Author: Cobo Security Team
With the rise of Restaking, more Eigenlayer-based Restaking projects have appeared on the market. Restaking is intended to share the user's pledge share with other projects by sharing the trust of the Ethereum Beacon pledge layer, allowing users to gain more benefits while allowing other projects to enjoy the same consensus trust and security as the ETH Beacon layer. .
In order to help everyone better understand the interaction risks between different Restaking projects, the Cobo security team conducted a survey on the mainstream Restaking protocols and mainstream LST assets on the market. , and sorted out the relevant risks, so that everyone can better control the corresponding risks while enjoying the benefits.
Note: The relevant conclusions listed by the Cobo security team are based on UTC time on February 5, 2024 Before 0 o'clock.
Restaking currently on the market The protocol is basically built based on EigenLayer. For users, participating in Restaking means exposing themselves to the following risks:
Currently participating in Restaking requires interaction with the project party's contract, and users need to bear the risk of the contract being attacked;
Project funds built based on EigenLayer will eventually be stored in the contract of the EigenLayer protocol. If the EigenLayer contract is attacked, the related project funds will also be attacked. Loss;
In EigenLayer, there are two types of Restaking, namely native ETH Restaking and LST Restaking. For LST Restaking, funds are deposited directly in the EigenLayer contract. But for Native ETH Restaking, funds are stored in the ETH Beacon chain; this means that users who perform LST Restaking may suffer losses due to EigenLayer contract risks;
The project side has high-risk permissions, and in some cases user funds can be misappropriated through sensitive permissions.
LST tokens may become unanchored, or the LST contract may be upgraded/attacked, causing deviations and losses in the value of LST.
Currently, except for EigenLayer, the mainstream Restaking protocols on the market do not support withdrawals. Assuming that the project party does not upgrade the corresponding withdrawal logic through the contract, users will never be able to get their assets back and will need to obtain liquidity from the secondary market to exit.
Based on the risk points listed above, the Cobo security team systematically investigated some of the mainstream Restaking protocols currently on the market and conducted Comb. At present, it mainly includes:
The project completion is low, and most projects do not implement withdrawal logic;
Centralization risk: User assets are ultimately controlled by multi-signature wallets. The project side has certain Rug Pull capabilities;
Based on the second point, when there is internal evil or multi-sign private keys If lost, asset damage may occur.
In order to make the results more intuitive, the Cobo security team organized and classified the survey results for everyone to view, as follows :
Since EigenLayer is the cornerstone of all projects, in addition to the ones mentioned in the table, there are also the following points that users need to pay attention to:
EigenLayer is currently deployed in the contract of the main network and has not fully implemented all the functions in its white paper (AVS, slash). Among them, the slash function only implements the relevant interfaces and does not yet have specific and complete logic. According to the contract code, the current slash is triggered by the owner of the StrategyManager contract (admin authority of the project party), and the execution method is relatively centralized;
In the process of EigenLayer native ETH Restaking, in addition to creating an EigenPod contract for Restaking fund management, you also need to run the Beacon chain node service yourself and bear the risk of being slashed by the Beacon chain. When users perform native ETH Restaking, it is recommended to choose a more reliable node service provider. In addition, since ETH is stored in the Beacon chain, during the withdrawal process, in addition to being initiated by the user, the node service provider also needs to help the user withdraw the relevant funds from the Beacon chain, that is, the withdrawal process requires the consent of both parties. ;
Since EigenLayer has not yet implemented the complete AVS and Slash mechanisms, the Cobo security team recommends that users not understand the related risks before Enable the delegate function in the EigenLayer protocol, otherwise it may cause certain financial losses.
< /p>
In addition, through code review, some projects also have some code risks that may affect the security of user funds. When Cobo discovered relevant risks, it immediately communicated and confirmed with the project team. Some risk points and communication results are as follows:
All contracts in the current agreement are upgradeable contracts, and the upgrade rights are 3/6 Gnosis Safe However, the upgrade rights of the MLRT token contracts of cbETH, ethX, and ankrETH in the MLRT token are EOA addresses .
Cobo has contacted the Eigenpie team before the deadline, and the project team responded that all MLRT tokens will be transferred within 24 hours The upgrade permission is given to the multi-signature wallet.
During the recharge process, when calculating the share obtained by the user, the share value needs to be calculated, but the rsETHPrice in the calculation formula needs to be manually updated with the corresponding oracle. Except for stETH, the share price of the corresponding token contract is used as the price source. stETH directly adopts 1:1 conversion. When stETH is discounted in the secondary market, there will be a certain amount of arbitrage space during the recharge process.
