Try   HackMD

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

Introduction

This report is conducted by the Prisma independent risk and research team operated by Llama Risk as part of a series on LSD collateral risk assessments. In this report, we examine Lido's wrapped stETH (wstETH).

This report will comprehensively cover all relevant risk factors of wstETH for collateral onboarding. Our approach involves both quantitative and qualitative analysis to help determine whether the collateral can be safely onboarded and to what extent there should be restrictions on the protocol’s exposure to the collateral.

As Prisma will be onboarding a variety of LSDs as collateral, our review involves comparative analysis to determine suitability as collateral. Risks are categorized into:

  • Market Risk - risks related to market liquidity and volatility
  • Technology Risk - risks related to smart contracts, dependencies, and oracle price feeds
  • Counterparty Risk - risks related to governance, centralization vectors, and legal/regulatory considerations

These risk categories will be summarized in the final section of this report and are meant to assist tokenholders in their determination around wstETH onboarding and setting suitable parameters.

Section 1: Protocol Fundamentals

This section addresses the fundamentals of the proposed collateral. It is essential to convey (1) the value proposition of wstETH, and (2) the overall architecture of the Lido protocol. This section contains descriptive elements that cannot be quantified and serves as a descriptive introduction to the collateral.

This section is divided into 2 sub-sections:

  • 1.1: Description of the Protocol
  • 1.2: System Architecture

1.1 Description of the Protocol

Lido Finance, a platform launched in November 2020, enables users to gain staking rewards on the Ethereum beacon chain without locking up Ether or managing staking infrastructure. The platform's popularity skyrocketed after Ethereum's transition from proof-of-work to proof-of-stake in September 2022 and the subsequent activation of withdrawals with the Shanghai/Capella upgrade in April 2023. Today, Lido stands as the definitive market leader in the Liquid Staking Derivative (LSD) sector, commanding more than 75% of the market share.

Lido's system comprises two tokens, stETH and wstETH, which are tokenized receipts of an ETH staking deposit that account for staking rewards and penalties. stETH is a rebasing token meant to keep a 1:1 peg with ETH, while wstETH maintains a fixed quantity redeemable for more stETH over time. These tokens make Ethereum staking more versatile as they are readily liquid and composable with other DeFi protocols. This is powering the growth of Liquid Staking Derivatives Finance (LSDfi).

Key metrics (as of June 2023):

  • Staked tokens: 7.3m ETH (~$13.3b)
  • Number of stakers: over 340,000
  • Number of operators (mainnet): 30
  • Market share of ETH staked: 28%
  • Market share of LSDs: 76%

1.1.1 Underlying Collateral

wstETH is a permissionless ERC20 wrapper representing a user's proportionate share of the total supply of stETH tokens. stETH is redeemable for a corresponding balance of ETH held by the Lido staking contract. As ETH is supplied to the protocol, it is divided among node operators, who forward it to their designated validators.

While stETH employs a rebase mechanism to account for staking rewards and penalties, the balance of wstETH tokens remains constant with a variable exchange rate to stETH as staking activity produces gains or losses. The primary function of wstETH is to provide composability to DeFi protocols that are incompatible with rebasing tokens.

While the stETH value intends to maintain a 1:1 ratio with ETH, the wstETH value is intended to increase over time relative to the stETH rebase amounts. In practice, the wrapper contract converts stETH or ETH into wstETH upon deposit and burns wstETH to return the equivalent amount of stETH during withdrawal.

1.1.2 Yield Accrual Mechanism

The exchange rate for wstETH is reflected in the wrapper contract's stEthPerToken rate. Yield is also generally mirrored on the secondary market, for example, in the various Curve pools. wstETH currently trades at a premium of approximately 13% over stETH, which reflects the yield accrued since the inception of wstETH. The stETH token balance is adjusted daily (via a rebase token) to account for accumulated staking rewards, deducting any penalties (e.g. validator slashing).

wstETH/ETH chart

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

Source: coinmarketcap.com

Before the Shapella upgrade in April 2023, users couldn't redeem (withdraw) their stETH/wstETH back into ETH. This meant that the market price of these assets was based on the anticipated future value and the expectation of withdrawal capability being enabled. For instance, wstETH and stETH experienced a negative price impact due to the Terra collapse in May 2022. However, since Shapella, the wstETH/ETH rate has steadily increased, with only occasional slashing incidents and negligible variation due to pool balances.

1.1.3 Provider Fee

Lido levies a fee on net staking rewards (rewards minus penalties), which is subsequently divided between the node operators and Lido's treasury. The treasury funds are deployed (subject to DAO vote) toward various community initiatives, including grants and an insurance fund. The insurance fund currently stores 6,172 stETH and was created to cover losses due to a slashing event.

The DAO sets the fee and it is currently set at 10% with a 50:50 split between operators and the treasury (refer to getFeeDistribution for the current effective fee breakdown). This leaves 90% of the accumulated staking rewards for stETH holders, distributed through a daily rebase.

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

Source: TokenTerminal

1.1.4 Node Operator Set

The Lido Node Operator set currently consists of 30 professional staking service providers who are responsible for running and maintaining the validator nodes. These operators and their corresponding signing keys are stored in the NodeOperatorsRegistry.

Rated.network provides an overview of all node operators active in Lido and their individual performance history.

1.1.5 Validator Selection

Lido employs a permissioned process to onboard node operators (NOs) structured in waves to manage the expansion of its NO ecosystem and stake distribution. NOs are onboarded based on their reliability and operational longevity.

Each NO submits public validator keys along with associated signatures for future validators that they will manage. The keys are verified by DAO members and approved by DAO vote. The protocol will then distribute ETH deposits in 32 ETH chunks across all NOs, starting with the first unused signing key from an NO's useable set.

1.1.6 Validator Collateralization

NOs participating in the protocol are not required to deposit any collateral, but they can be penalized for failing to properly manage their validators.

As described in the Validator Exit Policy, a slashing event or balance below the EJECTION_BALANCE of 16 ETH will result in a forced exit. An NO not processing validator exit requests in a timely manner will automatically be excluded from new stake deposits and have their rewards cut in half.

In case of unacceptable delinquency, the DAO may vote to set fees to zero, at which point the NO would be considered off-boarded. The ETH in a validator may become irretrievable, for example, if the NO has lost the private keys.

1.1.7 Governance Model

Lido is a Decentralized Autonomous Organization (DAO) that utilizes the Lido DAO token (LDO) to make binding decisions on upgrades to contracts, changes to system parameters, and the use of treasury funds. Critical system upgrades are done through Aragon DAO vote and, for convenience, a smaller sub-set of recurring vote types are done through an optimistic "Easy Track" motion.

Lido has an established governance process that begins with a forum proposal stage where proposals are initially published for community feedback. Proposals go through a phase of improvements and objections, typically lasting about a week before they are brought to a Snapshot vote and finally to an on-chain DAO vote.

1.2 System Architecture

1.2.1 Network Architecture Overview

Lido's transitioned to protocol V2 due to the Ethereum upgrade in April 2023 that allowed ETH staking withdrawals. Governance underwent a successful Snapshot vote in March 2023 and a DAO vote in May 2023. Presently, the Lido protocol on Ethereum's mainnet supports a curated set of 30 Node Operators (NOs). These NOs undergo a comprehensive evaluation by the
Lido Node Operator Sub-Governance Group (LNOSG) before being proposed for DAO approval. Approved NOs generate public signing keys for inclusion into the NodeOperatorRegistry, a smart contract managing node operators.

Lido V2 introduces the Staking Router, transitioning from a single to a modular operator registry. This allows for increased validator set diversity, incorporating various staker types without altering the core protocol.

The Staking Router focuses on modularity, potentially extending Node Operator onboarding to various interest groups, such as:

  • DVT-enabled validators: Distributed Validator Technology (DVT) Enhances decentralization by distributing validators across multiple clients and geographies.
  • Community Module: Allows permissionless node operators to stake with a dynamic collateralization requirement based on the NO's reputation.
  • Off-Chain or L2 Module: Cuts gas costs by storing validator keys off-chain or on Layer 2 solutions.
  • Solo Stakers and DAO Modules: Encourages a wide array of staking options and enhances DAO treasury management.

