Full report from Prisma Risk Team: https://hackmd.io/@PrismaRisk/rETH This section will summarize the findings of the report by highlighting the most significant risk factors in each of the three risk categories: Market Risk, Technology Risk, and Counterparty Risk.
LIQUIDITY: Does the LSD have a liquid market that can facilitate liquidations in all foreseeable market events?
rETH ranks thirds in the LSD category by marketcap with ~1.61b in TVL. Its liquidity is primarily on-chain across several DEXs (Balancer, Curve, PancakeSwap, and Uniswap). Of the liquidity venues, there is not a dominant DEX by trade volume, although Uniswap makes up a high portion of trade volume compared to its low TVL. The Curve rETH/ETH pool ($9.04m) and Balancer rETH/ETH pool ($80.87m) represent the main sources of liquidity backing rETH’s stability.
When comparing its liquidity to marketcap, ~4.4% of the total token supply is on exchange. stETH ranks somewhat lower at ~3%. According to the DeFiLlama Token Liquidity tool, a rETH>ETH trade of $38.22m would produce a 1% slippage compared to a $300m swap required from stETH>ETH. While stETH is substantially more liquid overall, rETH performs on par in terms of liquidity depth given its substantially lower TVL (rETH has 10.75% the amount of ETH staked compared to stETH).
VOLATILITY: Has the LSD had any significant depeg event (post merge)?
Post-merge, rETH has not experienced a negative depeg against ETH. In fact, post-merge from November '22 until March '23, rETH depegged to the upside, at some point trading at a over 2% premium to fair value.
Since withdrawals were activated in mid-April, rETH has kept a strong peg to ETH and has no significant depeg to the downside. However, the withdrawal mechanism requires that users deposit fresh ETH into the system or node operators exit their minipools (or rewards are distributed) to make ETH available for withdrawals. It is conceivable that in some circumstances, there may not be enough ETH available to facilitate arbitrage during a severe market event.
SMART CONTRACTS: Does the analysis of the audits and development activity suggest any cause for concern?
The Rocketpool protocol has gone through several audits:
The commit history is not sparse, it can be seen that regular updates are being made over the year. The Atlas Update was deployed in April. The new contracts were audited, but have added additional functionality and there may be unfound bugs or unintended change in the behavior of the system.
DEPENDENCIES: Does the analysis of dependencies (e.g. oracles) suggest any cause for concern?
Due to limitations of the Ethereum network requiring an oracle to communicate state between the consensus and execution layer, Rocket Pool makes use of an oDAO composed of a whitelisted subset of node operators.
These oracles push updates about system balances that update the rETH:ETH exchange rate, vote on introducing contract upgrades, facilitate onboarding/offboarding validators, and are necessary to process rewards. The oDAO can add or remove members and currently stands at 18 members with a consensus of 10 required to execute actions.
There is a Chainlink price feed available for rETH/ETH that can be considered highly reliable.
CENTRALIZATION: Are there any significant centralization vectors that could rug users?
There is a strong trust assumption in the honest and reliable behavior of the oDAO members. The oDAO performs a number of responsibilities that effectively custody user funds. The oDAO can choose to push any price or exchange rate update and can update system contracts, both of which could result in loss of user funds if the oDAO misbehaves.
The pDAO EOA guardian is also trusted to set sensible parameters for the system and to custody Treasury funds. There is a proposal in the research phase to transition to an on-chain DAO and deprecate the guardian role, but the timeline of the governance upgrade is unknown.
LEGAL: Does the legal analysis of the protocol suggest any cause for concern? Rocket Pool Pty Ltd is an Australian Private Company, officially registered on May 10, 2018, and since then, it has been maintaining active status with the Australian Business Register.
There is regulatory uncertainty in Australia concerning crypto staking or classified staking as a financial product or an auxiliary service to a financial product. The existence of a team-controlled guardian that can access treasury funds and set system parameters may pose a centralization argument by the competent authorities and put the project in a situation to be obliged to pursue VASP licensing. In the same line of thought the team may be vulnerable to enforcement actions in the future."
There are no enforcement actions presently or historically against Rocket Pool Pty Ltd. Rocket Pool Pty Ltd appears to be protected to a significant degree under the Terms of Service.
- We rank rETH good in liquidity because despite having a fraction of the TVL as stETH, it has comparable liquidity depth in relation to its marketcap. Liquidity is distributed across several DEXs, including AMMs supporting high liquidity density on Balancer and Curve.
- We rank rETH good in volatility because since the merge, rETH has not depegged to the downside and has exhibited low volatility since the Shappella upgrade. The decentralized design may prevent adequate withdrawal liquidity in some market situations that could result in higher volatility.
- We rank rETH good in smart contract because there have been multiple smart contract audits, including an audit for the most recent Atlas update. Since the update happened several months ago, the contracts cannot be considered mature, and there may be undiscovered issues.
- We rank rETH good in dependencies because there is a reliable pricefeed available for rETH. The oDAO is a somewhat decentralized mechanism for updating rates and other processes between the consensus and execution layer, requiring 10 of 18 members to reach consensus.
- We rank rETH ok in decentralization because in the current bootstrapping phase, a team-controlled EOA acts as the guardian on behalf of the DAO. It can set parameters and handle treasury funds. The oDAO is a multisig that has significant power in the system, including to update contracts.
Our overall assessment is that rETH performs quite well all-around with the exception of some centralization concerns.
Compared to its DeFi competitors (stETH and frxETH), rETH provides good balance. It scores somewhat lower than Frax on the market risk side, but scores higher on legal and dependencies. We’ve scored is higher than stETH in volatility as it has not experienced problematic volatility events as has stETH. However, it doesn’t score as high as stETH on decentralization or liquidity.
Our opinion is that the strongest case to limit protocol exposure of rETH is the potentially problematic centralization vector posed by the team-controlled guardian and to a lesser extent, the 18-member oracle DAO. This exposes users to additional counterparty risk and possible legal issues in the future (although Rocket Pool’s legal history does appear to be very clean).
Otherwise, rETH represents a well-rounded LSD product from a risk perspective. It would make a suitable addition to the collateral basket with minority exposure after wstETH. Rocket Pool’s transition to on-chain governance should be monitored, at which point it may be appropriate to consider a more dominant rETH presence within the basket.