Collateral Risk Assessment

1. Asset Fundamental Characteristics

1.1 Asset

OETH was initially an LST (Liquid Staking Token) index token collateralized by a basket of LSTs such as rETH, stETH, and sfrxETH. As a yield-generating ERC-20 token, it sought to maximize yield while maintaining a soft peg with ETH using an Algorithmic Market Operations controller (AMO).

Following the March 2024 redesign vote, OETH has since pivoted into being a pure liquid ETH staking token that aims to have an even tighter peg to ETH thanks to the ARM (Automated Redemption Manager) mechanism, greater security, and higher yields relative to other LSTs. Using the SSV Network and its implementation of Decentralized Validator Technology (DVT) reduces the probability of inactivity penalties and slashing.

According to the balance sheet, all underlying assets are ETH and protocol-owned OETH, with a majority natively staked on the beacon chain. Wrapped OETH (WOETH), compliant with the ERC-4626 standard, continues to serve as a marginal token, accounting for 11% of the total supply.

A 20% performance fee applies to all rewards accrued through staking. 50% is used to buy back OGN, and the other 50% is used to acquire CVX to boost yield generation in the AMO. Consequently, this fee ultimately benefits OGN and WOETH holders. A 0.1% exit fee applies to WOETH holders wishing to swap their position for WETH directly from the Curve liquidity pool, while no fee applies to redemptions from the ARM mechanism or the OETH Vault.

1.2 Architecture

Source: OriginProtocol documentation, October 4th, 2024

Main protocol contracts:

• WOETH: wraps OETH into WOETH, an ERC-4626 token, and vice versa
• OETH: An ERC-20 token contract
• OETH Zapper: deposit WETH to mint OETH
• OETH Vault: manages withdrawal requests and redemptions
• Strategies: Each a contract. Five in total, though two (Morpho Aave V2 WETH and Lido Withdrawal) have been deprecated, leaving three active strategies (First Native Staking, Convex ETH+OETH (AMO), and Second Native Staking)
• OETH Harvester: Receives rewards from the strategy contracts and sends them to the OETH Dripper contract
• OETH Dripper: Receives rewards from the OETH Harvester and sends them to the OETH Vault slowly over 7 days
• OETH Vault Value Checker: Check the OETH Vault balance against expected values and variance

AMO

The Automated Market Operations (AMO) mechanism maintains price stability by balancing liquidity on both sides of a pool. If one side becomes unbalanced, the protocol adjusts it by minting or burning OETH. Because those OETH tokens never leave the pool without being matched by the correct ETH, the protocol remains 100% collateralized. This two-sided liquidity provision to Curve pools allows the protocol to earn up to twice the normal amount of rewards when providing liquidity. The Convex ETH Meta Strategy contract collects CRV and CVX rewards, swaps them for WETH, and deposits them back into the OETH Vault, ultimately accruing to OETH holders. The mechanism uses three ChainLink Oracles: OETH/ETH, CRV/ETH, and CVX/ETH.

ARM

ARM (Automated Redemption Manager) offers instant redemption of OETH for WETH with zero slippage. It prices assets in terms of their current market rate and estimated withdrawal queues on the consensus layer by combining features commonly found in AMMs and isolated money markets. The buffer can be checked by querying the WETH balance of the contract. Our liquidity analysis shows that the liquidity depth of this mechanism remains limited (~150ETH at the time of writing).

1.3 Tokenomics

Governance token

The OGN token serves as the governance token of the OriginProtocol ecosystem of products. Holders can lock their tokens in exchange for xOGN, which grants economic rewards and governance power. The longer the staking period, up to a maximum of one year, the higher the multiplier, thus incentivizing long-term commitment. Stakers can delegate votes, stake for multiple periods, and collect rewards from protocol revenue, primarily through OETH and OUSD performance fees. Unlike other models, xOGN balances remain stable throughout the lock-up period, though the staker’s share of the overall voting power decreases as new stakes are made.