1.2.2 Architecture Diagram

Lido V2 system architecture

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

Source: Lido Blog

StakingRouter Deposit Flow

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

Source: Lido Blog

1.2.3 Key Components

  • Staking Router: The Staking Router is the core of Lido, managing staking modules for stake distribution and NO operation. Its modular design allows for a diverse range of NOs, thus improving security. Moreover, it supports flexible, cost-effective solutions by enabling key storage on Layer-2 or off-chain.
  • Deposit Security Module: The Deposit Security Committee oversees Beacon chain deposits. It can pause deposits when malicious activity is identified, enhancing security. Signatures from two-thirds of the committee members are required for a deposit, but a single member can halt deposits. This is to mitigate the possibility of committee members colluding with NOs by signing data with malicious pre-deposits.
  • Curated Node Operator Registry: The DAO selects NOs, who are essential validators on the Beacon chain. Their addresses are recorded in the NodeOperatorsRegistry contract. They must generate unique validation keys, and Ether deposits are divided and allocated among all active operators.
  • Withdrawals Vault: The withdrawal process uses a FIFO scheme to process stETH withdrawals. It operates under either Turbo mode (during normal operation) or Bunker mode (during significant network disruptions). Turbo mode hastens withdrawal requests using all available ETH, while Bunker mode enforces a temporary pause on withdrawals during severe disruptions.

Section 2: Performance Analysis

This section evaluates wstETH from a quantitative perspective. It analyzes token usage and competitive metrics, and addresses any subsidized economic activity.

This section is divided into 3 sub-sections:

  • 2.1: Usage Metrics
  • 2.2: Competitive Analysis Metrics
  • 2.3: Subsidization of Economic Activity

2.1 Usage Metrics

2.1.1 Total Value Locked (TVL)

Lido has 7,424,342 ETH in TVL worth ~$13.9 billion as of June 2023. 30.3489% of the total stETH supply is wrapped as wstETH.

Source: DefiLlama

2.1.2 Transaction Volume

stETH daily average tx volume for the last 30 days - $297,092,195

Day with lowest tx volume - $79,616,846

Day with highest tx volume - $631,950,680


Source: IntoTheBlock

wstETH daily average tx volume for the last 30 days - $281,964,708

Day with lowest tx volume - $13,722,538

Day with highest tx volume - $2,354,280,390


Source: IntoTheBlock

2.1.3 DEX Trading Volume

Daily stETH Trading Volume (30d avg) - $17,392,371

Daily wstETH Trading Volume (30d avg) - $20,749,141

Most trading takes place on Uniswap, Maverick, Curve, and Balancer. The trading volume across DEXs is shown below:


Source: Dune Analytics

2.1.4 Average Transaction or Trading Size

wstETH has a 7-day average tx size of $340,192.


Source: IntoTheBlock

2.1.5 Trading Volume to Market Capitalization Ratio

stETH Trading Volume / Market Capitalization 30-day exponential moving average since the merge is currently 0.14%. The following chart shows data since the merge in September 2022:

Source: Coingecko Historical Data

2.1.6 LSD Token Velocity

The chart below shows the daily velocity (on-chain txs volume/market cap) expressed in percentages for the last 30 days.


(source: IntoTheBlock and Coingecko data)

2.1.7 Active Addresses/Users

In the last 60 days, 1,005.8 active addresses interacted with the stETH LSD token on average. The day with the lowest activity had 573 interactions, while the day with the highest activity had 1,555 interactions with the Lido ETH LSD token.

According to data from DappRadar, in the last 24 hours, 351 Unique Active Wallets (UAW) had interacted with Lido on Ethereum and made 386 transactions with the protocol's smart contracts.

Last week ~2,850 UAW (3,450 txs)

Last Month ~10,310 UAW (14,240 txs)


Source: DappRadar

2.1.8 User Growth

At the time of the merge in September 15, 2022, weekly and monthly user stood at 2,010 and 7,317. Most recent data from Token Terminal shows 2,760 weekly and 11,827 monthly users.

User growth since the merge has increased 37.3% for weekly users and 61.6% for monthly users.


Source:(https://tokenterminal.com/terminal/projects/lido-finance)

2.1.9 Integration with Other Protocols

A general overview of the stETH distribution across various contracts is shown below:


Source: Etherscan data

stETH integrations by percent of token supply (June 21, 2023):

  • Aave aSTETH: 12.13%
  • Curve stETH/ETH pool: 3.19%
  • Lybra eUSD: 1.3%
  • Nexus Mutual Capital Pool: .44%
  • Curve stETH-ng pool: .35%
  • Alchemix stETH strategy: .35%
  • Unslashed Finance vault: .24%

Source: Etherscan stETH tokenholder balances

wstETH integrations by percent of token supply (June 21, 2023):

  • MakerDAO wstETH-B vault: 24.46% (7.52% of stETH)
  • MakerDAO wstETH-A vault: 19.89% (6.17% of stETH)
  • AaveV3 aWSTETH: 15.11% (4.68% of stETH)
  • Arbitrum Token Gateway: 3.29% (1.02% of stETH)
  • Balancer wstETH/ETH pool: 2.25% (.7% of stETH)
  • Optimism Token Bridge: 2.06% (.64% of stETH)

Source: Etherscan wstETH tokenholder balances

Below is shown the stETH token balances over time by protocol type:

Source: Nansen

2.2 Competitive Analysis Metrics

2.2.1 Market Share

Lido stETH currently makes up a 74.33% share of the Liquid Staking Derivative sector (source: DefiLlama)


Source: DefiLlama

Since the merge, stETH has maintained a market dominance of over 70%. More recently, it has been increasing its dominance as cbETH growth has stagnated since April.


Source: DefiLlama

2.2.2 Trading Volume Share in Total LSD Trading Volume

stETH and wstETH are the most liquid ETH LSDs with the largest daily trading volume. The Dex.guru dashboard below shows the superiority of Lido ETH LSDs compared to competitors:


Source: Dex.guru

Daily ETH LSDs (top 8) Trading Volume (30d avg) - $56,312,429

Daily stETH Trading Volume (30d avg) - $17,392,371

Daily wstETH Trading Volume (30d avg) - $20,749,141

stETH avg daily volume(30d) is 30% of the total daily volume of the LSD sector and wstETH makes 36% across all chains. Altogether, Lido accounts for 66% of average LSD trading volume(30d).

2.2.3 Protocol Staking Yield

Lido protocol staking APR consists of ~70% consensus layer rewards and ~30% rewards from the execution layer (on 24.06.2023). It should be taken into account that the execution layer rewards vary significantly on a daily basis because they depend on the performance of the validator at the application layer (MEV solution, traffic volume).


Source: Dune Analytics

Of total protocol staking APR, 0.05% comes from compounding rewards.

Lido quotes its staking APR as a 7-day simple moving average. It is currently 3.81%. The staking yield trend over time is shown below:


Source: Dune Analytics

According to DefiLlama, the current APR of stETH vs. competitors is:

  • stETH: 3.8%
  • cbETH: 3.03%
  • rETH: 3.11%
  • sfrxETH: 5.11%
  • BETH: 3.97%

2.2.4 Slashing Rate

Lido has experienced more lifetime slashing events than its competitors, although it commands the vast majority of LSD's market share and has a longer history than most competitors. Its losses as a percent of total consensus rewards earned are lower than most competitors.


Source: Rated.network

2.3 Subsidization of Economic Activity

2.3.1 Existence of an Incentive Program

Lido incentivizes stETH liquidity with several strategies that are managed by the reWARDS committee, formed in December '21 and managed by a 4-of-6 multisig whose members are disclosed here. The initial program included LDO incentives for the Curve stETH/ETH pool, SushiSwap wstETH/DAI pool, Balancer wstETH/WETH pool, and 1inch wstETH/DAI pool, as well as several pools on Solana.

Lido later expanded cross-chain rewards to Optimism and Arbitrum in September '22. In May '23, The LDO reWARDS program has been deprecated by a governance decision in favor of incentives paid in stETH with a quarterly budget of 2,100 stETH. This updated reWARDS program has been authorized through EOY 2023.

