Summary

ether.fi is seeking community support for adding weETH market to Compound V3 on Ethereum Mainnet.

Motivation

eETH is an LRT that allows users to stake their ETH, accrue staking rewards, and receive additional rewards through native restaking on EigenLayer. As of April 16, approximately 1,139,577 ETH ($3,54B) in TVL has been deposited into the ether.fi protocol and has been natively restaked in EigenLayer.

ether.fi stands as the pioneering decentralized and non-custodial delegated staking protocol featuring an LRT (eETH). A notable feature of ether.fi is the control it provides stakers over their keys. The team behind the protocol is guided by the following principles:

1. Decentralization is the foremost objective. ether.fi is unwavering in its commitment to maintaining the protocol’s non-custodial and decentralized nature, ensuring that stakers always have control over their ETH.
2. ether.fi operates as a legitimate business with a sustainable revenue model, with the team dedicated to its long-term success. There is no place for deceptive or unsustainable financial practices.
3. ether.fi is committed to always acting in the best interest of the Ethereum community. In the event of any missteps, the team at ether.fi will take responsibility and swiftly rectify the situation.

The weETH market on Compound can become a growth engine, tapping into the LRT sector (the quickest growing one in 2024).

Risks:

ether.fi’s LRT eETH is 100% redeemable. Users who deposit ETH into the protocol can withdraw their stake at any time. The holdings are publicly auditable on-chain and the protocol retains healthy reserves to offset any losses.

Proposed Collateral

ether.fi proposes adding the following assets as collaterals for the market

• weETH
• ETH

The community is invited to suggest and give inputs for any other collateral assets.

Relevant Statistics and Links

Website
Twitter
CoinGecko
Contract address: 0xCd5fE23C85820F7B72D0926FC9b05b43E359b7ee
Audits
Whitepaper
Dune Dashboard for ether.fi

Points support

Users who deposit weETH into Compound will accumulate ether.fi and EigenLayer points to be used for future incentives.

Next Steps

The protocol invites the community to consider this application for listing the weETH market and welcome suggestions in this direction.

Additionally, the protocol looks forward to the community to suggest

Collateral Factor

Reserve Factor

Borrowing Limit

I would urge people to vote against this proposal. Ether.fi used Omniscia to audit their codebase, which is known to be a terrible auditing service. They missed some key lines of code that led to the Wise lending hack in January of this year

Gauntlet - Initial Parameter Recommendations for weETH on Ethereum Comet on Compound v3

Simple Summary

Gauntlet supports the decision to list weETH on Compound v3 ETH Comet. Gauntlet recommends adding this LRT along with other approved LRTs in the existing ETH comet moving forward.

Analysis

weETH Liquidity sources

image831×450 31.7 KB

weETH TVL in pools has been trending upwards barring decline in Balancer pool’s TVL. The below table outlines major weETH/WETH pools and their TVLs.

Total TVL: 85.45mil

The Uniswap weETH-WETH pool stands out as the primary liquidity source. However, it’s worth noting that there are additional liquidity pools involving LST/LRT pairs that contribute to the overall liquidity profile of weETH. These peripheral sources of liquidity are not accounted for in the list above. Currently, the withdrawal queue can tak up to 14 days for redemption of weETH to native ETH.

Supply Cap and Liquidation Penalty

Given the above liquidity sources, we recommend setting the supply cap that would cause 5% slippage i.e half of the liquidation penalty although our methodology allows for higher supply caps. This means that the total slippage should the entire supply get liquidated needs to be < LP. Gauntlet recommends a supply cap of 22,500 weETH (~$70,000,000), this swap would cause a slippage of ~5% vs a liquidation penalty of 10%

Liquidation Factor (LF) and Collateral Factor (CF)

image806×567 55.6 KB

Given the above metrics along with the proposed Liquidation Penalty, Gauntlet recommends

Liquidation Factor = 1 - (LP+Volatility)

This would give an LF of 85%, and a CF of 80%

Oracle Risk

Chainlink’s price feed has only been live for a few weeks and is market rate based which could expose the protocol to exaggerated market movements. Gauntlet would like to highlight this potential risk to the community. As mention in the [Franklin DAO] Request for comment on: Market pricing vs. exchange rate pricing for LSTs and potential oracle implementations post, Gauntlet supports exchange rate oracles for weETH within this correlated Comet if the community decides to move forward with this strategy.

