could leak and be used to validate in parallel of existing validators. This could lead to the slashing of all validators that are supporting the value of mETH. Depending on the state of the consensus layer, this could lead a loss of fund between 3.125% in the best case and 100% because of correlated slashing conditions. ### 4.1.5 Developer Activity The code for Mantle's LSD contracts is open sourced on [GitHub](https://github.com/mantle-lsp). Both the smart contract code and the Oracle offchain service code are made available. The contract repository has a total of 5 contributors, and a total of 19 commits since the 6th of October 2023. The last commit dates from the 27th of December 2023. Although this can be considered as a low level of activity, it is important to note that the mETH contracts are particularly simple and concise, which allows to reach a high level of maturity with minimal efforts from the engineering team. ![image](https://hackmd.io/_uploads/Hk9ZfVcgC.png) Source: [Github](https://github.com/mantle-lsp/contracts/graphs/contributors) The repository contains no issues but a total of 10 closed PRs (pull request). The use of PRs with separate branches enables peer review and allows to better track changes. This, in addition to a well documented repository, is indicative of mature development practices. We note that some, but not all commits, are signed using a GPG key — enforcing the use of GPG signatures can increase security and prevent attackers from injecting malicious code into the codebase. ### 4.1.6 SC Maturity Overall, audits found a limited amount of issues, with some being shared by other LSD protocols like the beacon chain deposit front-run by malicious node operators. Audit reports generally indicate a codebase that is ready for production. We conducted a quick manual review of [publicly available smart contracts](https://docs.mantle.xyz/meth/components/smart-contracts) and found serious development practices as well as an extensive inline code documentation. The simplicity of the mETH architecture helps to understand the behavior and edge-cases of the system, which further strengthen our confidence in the mETH codebase. However, although not smart contracts per se, it should be noted that the code for the Initiator, the Allocator and the Guardian offchain services are not open-source. Since all Mantle's smart contracts are verified on Etherscan, we used the tool [diffyscan](https://github.com/lidofinance/diffyscan) to compare the Etherscan source code with the one found in Mantle's [GitHub repository](https://github.com/mantle-lsp) and found a 100% match. This indicates that the code deployed onchain is the same as the one that is made open-source on Github. ### 4.1.7 Previous Incidents To the best of our knowledge, and according to our communications with the Mantle team, the mETH protocol has not suffered from any incident. ## 4.2 Product and Layer Composability ### 4.2.1 Dependencies Mantle mETH depends on a total of 4 offchain services. Only one of them, the TVL consensus Oracle, was subjected to publicly available audits from [Secure3](https://1633802790-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCmiq1MQrm4dWpxTw2pun%2Fuploads%2Fb5AJNmg1LvkJjL88oJCt%2FMantle-LSD-Oracle-Service-Core_final_Secure3_Audit_Report.pdf?alt=media) and [Hexens](https://1633802790-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCmiq1MQrm4dWpxTw2pun%2Fuploads%2FMlIxHGCEPsOGBFdgxvrJ%2FMantle_Sep23(Public)%20(Oracle).pdf?alt=media), whereas the code for the Initiator, the Allocator and the Guardian is not publicly available. However, Mantle claims in its documentation that the offchain services adhere to the following security contraints: - Minimum responsibility. Processing is done, as much as possible, onchain. - Stateless and recoverable. This prevents offchain services from reaching an *invalid* state due to infrastructure issues (e.g. power outage or data loss). - Onchain data only. There are no third-party dependencies. Only access to the Ethereum Network and its API is needed. **TVL consensus Oracle** Instead of computing and reporting only the exchange rate between mETH and ETH, the Mantle team opted for an Oracle design where multiple raw data points are reported. This allows the Oracle smart contract to perform various sanity checks — albeit at the cost of higher transaction fees for the Oracle client. If too large of a difference is found by the Oracle smart contract, a call is automatically made to the Pauser contract, which will pause all smart contracts supporting mETH. As an example, we provide one of the heuristics that the Mantle team is using as a sanity check: by expecting a 5% APY consensus yield, the expected ETH consensus reward is computed. The upper bound for the reported reward is calculated to be 10x the expected reward, while the lower bound corresponds to 0.1x this amount. Any reported reward that falls outside of this range would trigger the pausing system. The Oracle currently targets a report delay of 2400 blocks (~8 hours). More than 50% of whitelisted oracle clients must provide the same report for it to be valid (their hashes are compared), and a minimum of 3 Oracle clients must file a report for it to be accepted. Here are the currently deployed smart contracts related to the Oracle functionality: - The [OracleQuorumManager](https://etherscan.io/address/0x92e56d2146D54d5AEcB25CA36c89D027a6ea0D90) is responsible for managing the different whitelisted Oracle client EOA and to accept reports from them. If a report passes the requirements (quorum and >50% hash based equality), then the report is sent to the Oracle contract. - The [Oracle](https://etherscan.io/address/0x8735049F496727f824Cc0f2B174d826f5c408192) contract receives reports from the OracleQuorumManager, performs sanity checks, and potentially calls the Pauser contract if they fail. It only accepts reports from the OracleQuorumManager