2.3.2 Size of the Incentive Program in USD

This Dune dash accounts for LDO incentives toward various liquidity venues over time.

According to data from Token Terminal analytics platform, Lido protocol (DAO) has spent over $43 million worth of cumulative token incentives:


(source: Token Terminal)

Token incentive costs were $2,233,180 on July 4, 2022, and by June 19, 2023 they had grown to $45,693,008. This significant expenditure on token incentives over just under a year demonstrates the platform's strategy of aggressively incentivizing its users and promoting growth. The incentives cost calculation is based on the value of Lido's native token (LDO).

However, the rate of LDO incentives has tapered off over time in favor of a strategy involving stETH revenue earned to the Lido treasury. While the stETH incentives have been approved with a quarterly budget of 2,100 stETH through EOY 2023, the allocation of these incentives has not yet begun. Management of stETH incentives will be done by the Lido reWARDS committee 4-of-8 multisig.

Section 3: Market Risk

This section addresses the ease of liquidation based on historical market conditions. It seeks to clarify (1) the Liquid Staking Basis & Volatility of stETH, and (2) the liquidity profile of the collateral. Market risk refers to the potential for financial losses resulting from adverse changes in market conditions.

This section is divided into 2 sub-sections:

  • 3.1: Volatility Analysis
  • 3.2: Liquidity Analysis

3.1 Liquid Staking Basis & Volatility Analysis

Note: The "Liquid Staking Basis & Volatility Analysis" section is based on data provided by the CoinGecko Terminal API. The data was obtained from the Curve stETH/ETH pool on Ethereum, representing around 90% of on-chain liquidity on Ethereum. We used OHLCV (Open, High, Low, Close, Volume) daily data for the analysis.

3.1.1 Liquid Staking Basis (LSB)

The LSB (Liquid Staking Basis) represents the price difference between stETH (liquid staking token) and its underlying asset, ETH. It measures the deviation of the stETH price from the ETH price.

The LSB values range from negative to positive, indicating periods when stETH traded at a discount or premium relative to ETH. Positive LSB values suggest that stETH traded at a premium compared to ETH, while negative LSB values indicate a discount. As seen from the chart, stETH generally trades at a discount relative to ETH with a mean of -0.05% discount, a minimum 3.06% discount, and a maximum of 2.55% Premium across the observed time period. Interestingly, since the Shabella upgrade (12.04.2023), the divergence between stETH and ETH prices has become narrower.

Absolute Liquid Staking Basis (LSB_abs)

The LSB_abs represents the absolute value of the LSB, indicating the magnitude of the price difference between stETH and ETH without considering the direction (premium or discount).

The LSB_abs values represent the magnitude of the basis and indicate the extent of the price difference between stETH and ETH. The magnitude of divergence from stETH to the underlying asset ETH ranges from nearly on par to a maximum divergence of 3.06%.

3.1.2 LSD Volatility

stETH and ETH have exhibited different levels of volatility over various time frames. stETH has shown a moderate level of volatility, with a measure of approximately 0.0275, indicating notable price fluctuations. ETH has demonstrated slightly lower volatility compared to stETH (0.0265). This trend holds overall except for the 30 days volatility measure.

When analyzing the past 90 days, stETH and ETH experienced slightly higher volatility, with stETH reaching around 0.0289 and ETH at approximately 0.0277. This indicates a slightly higher than average volatility during this time period. During the 60-day period, stETH maintained a similar volatility level of around 0.0271, while ETH exhibited slightly lower volatility of approximately 0.0253. In the most recent 30-day period, stETH and ETH demonstrated relatively lower volatility, with stETH at around 0.0214 and ETH at approximately 0.0216, suggesting smaller price fluctuations and relatively stable price movements.

Overall, there have been varying levels of volatility for stETH and ETH over different time frames, with a slight increase in volatility in recent months but relatively lower volatility in the most recent 30-day period. ETH is generally less volatile than stETH.

3.1.3 Yield Volatility

Lido protocol ETH LSD staking rewards consist of two parts (like for any other LSD protocol):

  1. Rewards from Consensus Layer (Block Proposal Reward, Attestation Reward, Sync Committee reward) - consensus layer rewards decrease as more validators join and increase if more validators exit. The consensus layer rewards stay the same regardless of network traffic volume, so they are quite stable.
  2. Rewards from Execution Layer (Txs priority tips and MEV tips) - execution layer rewards have high fluctuations because they are based on Ethereum network traffic volume. For example, when Ethereum network traffic increases, users pay higher priority tips and there is more opportunity for MEV executions.


Source: Dune Analytics

The ETH_STORE "Transparent Ethereum Staking Reward Reference Rate" shows the volatility of staking APR related to total staking rewards. Staking rewards vary on a daily basis for realized aggregated execution layer rewards, which is a much smaller variation compared to the aggregated APR rate. Deviations in the staking APR rate are also affected by changes in the amount of deposited or withdrawn ETH.


Source: Ethermine

3.2 Liquidity Analysis

3.2.1 Supported DEXs and CEXs

stETH liquidity is concentrated on DEXs:


Source: Nansen

For DEX trading venues, stETH is supported on Curve, Uniswap, 1inch, and DFX Finance. stETH is supported on numerous CEXs: Swissborg, Bybit, Nexo, MEXC, Binance, Huobi, Bitget, Coinbase, HitBTC, Gate.io, Kraken, Kucoin, Bitpanda, and Crypto.com.


Source: Nansen

wstETH is almost exclusively tradeable on DEXs:


Source: Nansen

wstETH is supported on all leading DEXes: Curve, Balancer, Uniswap, SushiSwap, PancakeSwap, KyberSwap, Bancor, and dForce. The only CEX that supports wstETH is Coinbase (around 830 wstETH).


Source: Nansen

3.2.2 LSD Token Total On-chain Liquidity

Five stETH/wstETH pools with the deepest liquidity on Ethereum are on Curve and Balancer (and have the highest CoinMarketCap "Liquidity Score"):

  1. Curve.fi ETH/stETH - ~$919.6m TVL (high deviation at the time of report)
  2. Balancer wstETH/WETH - ~$100.37m TVL
  3. Curve.fi Factory Pool: stETH-ng (ETH/stETH) - ~$72.84m TVL
  4. Curve.fi Factory Plain Pool: stETH concentrated (stETH/ETH) - ~$30.35m TVL
  5. Curve.fi Factory Plain Pool: stETH/frxETH - ~$10.28m TVL

stETH Total DEX Liquidity- $507,202,572 liquidity TVL

According to Dex.guru, stETH liquidity is almost 100% concentrated in Curve, especially the stETH/ETH liquidity pool with almost $1b TVL (at the time of writing $919.60m).


Source: Dex.guru

wstETH Total DEX Liquidity- $102,332,910 liquidity TVL

wstETH primarily has liquidity on Balancer (89%) and Uniswap V3 (8%). As wstETH makes up ~30% of stETH, this puts about 15% of all stETH liquidity on Balancer, 1.3% on Uniswap, and 83.7% on Curve.


Source: Dex.guru

Bridge Liquidity

stETH is only liquid on Ethereum (over 99.99%), while wstETH has liquidity on layer2 and sidechains.


