mETH - Yield Nest Collateral Risk Brief

# mETH - Yield Nest Collateral Risk Brief ## Market Liquidity Mainnet liquidity for Mantle ETH extends to Uniswap V3 and Pancake swap, with the majority of liquidity in Uniswap, as of 8/27/2024 the WETH/METH pool amounted to [$28.37M](https://defillama.com/yields/pool/05171ab2-0920-42fd-8cea-660548b9ea58) in TVL ([mETH $15.48M](https://etherscan.io/address/0x04708077eca6bb527a5bbbd6358ffb043a9c1c14)). METH is also available natively on the Mantle Network DEXes, Agni Finance, Merchant Moe and FusionX. Additionally, centralized exchange liquidity is limited to Bybit. The tokens market distribution should be of concern as ~30% of mETH is restaked in [EigenLayer](https://app.eigenlayer.xyz/restake/mETH) and [~37%](https://etherscan.io/token/tokenholderchart/0xd5f7838f5c461feff7fe49ea5ebaf7728bb0adfa?range=25) of the supply is deposited on the Mantle Network. In the event of liquidation, sufficient market depth may be limited by time delays and demand involved with unstaking and bridging back from the L2. ## Token Volatility Over the last 90 days (5/26/2024 - 8/27/2024), daily returns for mETH and ETH averaged 3.192% and 3.170% respectively. Earlier this year, mid-March, mETH experienced increased pressure on its peg possibly due to several converging factors involving ETH market behavior, the staking queue, and withdrawal demand following the conclusion of an mETH incentive program. ![mETH & ETH 90 day Daily Returns](https://hackmd.io/_uploads/HJPyYHCjR.png) Source: [Coingecko Historical Data](https://www.coingecko.com/en/coins/mantle-staked-ether/historical_data) | 5/28/2024 - 8/27/2024 ## Smart Contracts All contracts can be paused through a Pausing contract that can be called by other contracts, upgraded via the Mantle Security Council [multisig](https://etherscan.io/address/0x4e59e778a0fb77fBb305637435C62FaeD9aED40f). 4 audits have been done on mETH contracts: Hexens (3 high risks and 6 medium risks), MixBytes (3 high risks and 4 medium risks), Secure3 (1 high and 1 medium risk), Verilog no findings were deemed as high or medium risk. 2 audits have been done on the TVL consensus Oracle contract: Hexens (3 high risks and 4 low risks), Secure3 (4 medium and 5 low). No critical risks were identified in the audits. Issues were either resolved or justified/acknowledged by the Mantle team. ## External Factors/Dependencies Mantle relies on [4 off-chain systems](https://docs.mantle.xyz/meth/components/off-chain-systems); Initiator, Allocator, Guardian and Oracle for mETH functionality. These systems are critical to mETH operations (e.g. creation and funding of new validators) and are not open source, only the TVL consensus Oracle has undergone publicly available audits and its codebase openly available. According to their docs, off-chain systems don’t control any funds, nor have the ability to remove funds from the protocol Without a view into their technical details it is unclear how these systems actually interact with node operators, validator keys and information sharing. In the occurrence of a security event user funds could be at risk of slashing. ## Centralization Vectors A 6/13 multisig managed by the Mantle team controls contract upgrades, withdrawal addresses, permissions and other variables. A [Timelock controller](https://etherscan.io/address/0xc26016f1166bE7b6c5611AAB104122E0f6c2aCE2#readContract) is present to add a delay to any protocol changes, allowing users to exit if they disagree with changes or to prevent malicious upgrades. The current MinDelay is set to 0, meaning that the team could propose and execute smart contract upgrades and permissions changes in a single transaction. Node operator management is of concern as only a selection criteria has been defined, however information about sanctions and node clients used by node operators is limited. ## Legal Status Mantle's documentation doesn’t provide details on its exact legal formation. The governance forums offer no further insight into the establishment of a DAO legal frameworks or specialized legal constructs. Without concrete public records to confirm or refute this, introduces a significant degree of uncertainty regarding the protocol's accountability. ## Conclusion The Mantle team controls key aspects of mETH, so this level of centralization creates risks that are of significant concern specifically around withdrawal permissions, validator key management and node operators. The limited market options and depth for liquidation increase dependence on direct withdrawals from the protocol - in the event of mass liquidations, locked up mETH could compound volatility once unlocked. METH’s market performance however should be highlighted as one of the top 4 LST’s in TVL, representing clear adoption in its segment. This should be weighted against the risk considerations described.