Yield Risk

Currently LRTs such as weETH have elevated yields due to points program. EigenLayer maturity and AVS launch will cause yield shocks and consequentially elevate slippage magnitude and liquidity on DEXs. Gauntlet would like flag this potential risk to the community.

IR Curve Parameters

Gauntlet recommends the following IR parameters for the ETH Comet to account for higher utilization due to the prospective addition of weETH:

image752×480 76.7 KB

The chart above demonstrates that the generation of WETH Comet reserves will be positive when utilization exceeds 60%.

Thanks @Gauntlet for the recommendations.

Addition of weETH as a collateral to Compound v3 ETH Comet is an opportunity that the Compound Growth Program also supports.

Our technical team has started working on the code and we will keep the community updated as soon as we finish the code and pass it on for audits.

I reviewed the audit reports for EtherFi and found a few statements in the reports that indicated potential security shortcomings. I wanted to highlight those here so the community is aware of the potential technical risks and provide some recommendations for improvement before weETH is considered for listing.

Audit Report Statements to Highlight

From the Omniscia Report, page 2 conducted on May 17, 2023:

We evaluated all alleviations performed by EtherFi and have identified that certain exhibits have not been adequately dealt with. We advise the EtherFi team to revisit the following exhibits: SME-04M, EFM-05M, EFN05M

These issues include three Major security issues that were left unaddressed including a logical fault affecting ETH 2.0 Validator Withdrawals.

In the Nethermind Audit Report conducted on July 5th, 2023, some of these issues, including the one affecting ETH 2.0 Validator Withdrawals, appear to have been at least somewhat mitigated (6.2, page 13). However, the Executive Summary (page 3) did make several statements calling the readiness of the code into question:

After thoroughly examining the current implementation of the ether.fi protocol, we propose conducting further comprehensive reviews and extensive testing before contemplating any deployment decisions

We also highlight that: a) new functionalities have been incorporated into the code during the audit, which we consider beyond the original scope, and should be further reviewed

The last audit was conducted by Solidified on Oct 23rd, 2023. It noted that there was a medium to high level of complexity stating:

There are a lot of external calls between the different contracts that need to be authorized and that pass important data such as the original caller as a function argument.

It also appears that a Hats.Finance bug competition was conducted in November 2023 but it was not included in the Audit Page provided and had to be found independently. It reported at least one Medium Issue.

Present Concerns about Security

Number of Critical Issues Reported

In addition to these specific comments, there are concerns about the number of Critical Issues found in each report:

• Omniscia (May 2023) - Major Issues Identified: 11
• Nethermind (July 2023) - Critical/High Issues Identified: 7 (includes at least one issue also reported in the Omniscia audit)
• Solidified (Oct 2023) - Critical/Major Issues Identified: 5
• Hats.Finance (Nov 2023): Medium Issues Identified: 1

While its good to see these issues caught and addressed, the significant number of severe issues still being found in the codebase by the third audit is concerning. While it appears that no serious issues were raised in the Hats.Finance competition beyond 1 Medium, the nature of code competitions means that the level of review that the codebase received might not have been exhaustive.

Inability to Verify Source Code and latest Audit Commit

The EtherFi codebase could not be found on the website and does not appear to be open-soruced. The commit hash referenced in the last audit report (Solidified, page 1) is not publicly accessible and so its impossible to verify if the latest source code deployed on-chain matches the last version that was audited.