Source:DexGuru

wstETH has significant liquidity on 4 chains and 11 liquidity pools. Only addressing EVM chains, cross-chain wstETH is available on:

Arbitrum

wstETH total supply on Arbitrum - 65,392

Most liquid DEXs and wstETH pools on Arbitrum:

  1. Balancer wstETH-WETH Stable Pool - $8,868,414 liquidity TVL
  2. Curve wstETH/ETH - $7,358,947 Liquidity TVL
  3. Camelot_v2 wstETH/WETH - $4,681,716 Liquidity TVL
  4. Uniswapv3 wstETH/WETH - $833,394 Liquidity TVL

Optimism

wstETH total supply on Optimism - 41,601

Most liquid DEXs and wstETH pools:

  1. Velodrome wstETH/WETH - $10,942,069 TVL
  2. Curve wstETH/ETH - $16,328,512 TVL
  3. UniswapV3 wstETH/USDC - $3,155,126 TVL

Polygon

wstETH total supply on Polygon - 5,420 wstETH

Most liquid DEXs and wstETH pools:

  1. Kyberswap wstETH/WETH - $703,324 TVL
  2. KyberSwap wstETH/FBX - $694,861 TVL
  3. KyberSwap wstETH/stMATIC​ - $218,380 TVL

Gnosis

wstETH total supply on Gnosis Chain - 1,294 wstETH

Most liquid DEXs and wstETH pools:

  1. SushiSwap wstETH/ETH - $545,400 TVL

stETH on Ethereum bridges

Source: Dune Analytics

3.2.3 Liquidity Utilization Rate

The stETH liquidity utilization rate has reached max daily levels as high as 17.55% and 10.91%. The daily utilization rate for 30 day period ranges from 0.32% (min) and 17.55% (max)


Source: DexGuru

3.2.4 LSD Leverage Ratio

Protocol/Vaults Supplied Borrowed Max Loan-To-Value
Aave v2 - stETH $1,760,000,000 Maybe - Morpho supply 72%
Maker wstETH-B $1,150,000,000 $260,500,000 54.05%
Maker wstETH-A $856,590,000 $201,610,000 62.5%
Aave v3 - wstETH $676,000,000 $6,631,739 69% (e-Mode 90%)
Morpho Aave - wstETH $312,750,000 0 72%
Compound v3 stETH ETH-pool $41,310,000 $31,418,400 90%
Aave v3 wstETH - Arbitrum $40,130,000 $965,432 70%
Radiant v2 wstETH - Arbitrum $39,920,000 $11,790,000 70%
Aave v3 wstETH - Optimism $35,690,000 $605,029 70%
Sonne wstETH - Optimism $12,450,000 $2,451,951 60%
Spark wstETH $10,170,000 $543,835 68.5%

Source: DefiLlama

Points:

  • Compound v3 has the highest LTV (90%) and LT (93%)
  • Only the Compound position has a high utilization rate, but in Compound v3 wstETH is in a so called "ETH-pool" with cbETH (near zero utilization rate)
  • MakerDAO wstETH-B has the lowest LTV (54.05%)
  • Most lending protocols don't offer supply-based APY (only Exactly, ParaSpace, Radiant v2, and Sonne finance in individual pools) which means protocols use the LSDs value accrual feature to avoid renting the supply.
  • wstETH on Ethereum Layer2s (Arbitrum and Optimism) is mostly used as collateral
  • LSD is still a new Defi primitive and on a sector level, there is a large gap between protocol LTVs. This may be attributable to different risk management practices, differences between lending protocol architecture, and/or a lack of historical data for assessment.
  • Here is a link to a collateral risk monitor dashboard by Lido. They track the three largest stETH and wstETH holders.
  • Conclusion: overall conservative Loan-to-Value parameters and supply/borrow caps across DeFi lending protocols prevent a significant leverage ratio.

3.2.5 Slippage

Using the Defillama liquidity tool to estimate slippage across all on-chain liquidity venues by swap size, an estimated $300,000,000 swap would result in a 1% slippage.

With the slippage range set from 1% - 15% in the graph below, the swap size required to produce those slippage values ranges from $300,000,000 to $500,000,000. Results show that a trade size of 158,438 stETH to ETH creates 1.44% slippage and a trade size of 257,462 stETH creates 6.81% slippage.


Source: Defi Llama - liquidity

3.2.6 Spread as an Estimator for Historical Slippage

Note: Based on stETH/ETH Pools Ethereum

Observing the overall trend, stETH generally exhibits a higher spread compared to ETH. The spread, an estimator for historical slippage, provides insights into the difference between the highest and lowest observed prices within adjacent daily intervals.

The higher spread observed in stETH suggests there may have been relatively larger price discrepancies and potential slippage when trading stETH compared to ETH.

It is important to note that the spread calculated using the Corwin and Schultz (2012) high-low spread estimator, adapted for cryptocurrency markets, may not perfectly replicate the slippage experienced in an automated market maker (AMM) environment. However, it serves as a useful proxy and provides an idea of historical slippage trends in the market.

Section 4: Technological Risk

This section addresses the persistence of collateral properties from a technological perspective. It aims to convey, (1) where technological risk arises that can change the fundamental properties of the collateral (e.g. unresolved audit issues), and (2) do any composability/dependency requirements present potential issues (e.g. is a reliable pricefeed oracle available?).

This section is divided into 3 sub-sections:

  • 4.1: Smart Contract Risk
  • 4.2: Product and Layer Composability
  • 4.3: Oracle Pricefeed Availability

4.1 Smart Contract Risk

4.1.1 Protocol Audits

The Lido V2 protocol upgrade introduced stETH token redemptions to native ether using Ethereum withdrawals introduced with the Shanghai/Capella hard fork. In addition, it added support for staking modules for the StakingRouter contract, as well as updated Oracle contract consensus mechanics that allow delivering huge data chunks (virtually unbounded).

Lido V2 codebase has undergone extensive audits in 2023 by various auditing firms:

4.1.2 Concerning Audit Signs

All issues were acknowledged but not addressed for various reasons, including low probability, other mitigations already in place, potential degradation of user experience, and the potential risk of introducing new vulnerabilities. The deployment and initialization of the latest release (v2) were also subjected to an audit. It is important to note that Lido contracts have undergone extensive auditing and are currently considered among the most audited smart contracts due to their substantial value.

4.1.3 Bug Bounty

Lido has had an ImmuneFi bug bounty program live since May 2021. The maximum bounty is $2m. Although not all details are public, Lido claims it has paid a total of $250,000 for 7 Bug Bounties. As an example, a post mortem was published in 2021 for a vulnerability disclosed through the ImmuneFi bounty program that would potentially allow an NO to steal a share of user funds.

4.1.4 Immutability

Lido uses upgradeable proxy contracts as storage for the state. Each proxy contract points to an implementation contract providing the code that reads and mutates the state of the proxy. Implementation contracts can be upgraded via DAO voting. Implementations are immutable; they are only allowed to modify the caller's (i.e. proxy) contract state.

A full list of deployed contracts can be found here:
https://docs.lido.fi/deployed-contracts/

4.1.5 Developer Activity

19 GitHub users with more than 10 commits have contributed to the lidofinance/lido-dao repository.


Source: CoinGecko

4.1.6 SC Maturity

The first contracts were deployed in November 2020. Since then, Lido has deployed several upgrades, the latest one being the Lido V2 upgrade as of May 2023. This introduced two new features: ETH staking withdrawals and a Staking Router that allows modularity for new NO onboarding strategies. The recent upgrade increases uncertainty about smart contract security, although the contracts have been heavily audited.

4.1.7 Previous Incidents

Lido discloses incidents affecting the network in the Post Mortem section of the Lido Blog.

Most recently, a post mortem was issued pertaining to the RockLogic node operator. A slashing event took place on 11 validators operated by the NO. Losses were minimal, estimated to be 13.77 ETH, 2.4% of daily rewards, and .0023% of protocol TVL at the time.

4.2 Product and Layer Composability

4.2.1 Dependencies

There is no native communication between Ethereum’s Consensus layer and Execution layer, so Lido’s system architecture requires independent entities that run daemons to sync the system periodically.

An initial oracle set consisting of 5 Lido-approved Node Operators (NO) with a required quorum of 3/5 was expanded by governance decision in January 2023 with 4 additional oracle operators and a quorum of 5/9.

The on-chain portion of Lido's Oracle mechanism consists of the AccountingOracle and the ValidatorExitBusOracle:

AccountingOracle: Oracles assigned by the DAO report daily on changes to DAO-controlled address balances that fluctuate due to reward accumulation and slashing penalties.

ValidatorExitBusOracle: Delivers validator exit requests to Lido NO’s.

Together these processes are responsible for rebasing user balances, distributing stake, processing validator exit requests, and putting the protocol into bunker mode. Bunker mode may be initiated during severe events (e.g. mass slashing), which temporarily pauses withdrawal requests until the event has been resolved to prevent sophisticated users from frontrunning negative consequences.

