[ARFC] Deploy Aave v3 on X Layer

1. Asset Fundamental Characteristics

1.1 Asset

xETH is an ERC-20 wrapped representation of native ETH on X Layer that targets a deterministic 1:1 conversion model, where issuance and redemption are operationally tied to OKX custodial infrastructure.

The backing ETH is held in a designated locked reserve address controlled by Aux Cayes, a Seychelles-registered OKX affiliate that serves as the contracting/service-providing entity for certain users on the OKX platform.

1.2 Architecture

xETH architecture is a 1:1 wrapped-ETH system where every xETH in circulation is issued only after native ETH is received into a segregated locked reserve address, and every ETH release is permitted only after a verified on-chain xETH burn of the same amount.

image1615×257 61 KB

Operationally, this is enforced through separated MPC roles (mint, burn, and admin), an internal verification engine that validates inbound/outbound flows against strict mint/burn invariants.

The OKX team claims that they reserve 3–5% of user-deposited ETH as liquidity to support the exchange’s fast redemption feature, which allows users to redeem their underlying tokens instantly without waiting for the unbonding period.

The core components of xETH include:

• xETH: an ERC-20 contract for X Layer wrapped SOL. Inherits from the xToken contract.
• Reserve Address: EVM-based address that stores underlying ETH.
• Mint & Burn Controller: MPC that controls xETH minting and burning operations.
• TimelockController: Manages sensitive admin functions.
• Authorized Receiver: Dedicated address that receives newly minted xETH.
• Admin: MPC that manages updates and controls transfer restrictions/blacklisting.
• ProxyAdmin: Can modify contract parameters or implement xETH upgrade.

An internal verification engine monitors and enforces the minting and burning of 1:1 ETH from OKX exchange addresses.

Reserves

image1593×667 35.4 KB

xETH reserves are fully backed by an ETH reserve held in a single on-chain address. As of the latest update, the reserve balance is ~3,435 ETH, while the total xETH supply is 3,434 xETH, all issued on X Layer. The X Layer team has also indicated that a formal Proof of Reserves implementation is planned to strengthen ongoing verification of backing.

1.3 Tokenomics

The current xETH token supply on X Layer is approximately 3,434 xETH, corresponding to roughly 3,435 ETH available on the Ethereum network as reserve backing.

1.3.1 Token Holder Concentration

image1174×781 58.3 KB

xETH holdings are currently highly concentrated, with the top 5 addresses controlling almost 98% of the supply:

• OKX (Hot Wallet): 2,208.0924 xETH (64.29%)
• OKX (Deposit): 577.0437 xETH (16.80%)
• Uniswap V3 LP (USDT0/xETH): 228.0712 xETH (6.64%)
• OKX (Hot Wallet): 177.6520 xETH (5.17%)
• Uniswap V3: 168.6269 xETH (4.91%)

2. Market Risk

2.1 Liquidity

image621×684 31.9 KB

A swap transaction of 25 xETH into USDT0 returns about 46.0k USDT0, with the interface flagging a high price impact of -7.58%. Additional liquidity has been committed to support onboarding, with $2M for xETH/USDT0 pools, respectively.

2.1.1 Liquidity Venue Concentration

All observable on-chain secondary liquidity for xETH is currently concentrated in Uniswap pools. In the primary venue (USDT0/xETH), the pool size is approximately $830k, with an additional correlated venue in the xBETH/xETH pool at approximately $659k TVL.

2.1.2 DEX LP Concentration

The USDT0/xETH Uniswap pool appears to be liquidity-seeded primarily from OKX-controlled wallets. Debank LP analytics also indicates that an independent LP set has not yet formed, consistent with early-stage, centrally seeded liquidity.

2.2 Volatility

image1193×640 50.8 KB

image1138×631 46.8 KB

xETH on X Layer has a limited observable trading history, so there is not yet a long time series to evaluate behavior across multiple market regimes. Within the available window, pricing remains tightly aligned to ETH, consistent with the intended 1:1 peg mechanism and the current reserve-backed design.