Active Bug Bounty Program and Security Contact Not Listed in Docs

The EtherFi documentation page has a Bug Bounty section but it only contains the following statement with no clear plan or timelines to offer a bug bounty program:

ether.fi are huge believers in the power of the Ethereum community and open source. We have plans to offer bug bounties to the community and software development community at large.

After further digging, it does appear that EtherFi has started a bug bounty program with Immunefi but has not updated their documentation.

It’s also important to note that there is no clear security contact that could be provided in the docs or website for bugs to be reported to the team in a clear and secure manner.

Request to EtherFi Team

Given the serious security risks that Compound Finance takes on when listing a collateral asset, especially an LRT, I encourage the EtherFi team to make improvements to their security posture before the community considers listing the asset.

My main asks are:

1. Update the Audit Reports page to include all of the latest audits conducted. I would also like to receive some confirmation that all major issues raised in these reports were resolved, especially the Omniscia report issues that appear to have been partially resolved during the Nethermind audit but is not clear.
2. Provide enough information to transparently verify that the currently deployed contracts were included in the last audit scope. Given that many of the deployed contracts are verified on Etherscan, I see no reason as to why a GitHub codebase can’t also be made available with direct references to the audit commit included in the latest contract deployments.
3. Please update the Bug Bounty page to include the Immunefi bounty program and provide an easy way to contact the EtherFi security team regarding an issue.

There are other security improvements that could also be considered but these appear to be the most pressing.

Hi @cylon and communities,

Thank you for your thorough review and constructive feedback. We appreciate your attention to detail and the recommendations provided.

We have taken your comments seriously and have made the following improvements:

1. Audit Reports

• We have updated the [Audits] page to include all the latest audits conducted. We confirm that all major issues raised in these reports have been addressed.
  For instance, from the Omniscia report:
  • SME-04M: The recommended solution of having off-chain knowledge to validate the beacon chain state with the correct withdrawal credential has been implemented as of October 26, 2023, after the Solidified audit.
  • EFM-05M and EFN-05M: Ether.fi now utilizes off-chain knowledge to check the validator’s status and mark them accordingly.
• Despite the comments by the Solidified team regarding the code complexity, all critical and major issues have been addressed and marked as ‘Resolved’. We will continue to improve our smart contract to reduce the complexities and make them modular.

2. Transparency of Source Code

• We have updated the [Contracts and Integrations] page to include references to our public code repository for enhanced transparency. For future contract upgrades, we will provide direct references to the audit commit. Thank you for this valuable suggestion.
• We take the feedback serious and will work further to improve the process and manage the records. We are preparing for the formal process of contract upgrades and the official communication channels for it for full transparency.

3. Bug Bounty Program

• We have updated the [Bug Bounty] page to link to our active Immunefi bug bounty program. Anyone can now contact us by submitting a report through the Immunefi program.

Thank you again for your valuable feedback

@syko - Thank for addressing my feedback! The more recently concluded audits from Zellic and Decurity that are visible in the GitHub link added to the documentation are reassuring to see.

Mainnet weETH collateral

PR - On-chain add weETH collateral into Mainnet WETH market by dmitriy-woof-software · Pull Request #869 · compound-finance/comet · GitHub

Actions

1. Run Slither. Fails. . On-chain add weETH collateral to weth mainnet market · woof-software/comet@bf71d4b · GitHub
2. Forge test. Success. On-chain add weETH collateral to weth mainnet market · woof-software/comet@bf71d4b · GitHub
3. Gas Profiler. Success. On-chain add weETH collateral to weth mainnet market · woof-software/comet@bf71d4b · GitHub
4. Scan. Success. On-chain add weETH collateral to weth mainnet market · woof-software/comet@bf71d4b · GitHub
5. mainnet-weth Scenario. Success. On-chain add weETH collateral to weth mainnet market · woof-software/comet@bf71d4b · GitHub
6. Unit tests. Success. On-chain add weETH collateral to weth mainnet market · woof-software/comet@bf71d4b · GitHub
7. Eslint. Success. On-chain add weETH collateral to weth mainnet market · woof-software/comet@bf71d4b · GitHub
8. Contract linter. Success. On-chain add weETH collateral to weth mainnet market · woof-software/comet@bf71d4b · GitHub
9. Prepare. Success. Prepare Migration · woof-software/comet@bf71d4b · GitHub
10. Enact Migration with impersonate.Success. Enact Migration · woof-software/comet@bf71d4b · GitHub