Security precautions

Lido’s Oracle system is equipped with multiple layers of security measures. These have been designed to guard against known attack vectors, ensuring the integrity and robustness of the system.

Decentralization and Consensus Mechanism: Lido employs multiple independent Oracle nodes for data collection and report generation. These nodes operate independently, reducing the risk of a system-wide failure if one node is compromised. Lido requires a 5/9 quorum of identical reports to accept Oracle updates.

EIP-2335 Encryption Standard: Lido employs the EIP-2335 standard for encryption, specifically in the Ejector module. The exit messages containing sensitive information are encrypted following this standard, and the Ejector module decrypts these files using a password stored in the MESSAGESPASSWORD environment variable.

Sanity Checks: Lido’s Accounting module conducts sanity checks on Oracle reports. By limiting changes to a 10% APR increase and a 5% decrease in stakes, these checks guard against sudden, extreme alterations that could indicate Oracle misbehavior or system manipulation.

Governance Control: The sanity check values can be adjusted by governance in exceptional circumstances.

4.2.2 Withdrawal Processing

Withdrawal requests are not processed immediately. If there is enough ETH in the protocol buffer, the request can be processed in under a day.

For amounts above 1000 ETH, the protocol divides the request into multiple 1000 ETH requests. Lido estimates withdrawals in the 1000-5000 ETH range can take 2 days to process, unless a shortage in the buffer causes a delay (up to 5-9 days). Requests in the 5k - 100k range are expected to take 4-10 days, and >100k to take 2 weeks to process.

In all cases, withdrawal times may be higher if the exit queue is long or a major slashing event triggers "bunker mode". During bunker mode, withdrawal requests halt until the situation has resolved, between 1 and 36 days.

The size of the protocol buffer shown below combines the quantity of ETH in the protocol not allocated to NOs, combining ETH in stETH, the withdrawals vault, and the withdrawals queue:


Source: Dune Analytics

Lido offers a suggestion table for determining the optimal exit path from stETH. Factors include the user's desired withdrawal size, the amount of ETH in the protocol buffer, the size of the withdrawal queue, and the possibility of bunker mode.

Source: Lido Blog

Lido also offers a Dune Dash that shows current and historical data about withdrawal demand and processing time.

4.3 Oracle Pricefeed Availability

4.3.1 Understanding the Oracle

The pricing data for the stETH/ETH and stETH/USD have a Chainlink price feed available, a widely-adopted aggregated solution. This oracle system collects data from multiple (16 and 19, respectively) oracle providers, drawing information from on-chain and centralized exchange (CEX) sources. A consensus of sources is required to establish a price, ensuring a robust and reliable price feed resistant to potential manipulation.

One crucial detail is the method to determine the conversion rate between stETH and wstETH. stEthPerToken of the wstETH contract presents the conversion value of stETH to wstETH. This rate is fundamental to calculating collateralized debt positions (CDPs) and determining their wstETH/USD conversion.

Other Oracle price feeds, such as API3, also offer a stETH/ETH price feed. While these alternatives exist, they are less commonly used by CDPs that offer wstETH/stETH as collateral.

Furthermore, in the DeFi lending market, some protocols have adopted a 1:1 ratio for the stETH/ETH pair. This fixed peg system simplifies the price relationship and is gas-efficient but also introduces significant risks. Market volatility and delayed arbitrage from the withdrawal mechanic can cause a prolonged depegging event. In such a situation, it could lead to the creation of bad debt for the lending protocol.

4.3.2 Token Liquidity and Distribution

Liquidity for the stETH token is majorly concentrated in the Curve pool, which captures over 92% of the token's trading volume. This concentration level may increase stETH's risk of market manipulation.

Notably, the largest Curve pool pair has a considerable 229k (each side) ETH liquidity and has an Amplification parameter of 30, making the liquidity in the pool densely concentrated at the 1:1 price. This may help the pool resist manipulation attempts.

4.3.3 Attack Vectors

High Dependency on a Single Protocol: The stETH/ETH pair relies heavily on Curve for its liquidity pool. With such a high concentration of liquidity in a single protocol, the system becomes more susceptible to attacks aimed at manipulating this pool. An attacker could cause substantial disruptions to the stETH/ETH market by introducing volume variations to influence the price should they accumulate a significant share of the pool.

Data Refresh Frequency: The CHainlink oracle pushes price updates on a 1-hour heartbeat or a price deviation of more than 1%. This poses a risk of the update not being triggered promptly.

4.3.4 Associated Vulnerabilities

Bad Debt Creation: In a successful price feed manipulation attack, one direct impact could be the creation of bad debt for the Protocol. Lending protocols rely on accurate price feeds to maintain appropriate collateralization ratios. If the price feed is manipulated to reflect an inaccurate price, attackers may perform malicious actions to create bad debt.

Faulty Liquidation: If an oracle is manipulated to drastically lower the price of a collateral asset in a lending protocol, it could trigger unjust liquidations of user positions, causing financial losses and disrupting the normal operations of the protocol.

Section 5 Counterparty Risk

This section addresses the persistence of stETH's properties from an ownership rights perspective (i.e. possession, use, transfer, exclusion, profiteering, control, legal claim). The reader should get a clear idea of (1) who can legitimately change properties of the collateral (e.g. minting additional units) and what their reputation is, (2) the extent that changes can be implemented and the effect on the collateral.

This section is divided into 4 subsections:

  • 5.1: Governance
  • 5.2: Decentralization of the LSD
  • 5.3: Economic Performance
  • 5.4: Legal

5.1 Governance

5.1.1 Governance Scope

Aragon DAO: https://vote.lido.fi/

Core system controls including contract upgrades and critical parameters are governed by LDO token holders. Votes are 72 hours with normal voting in the first 48 hours and only negative votes allowed in the final 24 hours. The quorum is 5% and votes require >50% approval to pass.

Contracts upgradable by DAO vote:

LidoLocator, Lido, StakingRouter, NodeOperatorsRegistry, AccountingOracle, ValidatorsExitBusOracle, WithdrawalVault, WithdrawalQueueERC721, LegacyOracle

Parameters and other functionality controllable by the DAO:

  • Burn stETH to compensate for penalties/slashing losses
  • Pause user submissions, withdrawals, oracle report submissions, and all token actions
  • Set the fee and distribution of fees between the treasury and node operators
  • Add or remove node operators and designate a staking limit

Easy Track: https://easytrack.lido.fi/

Easy Track is an optimistic sub-DAO with limited access controls. The Aragon DAO is the default admin, and an emergency brakes multisig has the power to pause or cancel motions. Motions will pass unless a .5% of LDO vetoes the motion before it is enacted after a 72-hour timelock.

Three types of motions can be created via Easy Track and only by the authorized addresses:

  • Node operator request to increase their own staking limit
  • Allocate funds to the LEGO program (Lido Ecosystem Grants Organization)
  • Allocate funds to the reWARDS program

5.1.2 Access Control

Several multisigs are used with limited priveleges, typically either as an emergency backstop or as committee with a treasury budget allocation.

GateSeal committee multisig (3/6): 0x8772E3a2D86B9347A2688f9bc1808A6d8917760C

  • Michael, Curve.fi
  • Ernesto, BGD Labs
  • Andrew, Forta
  • Sjorj, Lido on Ethereum Tooling team
  • Skozin, Special Projects / Lido on Ethereum protocol team
  • Kadmil, DAO Ops team

A GateSeal is a precautionary mechanic introduced to Lido V2 with this proposal. It is a contract that allows a designated address (ideally a multisig) to call pause on a set of predefined system contracts. It is a one-time use contract that is meant as a panic button since the DAO process requires a 72-hour timelock.

The GateSeal Factory contract is used to deploy a GateSeal contract, which specifies the sealing committee address, the sealable contracts, the duration of the pause, and the expiration date of the GateSeal contract.

The GateSeal contract created here can pause the withdrawal queue (users’ side of withdrawals) and validator exit bus (Node Operators’ side of withdrawals). The pause duration is 6 days, and the contract expires in May 2024, regardless if it has been used. Another GateSeal can be created at that point, pending DAO approval.