SSV network

As a user of the SSV network to operate its validators, OriginProtocol must acquire SSV tokens to pay the network fee and the fee for each operator. This is known as the SSV burn rate, which is calculated as follows:

Source: SSV network documentation, October 2nd, 2024

2. Market Risk

2.1 Liquidity

Source: Cowswap, October 2nd, 2024

Available liquidity on Cowswap shows that up to 4,200 WOETH can be liquidated within a 7.5% price impact.

Source: WOETH ARM, October 2nd, 2024

Up to 149 OETH can currently be redeemed for WETH using the Automated Redemption Manager (ARM), and that instantly with zero slippage. Beyond this amount, one would have to use the Curve pool operated by the AMO mechanism or the OETH vault with a few days of mandatory wait time.

2.2 Volatility

image4752×1924 242 KB

Source: Coingecko Terminal, October 2nd, 2024

Analysis of WOETH’s performance reveals two relatively minor de-pegging events, with maximum deviations occurring on August 8th, 2024, and September 19th, 2024. Each event resulted in an estimated -0.5% depeg, which was swiftly corrected in the subsequent days.

2.3 Exchanges

OETH can be exchanged on three DEXs:

• Curve OETH/ETH: $20m of TVL
• Uniswap OETH/ETH: $620k of TVL
• Curve frxETH/OETH: $168k of TVL

The unwrapping of WOETH can be done atomically using the WOETH contract, hence making OETH pools valid sources of liquidity for liquidators.

2.4 Growth

Source: Dune, October 2nd, 2024

The number of WOETH users has seen an important increase since the beginning of June 2024 and has maintained this activity level ever since. This sudden growth might coincide with the successful obtainment of an LTIPP grant from the Arbitrum Foundation of 185,000 ARB tokens.

3. Technological Risk

3.1 Smart Contract Risk

Audits

The codebase for WOETH, fully open source and open to contributions, is mostly based on the OUSD codebase, which has already benefited from numerous audits. Furthermore, the transition from an LST index to a pure LST resulted in the simplification of the codebase, which ultimately helped reduce the attack surface. The complete list of audits can be found in the OriginProtocol documentation. Here are the three most recent audits of OETH:

• Perimeter (March 25th, 2024)
• OpenZeppelin (June 11th, 2024)
• OpenZeppelin (August 9th, 2024)

In addition, OriginProtocol also has an ongoing agreement with OpenZeppelin and yAudit to review all of their code changes through PR reviews. LlamaRisk independent report, dated August 2024, is also cited.

Bug bounty

A 1,000,000$ bounty is active on ImmuneFi, covering OUSD and OETH products. This amounts to almost 1% of the total OETH TVL.

3.2 Price Feed Risk

The OETH/ETH oracle, an EACAggregatorProxy contract, is used as a trusted proxy (only access-enabled addresses) for updating price feeds fetched from an underlying Chainlink aggregator (a receiver contract for periodic data updates).

The Origin team indicated that potential consumers of the oracle should contact Chainlink before implementing and relying on the oracle, which they have facilitated for their other integrations with Morpho and Silo Finance. In Silo’s case, a custom oracle is used in their WOETH, ETH, USDC.e market which computes WOETH value by converting WOETH to OETH using the Chainlink WOETH-OETH exchange rate and hardcodes OETH 1:1 with ETH.

Given this utilization and further confirmation from the team, OETH is also treated as 1:1 with ETH in the OETH/ETH oracle. One possible risk vector noted by Silo was that “hardcoding OETH to ETH might prevent liquidations if OETH loses its peg to ETH”.

Additional OETH oracles are also provided by Tellor and DIA.

3.3 Dependency Risk

Origin protocol integrates with the SSV Network to manage validators and staking operations. The NativeStakingSSVStrategy contract shares functionalities with other OETH contracts, with functions such as collectRewardTokens to gather both consensus and execution rewards and checkBalance to view the amount of ETH backing the strategy. Execution rewards are collected in the FeeAccumulator contract, which includes transaction fees and MEV rewards, whereas consensus rewards are sourced from the Beacon Chain.