KelpDAO responded on February 5 that the exchange rate of the Lido contract was named 1 stETH = 1 ETH because KelpDAO is not yet open. Withdraw function, arbitrageurs cannot take advantage of this strategy. In response to this issue, the KelpDAO team will add a circuit breaker when withdrawals are launched that will check the market price of stETH, compare it with the contract price of stETH, and apply necessary guardrails if the deviation is large.
OperatorDelegator is responsible for routing protocol funds to EigenLayer and corresponding to different recharge ratios. However, during the process of configuring OperatorDelegator, the protocol did not check whether the proportions of all OperatorDelegators are greater than 100%, resulting in the possibility of OperatorDelegator-1 (70%) and OperatorDelegator-2 ( 70%) situation. This problem mainly affects users’ fund withdrawals. Since the withdrawal logic is currently incomplete, it is impossible to evaluate the specific impact on the principal.
The Renzo team stated that in this specific case funds were transferred to the incorrect OperatorDelegator contract for deposits, Or extracted from an incorrect OperatorDelegator. Renzo stated that although this technical issue will cause a mismatch in Renzo’s expected allocations to different operators, it will not affect the calculation of total value locked (TVL) or the security of funds. At the same time, the Renzo team will upgrade the contract in the future to solve this technical problem.
In addition to the risks of the protocol itself, the risks of LST cannot be ignored during the restaking process. The Cobo security team also conducted research on the mainstream LST tokens on the market and will The results are organized for everyone to view, as follows:
< /p>
Restaking is an emerging concept. Neither the contract layer nor the protocol layer has passed the test of time. In addition to the above-mentioned risks of consolidation, there may also be Other unknown risks. So is there a relatively safe best interaction guide that can effectively reduce risks during interaction?
Based on the current research conclusions, the Cobo security team has compiled a relatively safe interaction path for everyone.
For users who use larger funds to participate in Restaking, participate directly EigenLayer’s Native ETH restaking is a good choice. The reason is that for Native ETH restaking, the recharged ETH assets are not stored in the EigenLayer contract, but in the Beacon chain contract. Even in the worst case scenario where a contract attack occurs, the attacker cannot immediately obtain the user's assets.
For users who also want to use large funds to participate but are not willing to endure a long redemption time, they can choose the relatively safe stETH as a participating asset to participate directly. EigenLayer.
For users who want to earn extra income, they can choose a part of the funds to participate based on their risk tolerance, such as Puffer, KelpDAO, Eigenpie and Renzo, which are based on Projects built by EigenLayer, but it should be noted that since none of the above projects currently implements the corresponding withdrawal logic, users participating in such protocols need to consider the corresponding exit risks at the same time, and should also consider the relevant LRT at the secondary level during the investment process. Market liquidity.
The projects listed in the article currently have the ability to upgrade and suspend contracts. At the same time, multi-signing by the project party can also perform high-risk operations for the project. For advanced users, you can configure corresponding contract monitoring to monitor related contract upgrades and the execution of sensitive operations of the project side.
At the same time, teams and users who want to invest in ETH and participate in projects can cooperate with Cobo Argus to trigger automated robots and single-signature authorization configurations for Safe multi-signature wallets, based on The TVL changes of the pool, the fluctuation of ETH price and the actions of giant whales are used to set the automatic deposit function to EigenLayer and each re-pledge agreement.
AVS (Active Verification Service) combines the scale of web2 with the trust of web3, opening up the next iteration of the network: distributed systems and managed assets. In this article, let's take a quick look at EigenLayer's AVS ecosystem.
JinseFinanceEigenLayer is an Ethereum-based protocol that introduces restaking — a new primitive for cryptoeconomic security that has become a dominant narrative in the Ethereum community.
JinseFinanceEigenLayer AVS provides unlimited possibilities, and there will be more innovations in the future.
JinseFinanceIn any case, such innovation at least adds a lot of positive points to the project.
JinseFinanceThis article attempts to provide an in-depth look at the risks that EigenLayer has addressed, including potential pitfalls faced by the EigenLayer service and its operators, as well as the potential for systemic threats to Ethereum as a network.
JinseFinanceThe Cobo security team has conducted research on the mainstream Restaking protocols and mainstream LST assets on the market, and sorted out the related risks, so that everyone can better control the corresponding risks while enjoying the benefits.
JinseFinanceIn essence, the Eigenlayer project is the matryoshka doll project of the Ethereum ecosystem.
JinseFinanceRecommended reading for today evening: 1. Big inventory of potential airdrops in 2024; 2. Variant: Why we lead the investment in the zero-knowledge proof market L1 Gevulot; 3. How does Frax Bonds work? What are the main features? ;
JinseFinanceGoogle Cloud has joined the "EigenLayer Operator Working Group" along with more than 65 operators and independent participants.
OliveThe asset manager said it would buy “exchange-traded protective puts” and sell “exchange-traded calls on bitcoin futures and/or bitcoin-related ETFs.”
Cointelegraph