2.3 Exchanges

X Layer xETH currently has no CEX listing.

image1861×381 49.5 KB

xETH is not currently listed on any centralized exchange. By contrast, ETH itself is one of the most liquid assets on OKX, supported by deep spot turnover in its core quote pairs. In the last 24 hours, the ETH/USDT market processed approximately 133.9k ETH of volume, indicating substantial two-way liquidity and a high-capacity venue for large ETH conversions.

image1882×323 41.1 KB

image1056×495 28.4 KB

Source: ETHUSDT perp market, OKX, February 18, 2026

The perpetual market for ETH is active on OKX, with trading spread across three primary contracts: ETHUSDT, ETHUSD CM, and ETHUSD UM. At the time of observation, ETHUSDT perps recorded approximately €6.63B in 24-hour turnover, while ETHUSD CM perps recorded approximately €266.6M, indicating material derivatives activity and a high-capacity venue for hedging and rapid risk transfer beyond spot markets.

2.4 Growth

image1055×727 41.6 KB

xETH remains in an early-stage growth profile. Based on the current market tracker snapshot, its market cap is approximately $6.87m, with reported daily volume around $250k. The market cap series shows a step-change shortly after initial availability, followed by a sustained drift lower from the initial peak and a recent stabilization in the mid-single-digit millions, consistent with an initial seeding phase and then limited incremental inflows.

3. Technological Risk

3.1 Smart Contract Risk

xETH is covered within the broader xAsset audit scope: OKX’s security team audited the xAsset codebase internally, and Zellic and MixBytes audited it externally, so xETH is covered to the extent it uses that audited xAsset implementation.

• OKX internal audit (10 Dec 2025): 2 findings, including a low issue where the exchange-rate update rate limit could be bypassed, allowing two updates in the same block after inactivity.
• Zellic external audit (23 Dec 2025): 4 findings, no critical/high; one medium issue was a denylisted address still being able to use transferFrom via existing allowances (fixed). Two low issues: setReceiver could set a denylisted receiver (minting can be blocked), and exchangeRate() could return 0 before the first oracle update (fixed).
• MixBytes’ external audit (22 Jan 2026): reported no critical/high/medium issues and identified 8 low-severity findings (7 acknowledged, 1 fixed). Key low items include: (i) configureCaller() may reset a caller’s allowance without replenishment; (ii) role/ownership hardening gaps (unrestricted renounceRole/renounceOwnership).

3.2 Bug Bounty Program

xETH smart contracts are covered under a live OKG bug bounty program hosted on HackerOne with a max bounty of $1M.

3.3 Price Feed Risk

A Chainlink ETH/USD price feed is available on X Layer. The price feed has a 0.5% deviation and a 24-hour heartbeat.

3.4 Dependency Risk

xETH relies on OKX to effectively maintain a 1:1 custody of the underlying ETH custodied on OKX and on Ethereum. The ETH reserve creates an additional foreign network dependency, one that Aave has yet to deploy on. xETH does not call external unverified functions, calling only internal system functions.

4. Counterparty Risk

4.1 Governance and Regulatory Risk

This analysis is confined to the overview document provided and on subsequent clarifications from OKX, including OKX’s confirmation that xETH is governed by a dedicated wrapped-token user agreement applicable across all wrapped 1:1 assets.

Legal Construct

On the basis of the overview alone, xETH is most appropriately framed as a custodial, centrally administered “wrapped ETH” representation on X Layer, intended to be redeemable on a 1:1 basis against ETH purportedly held in a segregated “locked reserve address” under OKX-linked custody arrangements. As a matter of legal substance, this configuration aligns more naturally with a “tokenized claim” or “tokenized receipt” construct than with a bearer asset that embodies self-contained rights independent of an operator. The operational design described in the document—minting conditioned on ETH being received into the reserve address, burning constrained to MPC-authorised flows, and release of reserve ETH restricted to OKX-controlled withdrawal addresses—suggests that the underlying economic reality is a structured relationship in which (a) OKX (or the identified controller, Aux Cayes) retains control over the backing ETH, while (b) users hold an ERC-20 token that is intended to evidence an entitlement to redemption through OKX-managed processes, rather than a permissionless redemption right enforceable exclusively through smart-contract interaction.