contract. - The [Pauser](https://etherscan.io/address/0x29Ab878aEd032e2e2c86FF4A9a9B05e3276cf1f8#code) contract can be called by multiple smart contracts, including the Oracle, in case of failed sanity checks. ![image](https://hackmd.io/_uploads/BJZQfEqlA.png) Source: etherscan.io [6 wallets](https://evm.storage/eth/19436828/0x92e56d2146d54d5aecb25ca36c89d027a6ea0d90/_roles#map) have the `SERVICE_ORACLE_REPORTER` role. All of them are actively reporting to the OracleQuorumManager contract, are EOA wallets, and according to their transaction records are solely dedicated to their task: - [0x7451399e9a3fe3d64976072a06a9d17713d5fef1](https://etherscan.io/address/0x7451399e9a3fe3d64976072a06a9d17713d5fef1) - [0x84aecd13c481885887e7974fe77a2f91b7179b17](https://etherscan.io/address/0x84aecd13c481885887e7974fe77a2f91b7179b17) - [0x9314c425b6839a596d15a5a9e4efa08dc5a9ef94](https://etherscan.io/address/0x9314c425b6839a596d15a5a9e4efa08dc5a9ef94) - [0x3cd026cbff7f9394c981a3ab96e2385532e09dd7](https://etherscan.io/address/0x3cd026cbff7f9394c981a3ab96e2385532e09dd7) - [0x6b4a2804248e7072bc659be5a84f52a776dfd602](https://etherscan.io/address/0x6b4a2804248e7072bc659be5a84f52a776dfd602) - [0x94ec704cf6184e7f389c11a5ad8f9c842d3328cd](https://etherscan.io/address/0x94ec704cf6184e7f389c11a5ad8f9c842d3328cd) It is interesting to note that, since the deployment of [EIP-4788](https://eips.ethereum.org/EIPS/eip-4788) in Dencun, this Oracle design could be made much simpler and secure. EIP-4788 includes the beacon chain block's root into execution blocks. Although reports from offchain services would still be required, a single cryptographic proof would be enough to verify the authenticity of a report. **Initiator** The Initiator monitors the state of the staking contract at each block to determine if new validators must be created or not. When deemed necessary, the service will call an HTTP API exposed by node operators to request the creation of one or more validators. During this call, the withdrawal address is specified by Mantle. Deposit credentials are verified both offchain by the Initiator service and onchain in the Staking contract. No information has been provided by Mantle regarding how this service authenticates with the node operators, or if and how the validator keys are exchanged between the two parties. **Allocator** The Allocator is responsible for moving ETH across the different smart contracts according to unstake requests and new Oracle reports. Consider that the Staking contract keeps track of 3 different pools of ETH; the pending staking pool containing ETH freshly deposited by users in exchange for mETH, the staking pool containing ETH ready to be allocated to new validators, and the unstaking pool containing ETH ready to be withdrawn by users through the burning of mETH receipt tokens. The Allocator proceeds as follow: - (1) Fulfill unstaking requests by moving ETH from the pending staking pool to the unstaking pool. - (2) If there is not enough ETH in the pending staking pool to fulfill all unstaking requests from users, then the Allocator will request node operators to exit one or more validators through the HTTP API they expose. - (3) If there is any ETH left in the pending staking pool after step (1), then this ETH is moved to the staking pool. Note that this process is such that, at the end of it, no ETH should remain in the pending staking pool. The smart contracts functions called by the Allocator force the flow of ETH in the cluster to be strictly uni-directional and cyclical, hence securing funds. **Guardian** The Guardian's purpose is to monitor the state of the mETH contracts and to pause the system as soon as an unexpected state is detected. Strictly speaking, the Guardian is not necessary for the system to function normally and securely, as the system already runs checks on itself automatically. Therefore, this service merely acts as a redundant security component of the system. ### 4.2.2 Withdrawals Processing Withdrawing is a two step process. First, a user must request to exchange some amount of mETH for ETH from the staking contract. The exchange rate for the withdrawing request is set at the time of this first action. Then, two conditions must be met: there must be enough ETH in the staking contract to fulfill the request, and the request must be marked as finalized. Requests are set as finalized when the next TVL consensus Oracle report is sent to the Oracle contract to update the exchange rate of mETH for ETH (every 8 hours or so). It follows that a user might wait *at most* 8 hours before effectively exchanging its mETH for ETH. This two step process is a security measure: it prevents a user from siphoning the staking contract through an unfair exchange rate that does not reflect the actual amount of ETH in the system. Indeed, large loss of ETH in the protocol can happen in case of a slashing event or security breach. In addition to this delayed withdrawal process, several measures are taken to pause the staking contract as soon as possible: - An Oracle report whose total amount of reported ETH deviates too much from the expected amount will trigger the pausing mechanism. This check happens at every report processing, that is, every 8 hours or so. - The Guardian offchain service will pause the system if it detects a slashing event. This check happens in real time (i.e. each time a new block is added to the chain). When the staking contract is paused for some reason, the Mantle team can manually cancel unstaking requests if their exchange rate is deemed unfair. Once the system is stabilized and safe, the Mantle team must manually unpause the staking contract to allow users to renew their withdrawal request. ### 4.2.3 Oracle Pricefeed Availability Both push-based oracles and pull-based oracles are available for mETH. There are important differences between these two types of oracles: - **Push-based