Emergency Brakes multisig (3/5): 0x73b047fe6337183A454c5217241D780a932777bD

  • 0xCFfE0F3B089e46D8212408Ba061c425776E64322 - @folkyatina
  • 0xdd19274b614b5ecAcf493Bc43C380ef6B8dfB56c - @ujenjt (Eugene Pshenichniy)
  • 0x2a96805188e583dd760785A0dE93128504DDd5c7 - @vsh (Vasiliy Shapovalov)
  • 0x6f5c9B92DC47C89155930E708fBc305b55A5519A - @kadmil (Victor Suzdalev)
  • 0x2a61d3ba5030Ef471C74f612962c7367ECa3a62d - @psirex (Bogdan Kovtun)

The emergency brakes multisig has the PAUSE_ROLE of the EasyTrack voting contract. When paused, the contract cannot create or enact motions. It is additionally an authorized bridging manager for L2 token bridging.


Source: Pod.xyz

Deposit Security Committee Multisig (4/6): 0xC77F8768774E1c9244BEed705C4354f2113CFc09

The DepositSecurityModule was created with a set of guardians callable in getGuardians as a mitigation to a vulnerability of a possible malicious NO intercepting user deposits sent to the beacon chain.

The 4-of-6 multisig sign off on the calldata included in depositBufferedEth(), which can potentially steal user funds with malicious data. The contract allows any guardian to call pauseDeposits() in case suspicious activity is observed, potentially involving collusion between a malicious NO and a quorum of guardians.

Lido dev team Multisig (3/5): 0x3cd9F71F80AB08ea5a7Dca348B5e94BC595f26A0

The Lido dev team multisig does not have substantial privileges within the system. It is authorized as a bridging manager for L2 token bridging

Additional Committee Multisigs

A number of additional multisigs are given limited privileges to manage a portion of the treasury for certain operations. For example, the reWARDS multisig was recently approved with a spending budget of 2,100 ETH every 3 months (tx).

Lido DAO ops multisigs Policy: https://research.lido.fi/t/lido-dao-ops-multisigs-policy/4115

5.1.3 Distribution of Governance Tokens

The total LDO supply is 1 billion LDO tokens, of which 360m LDO tokens were allocated to the DAO treasury, 150m to founders (15%), 200m to initial developers (20%), 60.5m to validators and signature holders (6.5%) and 220m to investors (22.18).


Source: Messari

At first glance, the initial LDO allocation looks highly centralized, as a separate allocation to founders and protocol developers isn't usual practice. In a relatively small investment round (Lido raised $2 million in a December 2020 round from a large group of investors), the protocol attracted key interest groups in the development of the protocol: professional staking service providers, founders of the largest Defi protocols, large VC funds, and other crypto entities like Argent.

After completing their seed round, Lido made two "treasury diversification deals" by selling LDO tokens from the treasury to VCs (3AC, Alameda, DragonFly, Coinbase) and other individual investors.

See a thorough analysis of the initial token distribution and the various players involved here.

5.1.4 Proposals Frequency

In May, there were 4 Aragon DAO votes with a 50% pass rate. The pass votes #156 and #159 set implementation contracts associated with the Lido v2 upgrade, granted and renounced various roles, adjusted a parameter to the Easy Track voting, and funded the reWARD committee with treasury stETH.

In May, there were 25 Easy Track motions with a 100% pass rate. 21 motions were node operator requests to increase their staking limit, and 4 were requests from various committees to top up funding for their operations.

5.1.5 Participation

As there is a quorum of 5% voter participation, Aragon votes typically experience minimal voter turnout. Votes range from 5%-7% participation or 50m-70m LDO.

Aragon's votes overwhelmingly appear to be procedural, and this is probably because the governance process involves forum discussion and Snapshot voting before moving to an on-chain vote.

An unusually contentious vote is #29 to provide 30% of the 10% fee from staking rewards to LDO holders. The vote failed, not only due to a preference to grow the treasury but from a lack of clarity about the implementation of the proposal.

5.1.6 Governance Attack Vectors

A proposal requires a minimum of 5% of the total voting power to be approved. Although the cost to successfully pass a malicious governance vote is likely much higher, we can calculate the minimum threshold required to pass a vote.

An attacker would need to acquire 50m LDO, currently valued at $1.92. The cost to acquire enough tokens at a minimum is $96m and is likely much higher due to slippage and the challenge of sourcing liquidity.

Alternatively, an attacker may attempt to borrow LDO, assuming a market exists with sufficient liquidity. LDO does not require locking to participate in governance, so it is conceivable an attacker could attempt to gain access to voting power temporarily.

The security of Lido governance depends on widely distributing the token such that it becomes inconceivable for a would-be governance attacker to gain access to enough voting power. LDO is remarkably well distributed, with nearly 37,000 token holders and just over 50% of tokens controlled by the top 10 addresses (including the Lido Treasury).


Source: Etherscan

Note, however, that the GateSeal mechanism can pause system contracts immediately without undergoing the 72-hour vote period. The tradeoff here is required trust in the GateSeal committee to take action when necessary.

5.1.7 Operational Safeguards

Lido has implemented numerous measures to safeguard its governance structure and address any possible security issues:

  • Aragon Vote Parameters: The on-chain voting process via Aragon lasts 72 hours and is a two-phase system. The first phase lasts 48 hours, and the second lasts 24 hours. Votes require a 5% quorum and >50% approval to pass.
  • Two-phase Voting Mechanism: This mechanism helps prevent last-minute governance attacks by dividing votes into two phases: the normal and the objection phases. During the objection phase, participants can only vote against the outcome if they hadn't previously voted or change their vote from 'for' to 'against'.
  • GateSeal: GateSeal is a contract that (pending DAO approval) grants a designated account the ability to pause a set of contracts for a limited duration. It acts as a panic button for essential contracts in emergencies, as it bypasses the usual 72-hour timelock. Lido has established an Emergency Brakes multisig with the capability to take such action with an expiry in May 2024.
  • Committees: Various committees, such as LNOSG, LEGO, reWARDS, RCC, and the Referral Program Committee manage specific aspects of governance. Transactions from these committees usually go through the Easy Track, where voting is based on a vetoing principle.
  • Bridge Security: Lido has conducted an audit of its deployed bridges with Oxorio and adopted Aave's governance cross-chain bridge contracts. While the Lido dev team multisig currently has the power to enable Layer-1 (L1) deposits in the bridge, the admin rights will transfer to the Lido DAO via the Aragon Agent App once the bridge is enabled. Consequently, any actions or changes to the bridges will necessitate explicit Lido DAO approval.

5.2 Decentralization of the LSD

5.2.1 Number of Node Operators

There are 30 node operators for Ethereum, 20 for Solana, and 11 for Polygon.

5.2.2 Validators per Node Operator

Of the 30 Ethereum NO's, the validators per NO range from 1000 to 7391. The average per NO is 6073 and the median is 6500.


Source: VaNOM Q1 2023 Report

5.2.3 Market Share per Validator

Lido typically avoids overconcentration by limiting the global ETH stake held by any single operator. The staking pool distributes the deposits uniformly (round-robin) to node operators based on the remaining capacity in each validator's slot. For staking amounts exceeding 32 ETH, the stake is distributed among several validators.

Despite well-balanced stake distribution, some operators exceed the 1% soft-target articulated in the Lido Scorecard, signaling the need for additional Node Operators. The image in section 5.2.2 shows an orange line that represents the 1% marketshare target.

The Gini coefficient of stake distribution (shown below) increased in Q1 and Q3 2022 due to new NO onboardings, but over time the trend is toward a more balanced stake distribution.


Source: VaNOM Q1 2023 Report

5.2.4 Validator Enter/Exit (Churn)

ETH staking withdrawals went live with the Shanghai/Capella upgrade as of April 12, 2023, allowing validators to exit. Only 520 validators have exited amounting to 308,255 ETH withdrawn. 64.6% of all validator exits from the network have been processed in the past week, and 97.8% in the past month.


Source: Rated.network

5.2.5 Stakers per Validator

There are 216,070 stETH and 4,943 wstETH holders with a total supply of 7,380,341 stETH. The average stETH per address is 33.39. At 32 ETH per validator, there is an average of .958 stakers per validator.