SSV Network has over $3.6B in TVL, 1.1M ETH staked, 34,507 validators, and 771 registered operators. In the SSV Network, OriginProtocol has two clusters, each with four operators. All operators are P2P, although in different geographic locations, which currently has a 2.21% network penetration:

• Cluster 1: 500 validators
• Cluster 2: 252 validators

Although SSV Network provides redundancy through an N-of-M keyshare scheme (DVT), using a single node operator (P2P) might nevertheless represent a single point of failure that cancels out the benefits of DVT. Furthermore, all servers are in a limited geographical area of France, Germany, Luxembourg, and the Netherlands.

The SSV audit history can be found here.

4. Counterparty Risk

4.1 Governance and Regulatory Risk

xOGN holders control all protocol aspects, including the yield generation strategies, the fee collection and distribution, and contract upgrades. Proposals are first discussed on the Discord server of the protocol. A temperature check is then done off-chain through the Snapshot.org space with an ERC-20 vote with override strategy and a quorum of 20% of the circulating supply.

The Origin DeFi Governance contract is the entry point for any on-chain protocol changes. Anybody with at least 100,000 xOGN can create a new on-chain proposal. After a proposal is created on-chain, anybody can call the queue() method, but the call will succeed only if the protocol has received enough positive on-chain votes. Finally, anybody can execute the transaction on-chain once the timelock delay has passed. Only xOGN holders can vote on proposals on-chain according to their voting power. Votes can be delegated for off-chain proposals only.

A minimum of 20% of the xOGN supply is required to reach quorum. All passing proposals are subject to the 48-hour timelock before being executed. Time-delayed admin actions allow users to exit OUSD or OETH if any malicious proposals are passed or the protocol changes in a way that users do not like. These conditions are similar to the ones seen previously in veOGV.

Other participation criteria include:

1. No minimum xOGN to vote on existing proposals, whether off-chain or on-chain,
2. at least 5,000 xOGN to create a Snapshot proposal and
3. 100,000 xOGN to create an on-chain proposal

4.2 Access Control Risk

All protocol contracts are controlled by the Timelock with a 48 hours delay. The role assignment is the following:

• CANCELLER: Origin DeFi Governance
• EXECUTOR_ROLE: Origin DeFi Governance
• PROPOSER_ROLE: Origin DeFi Governance
• TIMELOCK_ADMIN_ROLE: Timelock

The Origin DeFi Governance contract provides the following governance-related methods:

• propose() can be called by anybody with at least 100,000 xOGN to create a proposal on-chain.
• queue() can be called by anybody on an existing proposal that has received enough votes. The PROPOSER_ROLE of the timelock is checked, and the timelock delay starts.
• execute() can be called by anybody on an existing proposal. The EXECUTOR_ROLE of the timelock and the timelock delay are checked, ensuring that at least 48 hours have passed since the proposal was queued.

All off-chain and on-chain votes can be monitored on the governance page. On-chain votes show that almost all proposals are positively voted For by a 5/8 multisig controlled by the development team. If the previous vote shows a weight of 169.7m xOGN for this wallet (29.5% of xOGN circulating supply), one of the last votes indicates a weight of 322.6m xOGN, which is 49.2% of the xOGN circulating supply. Despite some serious decentralized processes (on-chain voting, timelock, decentralized frontend), most of the voting power remains in the hands of the development team, which could single-handedly steer the protocol in their chosen direction.

The 2/9 Guardian multisig is tasked with day-to-day administrative tasks necessary for the protocol to function properly. In comparison, the 5/8 Admin multisig both cast votes on behalf of the development team and manages validators on the SSV Network.

Note: This assessment follows the LLR-Aave Framework, a comprehensive methodology for asset onboarding and parameterization in Aave V3. This framework is continuously updated and available here.