1 Overview
Token: wOEth on chain: Ethereum
This report was manually generated for Milestone 3 using the processes of our upcoming scipts (but executed manually) for the automated parts. The manual parts are from the excellent report in Comp.xyz.
This report is the automatically generated output from the Compound New Asset Checklist Automation script v0.0 developed in August 2024. Some of the data in this report is manually typed by the report’s “author”, the person who ran the script. Some of the data is generated by the script as it analyzes the blockscan data and code of the entered token.
The manually entered code (in Section 3 and 4) is not checked. We merely present the text as typed by the author. The automatically generated text is highlighted in blue. This text is based on blockscan data (Etherscan or equivalent) and analysis of the token code (from the blockscan) as analyzed by our scripts and AI. Unhighlighted black text, such as this, is default report text.
Please see the Disclaimer in Section 6 before using the data in this report.
2 Red Flags
Note: Red flags are based on automated tests only (not text manually entered by the Author).
a) The contract has delegate calls.
3 Token Description
Token: wOEth on chain: Ethereum
This report was generated on August 22, 2024
Website:
Origin Ether (OETH)
3.1 Description
Origin Ether 1(OETH) was launched in May 2023 and is an ERC20 that generates yield while sitting in your wallet. Similar to stETH, OETH yield is paid out daily and automatically (sometimes multiple times per day) through a positive rebase in the form of additional OETH, proportional to the amount of OETH held.
Until a recent proposal 1, OETH was an LST aggregator that earned yield by tapping into blue-chip protocols while being collateralized by other LSTs. Over the next few weeks, OETH LST collateral will be divested back to ETH, as OETH will be transitioned into a full-fledged LST. OETH will soon become a superior LST with an extremely tight peg (1:1 redemptions to ETH thru Origin’s ARM) and high yields thanks to DVT direct staking through SSV/P2p.
wOETH is a ERC-4626 tokenized vault designed to accrue yield in price rather than in quantity. When you wrap OETH, you get back a fixed number of wOETH tokens. This number will not go up - you will have the same number of wOETH tokens tomorrow as you have today. However, the number of OETH tokens that you can unwrap to will go up over time, as wOETH earns yield at the same rate as standard OETH. The wOETH to OETH exchange rate can be read from the contract 1 (function number 16), or via the OETH dapp.
3.2 Benefits to the Compound community
Since 2021, Origin has streamed millions of dollars in stablecoin to Compound markets via OUSD strategies, generating millions in yield and significantly boosting Compound’s TVL. This new OETH market would lead to additional increased TVL for Compound, additional revenue to the Compound Protocol and DAO from active loans and liquidations, and will attract a wider user base.
We’ve noticed many LSTs trade below their peg due to DEX fees and slippage, and to reflect the time value of money. LSTs that consistently trade below peg effectively impose a hidden exit fee - certain LSTs often trade ~0.25% below peg, meaning it takes three weeks of staking to break even. This may be ok for long-term holders, but is terrible for users who plan to loop LTSs for additional yield. This will not be the case with OETH.
Using OETH on Compound will produce higher yield than other top LSTs and have a near perfect ETH peg. OETH ARM mechanics and gas optimizations will ensure the best possible prices for traders looking for instant exit liquidity, while DVT staking will achieve greater risk-adjusted yield. Our vision for OETH is for it to become the most trusted LST for those seeking to use an LST for leveraged staking.
3.3 Author
Email: peter@originprotocol.com
Discord: @slagathorthemammothking
Telegram: @Pgee13
Author’s relationship with the token:
Peter is part of the Origin Protocol core team.
4 Manually Entered token information
4.1 Token Code Link(s):
This token contract is upgradeable.
4.1.1 Link to token proxy code
$2,583.65 | Wrapped OETH (WOETH) Token Tracker | Etherscan
4.1.2 Linkt token contract code
WOETH | Address 0x9c5a92aaa2a4373d6bd20f7b45cdeb7a13f9aa79 | Etherscan
4.1.3 Who is authorized to make an upgrade?
We have a timelock contract with a 48 hour delay. This is controlled by a Governance contract that uses xOGN.
4.1.4 Which components are upgradable?
The whole token contract can be upgraded.
4.1.5 How does the upgradeability design work? Who manages it and how are upgrades performed?
All OETH contracts are owned by the Timelock contract. All upgrades will have to go through Timelock. Only governance can queue/execute transactions on the Timelock, meaning the community has to vote for every on-chain proposal including upgrades to contracts.
4.1.6 Does it emit an event when the implementation is updated?
Yes, it emits event Upgraded(address indexed implementation);
4.2 GitHub Link:
origin-dollar/contracts at master · OriginProtocol/origin-dollar · GitHub
4.3 Audits
OETH was built reusing 95% of the OUSD code, of which 10+ audits have been done since 2020. Not that long ago, OUSD reached a market cap of $300m without breaking, and without diminishing the APY it was capable of generating. All OETH audits can be found in the audits section of the OETH docs. OpenZeppelin is also held on retainer to review 100% of the OETH and OUSD smart contract changes.
4.4 Link to Test suite
origin-dollar/contracts/test at master · OriginProtocol/origin-dollar · GitHub
4.5 Bug Bounty program
Yes, Origin maintains an active bug bounty. The rewards range in size from $100 OUSD for minor issues to $1,000,000 OUSD for major critical vulnerabilities. The bug bounty program is currently administered by Immunefi.
4.6 Emergency Contacts:
The Origin team is available 24 hours a day via Discord. On March 10 2023 when USDC depegged from the dollar (and therefore from OUSD), it took the Guardians/Origin engineers about 4 minutes to notice, and 16 minutes to start the process of moving the funds to a safer strategy. OETH and wOETH will have no exposure to stablecoins nor any other pegged asset aside from WETH.
4.7 Additional Security Tools
We use an in-house solution based on Subsquid as our indexer and Grafana. We also add custom alerts on Tenderly for critical events.
4.8 Will the token include implementations on other networks?
Yes
4.8.1 If so, will the tokens be natively minted on the other networks or bridged across?
Bridged
4.8.2 If so, Are there any mitigations in the contracts in case a bridge becomes inoperable or compromised?
The tokens are bridged using Chainlink CCIP. CCIP has cursed state if the bridge is compromised. We check that state before we do any cross chain op. CCIP also has defined cross-chain transfer limits.
4.9 Are there any flash loan pools for this token?
Yes
4.9.1 If so, please list the protocols:
OETH is flash swappable since we are in Uniswap pools which effectively means its flash loanable, but Origin does not offer a flashloan service for OETH. Other 3rd party platforms may provide this service.
5 Automated Token Information
Token Age: 427 days
Number of Transactions: 11,390
The token contract is NOT Pasusable.
The contract does not have a deny list.
The token has SafeMath through Solidity version 0.8 or greater.
The contract follows the ERC20 standard.
The contract allows the minting of new tokens.
The contract allows the burning of new tokens.
The contract does NOT have rebasing functions.
The contract does not have fees on transfer.
The contract has delegate calls.
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, “Address: low-level delegate call failed”);
}
The token cannot be flash minted.
6 Disclaimer
The purpose of these reports is a succinct technical summary for devs and auditors when considering using a token on a chain. It is designed to use their time more efficiently. DeFiSafety’s team are analysts, not devs or auditors.