Although the average ETH staked is >32 ETH per address due to a small number of large stakers, the most common deposit value is ~$1000, and the distribution is heavily skewed toward low-value deposits.


Source: Dune Analytics

5.2.6 Stake Distribution Across Geographic Jurisdictions

NO stake is most heavily concentrated in Europe with nearly 60% of overall stake. There is minor representation in Asia/Pacific countries (~10%) and no representation in South America or Africa.


Source: VaNOM Q1 2023 Report

The following image shows the number of NO's across each jurisdiction, which corresponds with the amount of ETH staked by region.


Source: VaNOM Q1 2023 Report

5.2.7 Node Software Diversity

Vouch is a specialized validator client that is beacon node agnostic, allowing it to work with multiple beacon nodes. Overall, client diversity in Lido is consistent with that of the overall Ethereum network with less presence of Prysm and more of Teku.


Source: VaNOM Q1 2023 Report

Due to the inaccuracy of fingerprinting and the prevalent use of Vouch in Lido (allowing multiple Beacon Nodes of varying client types to be tied to a single validator), there are inconsistencies between the data shown above and client diversity metrics on third-party platforms.

5.2.8 Node Hosting Infrastructure

Roughly half of node hosting infra is by public cloud and nearly a quarter by dedicated server infra.


Source: VaNOM Q1 2023 Report

5.3 Economic Performance

5.3.1 Revenue Source

5% of stETH staking yield is directed to the Lido Treasury.

Revenue depends on the ETH consensus layer rewards, the execution layer rewards (MEV and network usage), the amount of ETH staked on Lido, and the USD price of ETH.

5.3.2 Revenue

As of June 21, 2023, there is 7,329,026 ETH staked on Lido, earning 4.81% APY. The effective revenue captured by the protocol is .24% APY on the stETH supply.

DeFiLlama estimates the annual revenue as $55.67m by taking the last 30 days of revenue and multiplying it by 12.

This estimated revenue may be highly variable depending on ETH price volatility, ETH staking yield, and the amount of ETH staked on Lido.

5.3.3 Net Profit

Steakhouse Financial and Lido DAO have created a Dune dash that tracks Lido's financial activities on Ethereum. They show monthly P&L broken down into the following categories:

  • Net revenue = Gross rewards - Rewards to stakers
  • Cost of Revenue = Net revenue - Node operator fees - slashing provision - other
  • Operating expenses = all DAO funding transfers to grantee service companies, committees, and third-parties
  • Liquidity expenses = all DAO funding transfers specifically for funding liquidity incentive programs such as Curve rewards distributors


Source: Dune Analytics

Figures are month-to-date and may be subject to change, but June 2023 is on track to be Lido's first month in the black. Liquidity expenses have been steadily reducing while operating expenses appear to be growing.

See also our general LSD Legal Framework Considerations

In the docs section of the website, Lido outlines how the user interface hosted on lido.fi is managed. Lido DAO is depicted as a Decentralised Autonomous Organisation that governs the liquid staking protocols by deciding on key parameters. Among the core functions of Lido DAO are building, deploying, updating, and deciding on key parameters of liquid staking protocols, approving incentives for parties that contribute to DAO’s goals, and managing Node operators.

On March 22nd, 2023, a proposal was made to establish Lido legal entities. This proposal indicates that DAO needs to acquire expert advice, conduct research, and engineer the creation of a legal wrapper. A relevant finding includes the compensation for legal entity incorporation expenses, as published by the Lido Ecosystem Grants Organization.

While the exact details of the legal structure are not publicly disclosed, it's safe to assume that Lido has chosen the Cayman Islands as the location to establish its entity. This assumption is supported by references in the Terms of Use - “that the Interface shall be deemed to be based solely in the Cayman Islands and that although the Interface may be available in other jurisdictions, its availability does not give rise to general or specific personal jurisdiction in any forum outside the Cayman Islands.” Furthermore, the choice of law clause stipulates that the laws of the Cayman Islands govern relations with users.

5.4.2 Licenses

The Cayman Virtual Asset Service Providers Act (VASP Act), revised in 2020, established a comprehensive regulatory registration and licensing system for VASPs. This Act enforces FATF Recommendation 15 (New technologies), focusing on international standards to counter money laundering, financing of terrorism, and proliferation. Every blockchain-based token that can be technically transferred or exchanged falls under the definition of a virtual asset according to the VASP Act, regardless of its programmed properties or its intended use. The act doesn't differentiate between what are typically referred to as utility tokens, security tokens, and stablecoins. However, "virtual service tokens" are not considered virtual assets. The VASP Act excludes "virtual service tokens," which are "a digital representation of value which is not transferable or exchangeable with a third party at any time and includes digital tokens whose sole function is to provide access to an application or service or to provide a service or function directly to its owner."

We cannot confirm Lido's entry on the public register of regulated entities maintained by the Cayman Islands Monetary Authority.

A common form for a DAO legal wrapper is a foundation - a unique corporate structure in the Cayman Islands with independent legal status and limited liability. The Cayman Islands Foundation Companies Act 2017 (in force since 2017) allows a foundation to become devoid of members (i.e., shareholders), thereby becoming an entity without an owner. The General Registry of the Cayman Islands offers a general search for Companies, Partnerships, and Trusts. We estimated numerous possible matches but could not confirm the details of the assumed DAO structure as the comprehensive excerpt is fee-gated.

The above findings do not intend to discredit Lido and their corporate setup nor instill a preference towards a particular legal structure or jurisdiction. We are not lawyers or legal advisors, so the conclusions herein cannot be considered a binding legal analysis. Our attempts are devoted to finding out the type of establishment (if any) and assessing the risk level of the chosen setup for end users. Consistent with the reviewed outputs, we can safely agree that Lido has taken all possible actions to mitigate the legal risk arising from the activities of a decentralized organization in an unregulated environment (i.e., staking services).

5.4.3 Enforcement Actions

No reported actions by SEC directed toward Lido.

5.4.4 Sanctions

Lido does not onboard U.S. persons residing, incorporated, or conducting business in the United States, as well as persons from any country under economic sanctions or embargoes, such as Belarus, Burundi, Crimea, and Sevastopol, Cuba, Democratic Republic of Congo, Iran, Iraq, Libya, North Korea, Somalia, Sudan, Syria, Venezuela, and Zimbabwe - see Section 7 of Lido's Terms of Use.

The restrictions also apply to users who are directly or indirectly involved with any blockchain address listed on any sanctions list maintained by the United States, the United Kingdom, the European Union or any of its member states, or the United Nations or any of its member states.

While Lido has not revealed what type of blockchain analytics software it uses, the prohibitions outlined in the terms of use explicitly state the platform's stance towards attempts at circumvention.

Non-compliance with Section 7 results in access restriction, as indicated in the disclaimer at the top of the Terms of Service:

"If you do not meet the eligibility requirements set forth in Section 7 of the Terms or are otherwise not in strict compliance with these Terms, you are expressly prohibited from using, accessing, or deriving any benefit from the Interface. You must not attempt to access or use the Interface if you don't meet these requirements. The use of a virtual private network (e.g., a VPN) or other means by ineligible persons to access or use the Interface is prohibited. Engaging in such prohibited uses may attract legal liability for fraudulent use of the Interface".

5.4.5 Liability Risk

The disclaimer on regulatory uncertainty in Section 11 states that the platform or any tokens or blockchains could potentially be negatively affected by various legal or regulatory interventions, such as inquiries, actions, lawsuits, investigations, claims, penalties, or judgments. Such occurrences may pose serious hurdles or limitations to the User's ability to continue using and benefiting from these assets and technologies.

The Limitations of Liability outlined in Section 15 apply to the fullest extent permitted by applicable law. The platform shall be indemnified against a user’s violation of the Terms of Use or any rights of other persons.

The arbitration agreement is incorporated into Section 1. All unresolved disputes or claims shall be finally and exclusively settled by arbitration administered by the London Court of International Arbitration under the LCIA Arbitration Rules.