oracles** consist of one or more offchain actors that are pushing their price onchain at regular intervals. The gas for those transactions is paid by them. Users can query the oracle contract at any time. The heartbeat refers to the interval which is often 24 hours or so. - **Pull-based oracles** are such that the price is *pulled* from offchain sources by the user when needed, and the price feed is updated onchain as part of their transaction. Cryptographic proofs are used so that the oracle contract can verify that the updated price is valid. In that case, the heartbeat refers to the update frequency of the offchain sources, and is much faster at around every few seconds or so. However, the onchain pricefeed is only updated when needed. It follows from those definitions — and is important to keep in mind — that the heartbeat of a push-based oracle can hardly be compared to that of a pull-based oracle. **Pyth** A [mETH/USD](https://pyth.network/price-feeds/crypto-meth-usd) price feed is available on [Pyth](https://pyth.network/), a pull-based Oracle. Pyth computes a value along with a confidence interval by aggregating multiple values and their respective confidence interval. The first step is to compute the value by assigning 3 votes to each data provider — one at their reported price, and for each -/+ bounds — and then to take the median of all votes. The second step computes the resulting confidence interval by considering the distance from the aggregate price to the 25th and 75th percentiles of the votes, then selecting the larger of the two as the aggregate confidence interval. This acts as an hybrid between the mean and the median. Shown below is a representation of the price aggregation mechanism. The resulting value and confidence interval are in blue. ![image](https://hackmd.io/_uploads/r1AEzV9g0.png) Source: [Pyth documentation](https://docs.pyth.network/price-feeds/how-pyth-works/price-aggregation). Pyth Network aggregates data using Pythnet, a specialized blockchain based on Solana technology, operated independently by Pyth's data providers. Their blockchain design ensures secure and accurate aggregation of price data from various sources into a single price feed that is updated multiple times per second. Owing to the high-frequency data deliveries, the users can access updated price data with minimal latency. **Supra** Two pull-based price feeds are available on [Supra](https://supra.com/data). It uses a decentralised Verifiable Random Function (VRF) as an anti-collusion approach and identifies clusters of coherent reported values from which an arithmetic mean is calculated. - [mETH/ETH](https://supra.com/data/catalog/details?instrumentName=meth_eth&providerName=supra), ~4 seconds heartbeat, premium feed with a minimum of 8 sources - [mETH/WETH](https://supra.com/data/catalog/details?instrumentName=meth_weth&providerName=supra), ~4 seconds heartbeat, feed under supervision with 3 to 5 sources **API3** Finally, [API3](https://market.api3.org/dapis) provides a push-based [mETH/ETH](https://market.api3.org/dapis/ethereum/mETH-ETH%20Exchange%20Rate) price feed that is directly sourced from reputable API providers. This price feed has a 0.25% deviation and a 24 hours heartbeat. It is self-funded, meaning that the Oracle service will work as long as there is gas remaining in the Oracle contract. Only the contract owner can query the deployed Oracle contract. # Section 5: Counterparty Risk This section addresses the persistence of mETH's properties from an ownership rights perspective (i.e., possession, use, transfer, exclusion, profiteering, control, legal claim). The reader should get a clear idea of (1) who can legitimately change properties of the collateral (e.g., minting additional units) and what their reputation is, (2) the extent to which changes can be implemented, and the effect on the collateral. This section is divided into four subsections: * 5.1: Governance * 5.2: Decentralization of the LSD * 5.3: Economic Performance * 5.4: Legal ## 5.1 Governance ### 5.1.1 Governance Scope As part of the Mantle ecosystem, mETH is governed by the Mantle DAO, powered by the MNT governance token. Possession of the MNT token allows to vote on governance proposals in a linear manner (1 token equals 1 vote). Proposals are first discussed on the [Mantle forum](https://forum.mantle.xyz/) and, if positive feedback is received, will be formally presented and subjected to a vote from the community through [snapshot.org](https://snapshot.org/#/bitdao.eth). ### 5.1.2 Access Control The Mantle mETH contracts are using a Role-Based Access Control pattern by defining a set of Roles and by assigning them to specific wallets. Roles are assigned and revoked by the MantleSecurityCouncil wallet, a [6/13 multisig wallet](https://etherscan.io/address/0x4e59e778a0fb77fBb305637435C62FaeD9aED40f). A detailed list of the different wallets, the roles they have, and the contracts they can interact with is available in the [Mantle LSD documentation](https://docs.mantle.xyz/meth/security/roles). After a careful analysis, we make the following observations: - The MantleSecurityCouncil wallet has the highest power, but is limited to rare events like contracts upgrades or a change of parameters. As a 6/13 multisig wallet, it is the most secured wallet. - The MantleLSPEngineering wallet is a 3/9 multisig that can execute actions like parameter updates or a topUp of the ETH balance. - The MantleAdmin is an hardware EOA that can update/delete pending oracle reports and topUp the ETH balance. It is a signer of the MantleSecurityCouncil that is used when response time is critical. - Each offchain service is assigned a specific role that limits its scope of action (e.g. `ALLOCATOR_SERVICE_ROLE` and `INITIATOR_SERVICE_ROLE`). Mantle indicates the use of hardware wallets to mitigate the fact that private keys are "online"; this includes technologies like cloudHSM and secure