Description we use:

Add weETH as collateral into cWETHv3 on Mainnet\n\n

Proposal summary\n\n

Compound Growth Program [AlphaGrowth] proposes to add weETH into cWETHv3 on Ethereum network. This proposal takes the governance steps recommended and necessary to update a Compound III WETH market on Ethereum. Simulations have confirmed the market’s readiness, as much as possible, using the Comet scenario suite. The new parameters include setting the risk parameters based on the recommendations from Gauntlet weETH.\n\n

Further detailed information can be found on the corresponding [proposal pull request](PR - https://github.com/compound-finance/comet/pull/86 and forum discussion weETH.\n\n\n

Proposal Actions\n\n

The first proposal action adds weETH asset as collateral with corresponding configurations.\n\n

The second action sets new Annual Supply Interest Rate Slope High to 100%.\n\n

The third action sets new Annual Borrow Interest Rate Slope High to 115%.\n\n

The fourth action deploys and upgrades Comet to a new version.

The proposal is live on chain!

If you have COMP delegation, please consider supporting the proposal.

Update rsETH and weETH price feeds for WETH market on Mainnet

PR - Update pricefeeds for rsETH and weETH on Mainnet WETH market by MishaShWoof · Pull Request #878 · compound-finance/comet · GitHub

Actions

1. Run Slither. Fails. . Update pricefeeds for rsETH and weETH on Mainnet WETH market · woof-software/comet@5974cff · GitHub
2. Forge test. Success. Update pricefeeds for rsETH and weETH on Mainnet WETH market · woof-software/comet@5974cff · GitHub
3. Gas Profiler. Success. Update pricefeeds for rsETH and weETH on Mainnet WETH market · woof-software/comet@5974cff · GitHub
4. Scan. Success. Update pricefeeds for rsETH and weETH on Mainnet WETH market · woof-software/comet@5974cff · GitHub
5. mainnet-weth Scenario. Success. Update pricefeeds for rsETH and weETH on Mainnet WETH market · woof-software/comet@5974cff · GitHub
6. Unit tests. Success. Update pricefeeds for rsETH and weETH on Mainnet WETH market · woof-software/comet@5974cff · GitHub
7. Eslint. Success. Update pricefeeds for rsETH and weETH on Mainnet WETH market · woof-software/comet@5974cff · GitHub
8. Contract linter. Success. Update pricefeeds for rsETH and weETH on Mainnet WETH market · woof-software/comet@5974cff · GitHub
9. Prepare migration. Success. Prepare Migration · woof-software/comet@5974cff · GitHub
10. Enact migration with impersonate. Success. Enact Migration · woof-software/comet@5974cff · GitHub

Description we use:

Update rsETH and weETH price feeds in cWETHv3 on Mainnet\n\n

Proposal summary\n\n

This proposal updates existing price feeds for rsETH and weETH collaterals in the WETH market on Mainnet from market rates to exchange rates. If exchange rate oracles are implemented, Gauntlet can recommend more capital efficient parameters as the asset remains insulated from market movements, although this exposes it to tail-end risks. The exchange rate based risk parameters could facilitate higher caps and Liquidation Factors along with more conservative Liquidation Penalties.\n\n

Further detailed information can be found on the corresponding proposal pull request, forum discussion for rsETH and forum discussion for weETH.\n\n\n

Proposal Actions\n\n

The first proposal action updates rsETH price feed from market rate to exchange rate.\n\n

The second proposal action updates weETH price feed from market rate to exchange rate.\n\n

The third action deploys and upgrades Comet to a new version.