5.4.6 Adverse Media Check

It's worth noting that Lido's native governance token, LDO, experienced nearly a 10% dip on rumors of receiving a Wells notice from the SEC. Price movement has no obvious correlation with official or unofficial publication on this topic.

Open search for negative news pointing to Lido shows several attempts of unidentified perpetrators to impersonate Lido Finance for pre-sale or airdrop of tokens. Users were asked to connect their MetaMask wallet to exchange these tokens for LDO, which is a typical tactic used in phishing scams where malicious actors trick victims into revealing their private keys or seed phrases. Lido Finance issued a public warning for potential scams that imitate the Platform, rather than actions taken by the DAO itself. Based on the information available as of June 2023, there are no public records or reports that suggest Lido Finance has been involved in any unlawful activities.

Section 6: Risk Management

This section will summarize the findings of the report by highlighting the most significant risk factors in each of the three risk categories: Market Risk, Technology Risk, and Counterparty Risk.

6.1.1 Market Risk

LIQUIDITY: Does the LSD have a liquid market that can facilitate liquidations in all foreseeable market events?

Lido is a clear market leader, commanding over 70% of the LSD market since its inception in December 2021. It has been integrated widely as collateral into several DeFi lending protocols such as MakerDAO and Aave, and has over $600m worth of liquidity on DEXs such as Curve and Balancer. The DeFillama Liquidity Tool estimates a swap size of $300m (158k stETH) would be required to produce >1% slippage. stETH/wstETH account for 2/3 of all LSD trading volume, and its strong standing against competitors does not appear to be waning.

VOLATILITY: Has the LSD had any significant depeg event (post merge)?

Arriving at the merge in September 2022, stETH had been experiencing a prolonged depeg event since the Terra collapse in May 2022. It recovered around the time of the merge, but experienced a second, relatively minor depeg in November 2022. A whale removed 88,131 ETH from the stETH/ETH pool, causing a sharp depeg to .9682 that did not completely recover until January 2023.

Since ETH withdrawals have been activated in April 2023, the liquid staking basis has markedly stabilized, meaning stETH has maintained a consistent peg against ETH. We do observe, however, that staking yields have been declining as demand for staking continues to boom. Reduced yields may affect demand for LSDs such as stETH, resulting in the need to process large amounts of withdrawals.

Withdrawals are not instantaneous and can take weeks to process if the exit queue is long or a major slashing event occurs. Tumultuous market circumstances or network problems within Lido or Ethereum at large may precipitate a depeg in the future that cannot be immediately arbitraged.

6.1.2 Technology Risk

SMART CONTRACTS: Does the analysis of the audits and development activity suggest any cause for concern?

Lido V2 codebase has undergone extensive audits in 2023 by various auditing firms including Oxorio, Statemind, Hexens, MixBytes, and Certora. There is also an active bug bounty program with ImmuneFi since May 2021. Lido discloses network problems that result in losses in their Post Mortem blog. Losses have historically been minimal, and where applicable, Lido has reimbursed affected users.

The recent upgrade to Lido V2 in May 2023 allows additional functionality, including ETH withdrawals. This increases the uncertainty of smart contract security due to the short duration on mainnet.

DEPENDENCIES: Does the analysis of dependencies (e.g. oracles) suggest any cause for concern?

In case of no finality on the Consensus Layer, Lido's oracle daemons may stop pushing regular updates (set to 225 epochs or 1 day), preventing rebases from taking place. If sanity checks fail (on max APR or total staked amount drop), this could cause significant disruptions in Lido’s operations, including incorrect distribution of rewards and liquidity mismanagement.

Due to extreme market events on November 9 and 11, 2022, a protocol-enforced sanity check was erroneously triggered that prevented Oracle updates and caused a disruption in rewards distribution. The event was documented in this post mortem.

Lido has a reliable Chainlink pricefeed oracle available for both stETH/ETH and stETH/USD pairs.

6.1.3 Counterparty Risk

CENTRALIZATION: Are there any significant centralization vectors that could rug users?

Concerning smart contract access control, Lido has taken precautions to protect contract upgrades and other critical system controls behind an Aragon DAO governed by LDO tokenholders. For convenience, EasyTrack optimistic voting is used for a limited subset of recurring vote types. LDO has never experienced a governance attack, and while it may be theoretically exposed to such a risk by not requiring a lock to participate in governance, LDO does not realistically have market liquidity or presence on lending platforms to be a concern at this time.

A number of multisigs have privileges limited to specific functions, such as the GateSeal committee's ability to emergency pause the system. The GateSeal further decreases the likelihood of a governance attack, although with the tradeoff of requiring trust in the committee to take necessary action.

Lido also takes measures to decentralize its permissioned set of node operators by monitoring the distribution of stake across NOs, and diversity metrics such as clients, staking infrastructure, and geographies of operation. These precautions minimize the risk of a major slashing event.

In short, users are required to trust in the reliable performance of third-party NOs, but Lido has taken precautions to avoid centralization of the NO network.

LEGAL: Does the legal analysis of the protocol suggest any cause for concern?

While the regulatory climate surrounding DAO and DeFi remains uncertain, it is unclear how an enforcement action might be carried out against a DAO. As Lido is governed by LDO tokenholders, legal action is unlikely to disrupt the platform's operations. A potential centralization risk is from the large proportion of NOs operating in Europe (60% of ETH staked in Lido), which increases the network's risk exposure to regulatory action in those jurisdictions.

There is no discernible evidence that Lido has been involved with any unlawful activities and it has not received any enforcement actions. The interface Terms of Use takes reasonable precautions to limit Lido's liability. While enforcement actions are always a possibility in an uncertain regulatory climate, Lido appears to be reasonably protected.

6.1.4 Risk Rating

Based on the risks identified for each category, the following chart summarizes a risk rating for wstETH as collateral. The rating for each category is ranked from excellent, good, ok, and poor.

  • We rank wstETH excellent on liquidity for being the clear market leader with deepest liquidity.
  • We rank wstETH ok in volatility due to multiple depeg events pre-Shanghai and a high level of uncertainty about withdrawal processing, which may inhibit arbitrage.
  • We rank wstETH good in smart contracts for being heavily audited, having a bug bounty program, and having a long history securing billions in TVL without major incident. The recent upgrade to V2 increases smart contract uncertainty.
  • We rank wstETH good in dependencies for having a reliable pricefeed available. Dependency of lido oracle daemons can result in disruptions that can cause incorrect reward distribution or liquidity mismanagement.
  • We rank wstETH good in centralization for having core system controls with a DAO that has reasonable backstop measures. Multiple multisigs are employed with limited privileges for specific precautionary functions.
  • We rank wstETH good in legal for having no enforcement actions historically, Lido limits liability in their terms and conditions and decentralization is sufficient that legal action is unlikely to disrupt the network. A concentration of NOs in Europe increases vulnerability in those jurisdictions.
Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →

The overall risk profile and persistently dominant market standing of Lido make wstETH suitable as a core collateral type within Prisma. All additional LSDs reviewed will undergo a comparative analysis against Lido to determine how well they complement wstETH for suitability within the collateral basket.

References

Last changed by 
PrismaRisk
Prisma independent risk and research team operated by llamarisk
0
1
4199

Read more

Collateral Risk Assessment - Wrapped Origin ETH (wOETH)

Websites: oeth.com | originprotocol.com

Aug 8, 2024
Collateral Risk Assessment - StakeWise Staked ETH (osETH)

Website: stakewise.io

Jun 25, 2024
Collateral Risk Assessment - Stader ETHx

Website: https://www.staderlabs.com/Documentation: Litepaper | Notion | Docs-ETHx | AuditsSocial: Twitter | Discord | TelegramContracts: Docs - ContractsGovernance: Stader Snapshot | Stader community forumsMarkets: Curve ETHX-ETH | Curve ETHX-wstETH | Uniswap | PancakeSwapDashboards: ETHx Metrics | Node Operator Dashboard

Jun 8, 2024
Collateral Risk Assessment - Wrapped EtherFi ETH (weETH)

Website: ether.fi

Jun 8, 2024
Read more from PrismaRisk
Published on HackMD