enclaves. - The Oracle client wallets all share the same `SERVICE_ORACLE_REPORTER` role. - The `PAUSER_ROLE` is assigned to many different wallets including the Guardian offchain service, but also the Oracle contract and the Staking contract. However, only the MantleSecurityCouncil and the MantleAdmin have the `UNPAUSE_ROLE` and can unpause the system. A particular observation caught our eyes: the ReturnAggregator contract has the `WITHDRAWER_ROLE` role, allowing it to withdraw funds from the ConsensusLayerReceiver and ExecutionLayerReceiver contracts. Although it brings flexibility to the system in case of contract upgrade or to mitigate an ongoing attack, the MantleSecurityCouncil could in theory reassign the `WITHDRAWER_ROLE` to another wallet, and trigger validator exits through the Allocator offchain service that it controls. The new wallet could then withdraw both the principal and the rewards from the ConsensusLayerReceiver and the ExecutionLayerReceiver contracts and steal the whole protocol's TVL. Although a high level of collusion would be needed by signers of the MantleSecurityCouncil 6/13 multisig to sign those malicious transactions, it is nonetheless a significant power and a trust assumption relevant to mETH holders. ### 5.1.3 Distribution of Governance Tokens A total of 6,219,316,768 MNT were minted without vesting schedules at the time of the merge between BitDAO and Mantle, and BIT tokens were made exchangeable for MNT tokens on a 1-1 basis. 51% were distributed through various means, including incentives to use Mantle products, technology partner grants, and equity for core contributor team and advisors. This distribution is an ongoing process that follows a strict governance process and is subject to a vote from the community. The remaining 49% of MNT tokens is kept within the Mantle Treasury. As of Saturday 9th of March, the MNT token has a market cap of $3,382,061,448. According to Etherscan, it controls a treasury that is mostly made of: - 21,047 ETH - 2,866,781,565 MNT - 47,344 mETH - 79,575,510 sUSDe - 4,737,271 USDC - 3,920,195 TUSD The treasury and its different allocations can be monitored using [tools developed](https://treasurymonitor.mantle.xyz/) by the Mantle team. The main treasury wallet is a 3/6 Safe multisig located at address [0x78605Df79524164911C144801f41e9811B7DB73D](https://etherscan.io/address/0x78605Df79524164911C144801f41e9811B7DB73D) whose owners are: - 0xf5b16239f88B54894e03e0293d3d7FDdEb9f9070 - 0x3Dc5FcB0Ad5835C6059112e51A75b57DBA668eB8 - 0xe75D7324d6BC4E70A200c5E268160332F43b2d2B - 0x3000BE80ad204D327990eB403654aCd1Eaa8eCeb - 0xc4143711aA5bd6d37F1b0A690120AA5859e32A93 - 0x915dc866e2e5E64f912A5ac1D40E3be4597F172a On top of being an ERC-20 governance token, MNT is also a utility token that is needed to use Mantle products. For instance, MNT tokens play the role of gas tokens on Mantle network, an L2 rollup, as well as collateral for their nodes. ### 5.1.4 Proposals Frequency To review the frequency of governance actions, we review the historical Snapshot votes. Analyzing the monthly proposal data shows an average of 0.94 over the course of 32 months. Peak activity was reached in April 2022 with a total of 4 proposals. ![image](https://hackmd.io/_uploads/ryP8MV5lR.png) Source: [snapshot.org](https://snapshot.org/#/bitdao.eth) ### 5.1.5 Participation **Forum engagement** The [Mantle forum](https://forum.mantle.xyz/) contains a total of 58 topics, which is relatively small. Archived topics indicate a Discussion that did not lead to a formal proposal on snapshot.org after a long discussion time. | Total | Archived | Discussion | Passed | | --- | -------- | ---------- | ------ | | 58 | 18 | 26 | 14 | We can see a large discrepancy in activity between topics — some topics being extremely active compared to the majority. This is demonstrated by a standard deviation that is notably higher than the mean for both the reply and view counts. Those extremely active topics often lead to a formal proposal that is accepted by the community, hence earning the status Passed. This is indicative of a high engagement from the community on topics that are deemed important. | | Count | Mean | Std | Min | 25% | 50% | 75% | Max | | --- | --- | ----- | ---- | ---- | ---- | --- | --- | --- | | Replies | 987 | 17 | 33.05 | 0 | 2.25 | 5.5 | 15.25 | 186 | | Views | 180631 | 3114 | 4518 | 40 | 420.05 | 1100 | 4050 | 19900 | **Snapshot voting** Snapshot votes are overwhelmingly "yes" votes, except for the [BIP-16 proposal](https://snapshot.org/#/bitdao.eth/proposal/0x2e055257a5d104a29dfa16edcd5d369632d8460ce952b9322bc63b362a465cf4) whose aim was to allocate more funds from the Mantle treasury towards decentralized stablecoins. This can be explained by a combination of two factors: the number of snapshot proposals, which is relatively small, and the fact that most proposals were extensively discussed on the [Mantle forum](https://forum.mantle.xyz/). ![image](https://hackmd.io/_uploads/rkaPfV9lA.png) Source: snapshot.org The net consensus score is defined as the ratio of "Yes" over the total count of votes expressed. The "Abstain" category, when present, is ignored from that total count. ## 5.2 Decentralization of the LSD ### 5.2.1 Number of Node Operators A total of 4 professional node operators are operating validators on behalf of Mantle. ### 5.2.2 Validators per Node Operator No information is publicly available regarding the number of validators per node operators, and Mantle has declined to provide us with this information. Because a specific node operator could centralize most of the stake behind mETH, we consider this a centralization risk. Mantle, likewise, does not yet publicly disclose the node client diversity of the node operators it contracts with. The Mantle team has shared us some internal information regarding client diversity, so we can confirm they do monitor this information and presumably take steps to