OKX team confirms that “Tokenized Claim” is the appropriate characterisation of xETH. OKX further clarifies that acquiring xETH is treated as a “subscription” for a token that grants a legal, contractual right to claim ETH on a 1:1 basis with OKX under the wrapped token user agreement. Redemption is described as automated and triggered when a user deposits xETH into their OKX wallet, but OKX reserves rights to reject or delay redemptions under its terms of service (stated to be intended for flexibility in exceptional technical/liquidity scenarios).

OKX elaborates on the withdrawal scenario, i.e., when users “withdraw xETH,” the ETH they deposit is sent to an Aux Cayes–controlled segregated wallet to serve as the reserve pool for future ETH redemptions arising from xETH deposits.

Bankruptcy remoteness and segregation

The overview does not provide any express assurance of bankruptcy remoteness or insolvency-ringfencing. In particular, it does not state that the reserve ETH is held on trust for the benefit of xETH holders, that such reserve assets are legally insulated from the insolvency estate of Aux Cayes/OKX, or that a formal legal opinion, structured custody arrangement, or other insolvency-resilient framework has been implemented to preserve holder entitlements in the event of a bankruptcy or similar proceeding.

According to the OKX team, the reserve ETH is only technologically/physically separated via a dedicated wallet address exclusively used for the x-asset reserve pool and is not mingled with general operational wallets; however, legally, reserve and general assets are not distinguished.

Notwithstanding the absence of any trust arrangement or trust-language in the governing terms, OKX represents that it maintains the reserve ETH under an operational segregation model and further states that, in the event of insolvency, the reserve ETH would not be treated as forming part of the insolvency estate.

Eligible Users

At present, the overview does not clearly establish which user categories are eligible to subscribe for, or redeem, xETH. If any jurisdictional limitations apply or if access is segmented between retail and institutional participants, those constraints should be articulated explicitly by the OKX team.

According to the explanatory notes, the eligibility restrictions exist and differ by jurisdiction. For the currently targeted jurisdictions (Bahamas and Seychelles), OKX states there is no restriction based on user type (retail vs institutional). Eligibility conditions are not specifically documented in customer-facing terms; instead, the product is not offered to users who are not entitled to access it. Internally, eligibility is turned on/off by jurisdiction depending on legal review. OKX also states it is not its practice to disclose eligibility limitations in product documentation because such limitations may change over time based on strategic or legal decisions, with technology-based restrictions implemented as needed.

Regulatory Status

As to whether Aux Cayes is permitted to provide the services described in the overview, Aux Cayes Fintech Co. Ltd. is a Seychelles-incorporated entity regulated as a Virtual Asset Service Provider (“VASP”) under the Virtual Asset Service Providers Act, 2024 (the “VASP Act”), administered by the Financial Services Authority (the “FSA”).

Aux Cayes has submitted its license application under the transitional regime available to pre-existing VASPs that were operational prior to the commencement of the VASP Act, having filed by the statutory deadline of 31 December 2024. On that basis, Aux Cayes continues operating pursuant to the transitional provisions pending the outcome of its full license application.

Under the VASP Act and its accompanying Regulations, a VASP may carry on one or more regulated activities, including: virtual asset exchange services (exchange between virtual assets, or between virtual assets and fiat currency); transfer services (conducting or arranging transfers of virtual assets between wallets or accounts); safekeeping or administration of virtual assets or instruments enabling control over virtual assets (including wallet provider services); and participation in, or the provision of, financial services relating to an issuer’s offer or sale of a virtual asset.