ensure some level of diversity. Under the current global ETH staking client diversity landscape (as of Saturday 6th of January), Geth stands at 63% of the total stake. Although that is lower than the super-majority risk threshold that stands at >66%, it remains significantly higher than the majority risk threshold that stands at >33%. Consequently, depending on the usage of Geth by Mantle's node operators, mETH holders could suffer from correlated slashing conditions and lose up to a double digits percentage of their funds. ### 5.2.3 Validator Enter/Exit (Churn) ![image](https://hackmd.io/_uploads/B1pOGV5gR.png) Source: [Etherscan](https://etherscan.io/address/0xD4e11C28E04c0c2bf370b7a9989498B7eA02493f#beaconchain) According to the Mantle documentation, the Allocator service will automatically optimize the number of validator exits required by using ETH deposited into the Staking contract to fulfill withdrawal requests from users. This allows to reduce the number of validator exits required to fulfill withdrawal requests from users, hence increasing capital efficiency. ## 5.3 Economic Performance ### 5.3.1 Revenue We compute the total revenue by looking at the amounts received by the ReturnAggregator contract from the ConsensusLayerReceiver and the ExecutionLayerReceiver contracts. To filter out validator exits, we take the modulo 32 of each transaction amount. We obtain a total cumulative revenue of approximately 1750 ETH, which amounts to $6,037,500 as of the 25th of March 2024. ![image](https://hackmd.io/_uploads/Sy2KMVclR.png) Source: [etherscan.io](https://etherscan.io/advanced-filter?fadd=0xD6E4aA932147A3FE5311dA1b67D9e73da06F9cEf%2c0xD4e11C28E04c0c2bf370b7a9989498B7eA02493f&tadd=0x1766be66fBb0a1883d41B4cfB0a533c5249D3b82&ps=100&p=1) ### 5.3.2 Net Profit By considering that Mantle keeps 10% of the staking revenue, and that they use approximately 5% for paying node operators, we estimate the net profit received by the Mantle Treasury to be `0.05 x 1750 = 87.5 ETH`, or $301,875 as of the 25th of March 2024. The figures presented herein are to be considered estimations. While our computations align closely with data available in [Treasury Reports](https://treasurymonitor.mantle.xyz/), it is important to note that we encounter limitations in accurately quantifying the specific expenses associated with mETH. ## 5.4 Legal ### 5.4.1 Legal Structure In the [FAQ](https://docs.bitdao.io/additional-documents/faq) section of its previous website, BitDAO unveils the intricacies of its organizational fabric. There, it is articulated that BitDAO diverges from the traditional corporate archetype; it is not ensnared in the formalities of registration as a company. At its core, BitDAO was conceived not as a corporate entity but as a consortium of innovative builders and engaged stakeholders united by their holdings of $BIT tokens. The token holders wielded governance power and steered the direction of the organization. In a strategic maneuver, BitDAO embraced a fusion with Mantle, a move realized by the passage of [BIP21](https://discourse.bitdao.io/t/passed-bip-21-optimization-of-brand-token-and-tokenomics/5327). This union involved rebranding the combined entity as Mantle, with its digital presence anchored at https://www.mantle.xyz. This transformative phase, however, did not necessitate a seismic shift in structural foundations: > “Changes from BitDAO.io shall be a cosmetic rebrand only - all existing governance processes are preserved including proposals, budgeting, and treasury resource management" > >Source: BIP21 Despite the rebranding and optimization efforts, Mantle's [documentation](https://docs.mantle.xyz/) remains silent on the specifics of legal formations within the ecosystem. The governance forums offer no glimpse into deliberations over establishing DAO legal frameworks or specialized legal constructs. It can be inferred that Mantle has seamlessly inherited BitDAO's entity-less structure, continuing to navigate the digital frontier devoid of traditional legal structures. ### 5.4.2 Licenses The laws of Singapore are elected to preside over the access and utilization of http://mantle.xyz, along with its suite of services, functionalities, features, or content. With mETH emerging as a notable product offering, the spotlight turns to the legal intricacies of staking services under the existing statutes and regulations in Singapore. In a landmark move in July 2023, the Monetary Authority of Singapore (MAS) unveiled a pioneering set of measures, borne from public consultations. These proceedings mandate digital payment token service providers (DPTSPs) to safeguard customer assets within a trust, simultaneously imposing constraints on their abilities to lend and offer "staking" services for digital payment tokens. The MAS has articulated profound concerns regarding DPTSPs' roles in enabling the lending and staking of assets belonging to retail customers, pointing to the potential for significant consumer detriment arising from staking activities. This concern is coupled with an awareness of the inherent conflicts of interest that DPTSPs may harbor in facilitating such services. The MAS has set forth guidelines particularly aimed at DPTSPs. In this connection, we should explain what DPTSPs are. These are service providers that carry on a business of providing a digital payment token (“DPT”) service under the Payment Services Act 2019 (“PS Act”). Digital payment token is designated by the PS Act as any digital representation of value (other than an excluded digital representation of value) that: - (a) is expressed as a unit; - (b) is not denominated in any currency, and is not pegged by its issuer to any currency; - (c<span>) is, or is intended to be, a medium of exchange accepted by the public, or a section of the public, as payment for goods or services or for the discharge of a debt; - (d) can be transferred, stored or traded electronically; and - (e) satisfies such other characteristics as the Authority may prescribe. The scope of digital payment token services under the PS Act is expansive, including both the dealing in digital payment tokens and the facilitation of their exchange, except for certain services exempted by the Authority. A review of the MAS's public registry of financial institutions revealed that Mantle [does not hold a license](https://eservices.mas.gov.sg/fid/institution?sector=Payments&category=Major%20Payment%20Institution&activity=Digital%20Payment%20Token%20Service) for Digital Payment Token Service, nor is it listed in any of MAS's registries. ![image](https://hackmd.io/_uploads/Sk4oGVqx0.png) Source: [MAS](https://eservices.mas.gov.sg/fid) In practical terms, according to the existing protocol design, Mantle does not engage in the custody or acceptance of digital tokens/crypto assets. This would place Mantle beyond the purview of the PS Act and related MAS guidance. Additionally, the nature of non-custodial staking, where customers retain exclusive control over their private keys, generally does not necessitate licensing in various jurisdictions due to its customer-centric security model. This conclusion is drawn based on the current state of affairs and reflects the extent of our legal research capabilities as of the date of this report. However, the dynamic landscape of DeFi means that the adoption of alternative approaches, changes in system architecture, updates to protocol designs, modifications in smart contracts, or shifts in regulatory landscapes could potentially alter the legal interpretation of the business model and/or the tokens involved. It may be assumed that, following the decentralisation ethos, Mantle has never pursued licensing under the Singapore regulatory regime. Instead, the choice of law with regard to website governing terms has been made to use Singapore’s established, safe and transparent judicial framework. ### 5.4.3 Enforcement Actions In an exploration of publicly available data, we have not uncovered any specific instances of enforcement actions, legal proceedings, or other regulatory measures directed at Mantle by relevant authorities. ### 5.4.4 Sanctions Upon accessing or using http://mantle.xyz/, users are bound to a pledge against engaging in, promoting, or in any way facilitating illicit activities. These representations are coupled with warranties that users are in full compliance with sanctions laws—including the assurance that they are not designated individuals by the Office of Foreign Assets Control (OFAC). Should it be ascertained that a user has violated these representations or otherwise breached the terms governing the use of the platform, Mantle reserves the unequivocal right to restrict access to its services. Furthermore, the Site explicitly delineates geographical boundaries, notably excluding users from sanctioned jurisdictions, such as the Crimea region of Ukraine, Cuba, Iran, North Korea, and Syria. This prohibition extends to any individual or entity listed on the Specially Designated Nationals and Blocked Persons ("SDN") List maintained by OFAC, as well as to entities that are 50% or more owned, directly or indirectly, by one or more such designated individuals. ### 5.4.5 Liability Risk The Terms and Conditions ("T&C", the "Terms") outline the framework governing user interaction with the Mantle website, accessible at http://mantle.xyz (the "Site"), along with any services, functionalities, features, or content it provides. By agreeing to these terms, the User enters into a binding agreement with Mantle for their personal engagement with the Site. The Terms incorporate the user acknowledgment that the Site is only an interface for the community of users and developers interested in or contributing to the infrastructure, code and development of Mantle Network. Mantle operates beyond the confines of central control, embracing a decentralized ethos where decisions emerge from the collective wisdom of the community. Mantle clearly states its position regarding third-party interactions, expressly distancing itself from any liabilities tied to unauthorized access or misuse of User wallets, accounts, assets, or any sensitive information handled by external providers. A noteworthy aspect of these T&C is the specific mention of offerings to French clientele or interactions with the French market, aimed at preemptively addressing any regulatory assertions of required registration or licensing under French jurisdiction. > Mantle Network is a layer-2 blockchain incubated by a decentralized autonomous organization that is not registered nor licenced in France with the French Autorité des Marchés Financiers and does not carry out any digital asset services as per defined under Article L. 54–10–2 of the French Monetary and Financial Code on French territory and is more generally not regulated in France or with French authorities. Mantle Network does not (and does not purport to) promote or market services or solicit clients in France within the meaning of Articles L. 341–1 et seq. of the French Monetary and Financial Code. Mantle Network’s activities as part of the EthCC and related events are strictly limited to the presentation of technical matters relating to the functioning of its technology. This Agreement does not constitute financial advice nor a recommendation to buy or sell any product or service. The provision of the Site and its contents is strictly "As Is" and "As Available," highlighting a user-centric approach where individuals navigate the platform at their own discretion. This clause underlines various risks inherent to online engagement, such as privacy breaches, system disruptions, and malware threats. The disclaimer is comprehensive, unequivocally excluding warranties of quality, suitability, or uninterrupted access, while delineating the extent of Mantle’s accountability for any