Aux Cayes’ VASP registration status is further corroborated through a review of the FSA’s online registry.

OKX indicates that, while no standalone Seychelles perimeter memo was prepared specifically for xETH, a prior legal assessment was undertaken for xBTC and is intended to extend to xETH on a like-for-like basis under the Seychelles VASP Act, on the rationale that both BTC and ETH are treated as “virtual assets” without asset-specific differentiation or a higher regulatory classification for ETH under that Act. On this basis, OKX’s position is that xETH should not require incremental regulatory permissions beyond those applicable to Aux Cayes under its VASP licensing posture, provided the xETH programme mirrors the xBTC mechanics and disclosures, including that xETH remains a 1:1 fully backed wrapped representation, minting occurs only upon receipt of ETH, burning occurs upon redemption, and the underlying ETH is not staked, lent, rehypothecated, or otherwise deployed.

OKX notes that the same disclosure posture used for xBTC should be maintained for xETH, emphasising that redemption at 1:1 is available only through the OKX platform to eligible users, secondary on-chain transfers may occur without OKX control, xETH is non-yielding and conveys no governance rights, reserves are fully maintained and not deployed, and availability of minting/redemption remains jurisdiction-dependent and subject to regulatory constraints.

4.2 Access Control Risk

4.2.1 Contract Modification Options

A Role-Based Access Control system is utilized. The roles and their associated capabilities are outlined below:

MINTER_ROLE: Can mint and burn tokens, assigned to MPC 1.

DENY_LISTER_ROLE: Can pause/unpause transfers and manage the deny list, assigned to MPC 2.

DEFAULT_ADMIN_ROLE: Has admin privileges over Timelock, ProxyAdmin, and xETH, assigned to MPC 2.

TimelockController Roles manage sensitive admin functions through a timelock delay mechanism. assigned to MPC 2:

• PROPOSER_ROLE: initiates transactions to the queue.
• EXECUTOR_ROLE: executes transactions after a delay.
• CANCELLER_ROLE: can cancel pending operations.

Sensitive functions exposed by each role include

MINTER_ROLE:

• mint & burn xETH
• transferMinter relinquishes the role to a new account

DENY_LISTER_ROLE:

• pause and unpause all token transfers
• setReceiver determines where newly minted are sent
• addToDenyList & removeFromDenyList controls a permissioned Deny list that blocks addresses from sending/receiving tokens
• transferDenyLister relinquishes the role to a new account

DEFAULT_ADMIN_ROLE:

• All Deny List Role functions
• grantRole assigns roles to addresses
• revokeRole removes roles assigned to addresses

PROPOSER_ROLE:

• schedule schedules a single transaction (target address, value, and data).
• scheduleBatch schedules multiple transactions to be executed in sequence.

EXECUTOR_ROLE:

• execute triggers the actual call to the target contract once the delay has ended.
• executeBatch triggers a group of function calls.

CANCELLER_ROLE:

• cancel deletes a pending operation before it is executed.

These roles highlight the highly centralized controls that roles have key contract functions, i.e., minting, transferring, pausing, and determining where newly minted xETH are sent (and indirectly, access to the underlying ETH redemption right).

4.2.2 Timelock Duration and Function

TimelockController enforces a 3-day delay for upgrades and role changes.

4.2.2 Timelock Duration and Function

xETH uses an on-chain timelock for every smart contract upgrade. The token is behind a proxy, and the timelock owns the ProxyAdmin and holds DEFAULT_ADMIN_ROLE, so upgrades/admin changes must be queued, wait at least 72 hours, and then executed with on-chain logs.

image1358×284 48.2 KB

4.2.3 Multisig Threshold / Signer identity

MPCs are controlled internally by OKX; no external parties are involved in the management of control systems. Admin actions require internal review and senior management approval.

Note: This assessment follows the LLR-Aave Framework, a comprehensive methodology for asset onboarding and parameterization in Aave V3. This framework is continuously updated and available here.