resultant losses or damages, regardless of their nature or forewarning, and caps potential liabilities at the lesser of total user fees for direct Site usage or 10,000 USD. Moreover, a force majeure clause provides Mantle with leeway against obligations during extraordinary events beyond reasonable control. In terms of legal recourse, these T&C designate Singapore as both the governing law and preferred jurisdiction for dispute resolution. Conflicts will be adjudicated through arbitration in Singapore, in alignment with the Singapore International Arbitration Centre’s rules, ensuring that any arbitration award is conclusive and enforceable in courts with proper authority. ### 5.4.6 Adverse Media Check Аdverse media checks concerning Mantle and mETH revealed no direct connections to issues such as money laundering, corruption, sanctions exposure, threat financing, or any other illicit activities. An open data search did not identify specific concerns related to Mantle/mETH in these areas. # Section 6: Risk Management This section will summarize the findings of the report by highlighting the most significant risk factors in each of the three risk categories: Market Risk, Technology Risk, and Counterparty Risk. ### 6.1.1 Market Risk **LIQUIDITY: Does the LSD have a liquid market that can facilitate liquidations in all foreseeable market events?** mETH has mainnet liquidity exclusively on Uniswap V3, with a TVL of approximately $15.6 million. On the CEX front, liquidity is more constrained, with Bybit being the primary venue, offering mETH/ETH and mETH/USDT trading pairs. The mETH market faces liquidity challenges due to a significant portion of the supply being restaked into EigenLayer, potentially hindering timely withdrawals during tense market situations. Additionally, the absence of an Ethereum-native leverage ratio and limited collateral exposure to lending protocols, confined to Mantle L2, further complicates the liquidity landscape. These factors collectively suggest that while there is liquidity for mETH, the market's ability to handle liquidations efficiently in all scenarios may be constrained by these structural and supply-side limitations. **VOLATILITY: Has the LSD had any significant depeg event?** mETH has experienced increased pressure on its peg since mid-March, possibly due to several converging factors involving ETH market behavior, the staking queue, and withdrawal demand following the conclusion of an mETH incentive program. The largest historical withdrawal was processed in early April, helping to restore the peg. It's important to note that a limited variety and depth of secondary markets may increase reliance on direct withdrawals from the protocol, and this may contribute to increased volatility expectations. ### 6.1.2 Technology Risk <!-- - A timelock is present but disabled - *WITHDRAWER_ROLE* can be reassigned by the *MantleSecurityWallet* -> funds could be stolen by Mantle signers if collusion happens - No information regarding how validator keys are shared with node operators -> slashing risk is keys are leaked - No information about validator split between node operators -> centralization risk - No information about node clients used by node operators -> client diversity risk --> **SMART CONTRACTS: Does the analysis of the audits and development activity suggest any cause for concern?** No critical risks have been flagged during the audits of mETH contracts and the TVL consensus Oracle, which underwent six audits in total. The codebase is simple and concise, with developer activity not standing out in terms of volume, thus making the system easier to audit and understand. Mantle's strategic decision to use an off-chain Initiator service for beacon chain deposit operations, aimed at saving gas costs, demonstrates a preference for efficiency. However, while mETH depends on four off-chain services for its operation, only the TVL consensus Oracle has undergone publicly available audits and has its codebase publicly available. **DEPENDENCIES: Does the analysis of dependencies (e.g., oracles) suggest any cause for concern?** mETH depends on four off-chain services for its operation. The unwillingness of the Mantle team to provide technical details about the Initiator, Allocator, and Guardian offchain services -- whose responsibilities are significant -- is cause for concern. Notably, security issues in this area could lead to slashing risks which would put users' funds at risk. There is, furthermore, minimal information about node clients used by node operators, which increases concerns about client diversity risk that may increase the severity of slashing events. Although several oracle providers have price feeds available for mETH, they are marginal providers and we can not attest to their resiliency and reputability for securing large amounts of value. Although it may be possible to use the Uniswap pool as an oracle source, single DEX pools do not represent broad market pricing for quality data and may be susceptible to risks such as liquidity and volume migration. ### 6.1.3 Counterparty Risk **CENTRALIZATION: Are there any significant centralization vectors that could rug users?** The technology components are, in general, managed by the Mantle team through a 6/13 multisig with a Timelock set to 0 on execution. There is a high degree of trust in the security practices and reliability of the team. <!-- - node operators are permissioned and not incentivized to behave - 1/3 of all mETH is deposited into EigenLayer - 1/5 is on Mantle Network --> Although the presence of a Timelock as an intermediate step to SC upgrades is a positive security feature, it is currently set with a 0 block delay. This means that smart contracts upgrades and role changes could be both proposed and enacted in a single transaction, which defeats the purpose of a Timelock all together. An even more concerning issue is the ability for the MantleSecurityCouncil 6/13 multisig to potentially reassign the `WITHDRAWAL_ROLE` to another wallet and trigger the exit of all validators, hence stealing all staked ETH that secure the value of mETH. A permissioned regime for node operators allows selection to be based on specific criteria or qualifications. However, a notable absence in this model is the lack of direct incentives for these operators to adhere to optimal behavioral standards. Detailed information about the number of validators managed by each node operator remains elusive. We are unable to verify if and how validation keys are shared between Mantle and node operators, creating concerns about validation key leakage. **LEGAL: Does the legal analysis of the Protocol suggest any cause for concern?** The assumption of an entity-less structure for Mantle, without concrete public records to confirm or refute this, introduces a significant degree of uncertainty regarding the protocol's accountability. Although Mantle has not secured a license in Singapore, the nature of its activities might not necessarily require one under current laws and regulations. While T&C specify that relations with users and any disputes are to be governed by the laws of Singapore, the absence of any mention of a legal entity entering into agreements under the Terms creates ambiguity about the enforceability of these provisions and the parties' legal rights and obligations. ### 6.1.4 Risk Rating Based on the risks identified for each category, the following chart summarizes a risk rating for mETH as collateral. The rating for each category is ranked from excellent, good, ok, and poor. - We rank mETH **ok in liquidity** for its reliance on a single onchain liquidity venue, paired with a highly liquid asset (WETH). It has maintained a consistent liquidity profile over its history, although this makes up a small portion of its overall market cap. - We rank mETH **ok in volatility** because limited access to secondary markets has and may continue to put additional pressure on direct withdrawals processing, which may increase the likelihood of peg performance issues. - We rank mETH **excellent in smart contracts** for prioritizing simplicity in the contracts architecture, demonstrating security-first practices with ample independent audits that also provide insight into the quality of the team's development ability, and maintaining a bug bounty program with ImmuneFi. - We rank mETH **poor in dependencies** for heavy reliance on offchain services managed by the core team and a lack of transparency surrounding the technology and management therein. There is no mETH pricefeed we are prepared to recommend at this time. - We rank mETH **poor in decentralization** because the team maintains a high degree of control that includes the ability to execute protocol upgrades without a timelock. There is a prevailing opacity surrounding trusted operations that, given the high degree of centralization, is cause for concern. - We rank mETH **poor in legal** primarily because of the opaque legal structure underpinning the protocol. This lack of clarity compromises the level of protection afforded to users, potentially affecting their confidence and security in engaging with the platform. <iframe src='https://flo.uri.sh/visualisation/14951150/embed' title='Interactive or visual content' class='flourish-embed-iframe' frameborder='0' scrolling='no' style='width:100%;height:600px;' sandbox='allow-same-origin allow-forms allow-scripts allow-downloads allow-popups allow-popups-to-escape-sandbox allow-top-navigation-by-user-activation'></iframe><div style='width:100%!;margin-top:4px!important;text-align:right!important;'><a class='flourish-credit' href='https://public.flourish.studio/visualisation/14951150/?utm_source=embed&utm_campaign=visualisation/14951150' target='_top' style='text-decoration:none!important'><img alt='Made with Flourish' src='https://public.flourish.studio/resources/made_with_flourish.svg' style='width:105px!important;height:16px!important;border:none!important;margin:0!important;'> </a></div> Although mETH has surged to the top 4 LSD position by market cap in a few short months, there are certainly challenges it faces in enhancing maturity before it can be considered a quality collateral asset. As with many early stage DeFi protocols, Mantle has entrusted many important operations to its core team as it aspires to transition toward a DAO structure governed by token holders. There are transparency concerns surrounding protocol operations that must be addressed before the protocol can be considered mature. Notable centralization and transparency concerns include: - `WITHDRAWER_ROLE` can be reassigned by the MantleSecurityWallet, allowing funds to be stolen by Mantle signers if collusion happens - A timelock on multisig execution is present but disabled - No information regarding if and how validator keys are shared with node operators, increasing the slashing risk if keys are leaked - No information about validator distribution between node operators, contributing to NO centralization risk - Minimal information about node clients used by node operators, contributing to client diversity risk Furthermore, the mETH secondary markets must mature before it can be considered a suitable collateral. There is a single onchain venue with the UniV3 WETH/mETH pool. The venue has maintained consistent depth and is paired with a highly liquid asset, but the reliance on a single venue may increase the risk of manipulation or risks associated with the exchange or the specific pool. Overall, we do not recommend mETH for collateral onboarding at this time. The protocol has exhibited impressive growth that certainly merits continued monitoring of developments in market maturity and a transition toward a decentralized and transparency-forward ethos. It may be appropriate to revisit mETH in 6 months time to revise our recommendation.