Overview
Chaos Labs supports listing LsETH on Aave’s Ethereum V3 Core instance. Below is our analysis and initial risk parameter recommendations.
Liquid Collective
Liquid Collective is an enterprise-grade liquid staking protocol designed for regulated and institutional participants. Unlike many permissionless staking solutions, Liquid Collective is built from the ground up with a compliance-first approach by incorporating KYC/AML gating. It is a multi-chain protocol, with products on both Ethereum and Solana.
Liquid Collective is developed and maintained by a group of leading web3 organizations and infrastructure providers. This includes Alluvial (the operating company supporting development), Coinbase Cloud, Figment, Kiln, Staked, Galaxy, Blockdaemon, Kraken and other node operators, custody providers and ecosystem contributors. Governance design and advisory support is provided by Reverie.
The protocol is governed by a broad collective of stakeholders through The Liquid Foundation, which acts as an independent steward to guide the protocol’s long-term sustainability and decentralized evolution.
The stated mission of Liquid Collective is to build the most trusted and secure liquid staking standard, a protocol that institutions can safely adopt to participate in proof of stake networks without compromising on compliance or security. The protocol seeks to address the lack of viable institutional liquid staking solutions by offering an architecture that satisfies both enterprise grade requirements and web3 composability standards.
Liquid Collective explicitly targets regulated institutions, digital asset treasuries (DAT), custodians, asset managers and enterprises, actors who are typically constrained from using existing liquid staking protocols due to compliance or security limitations. All users and participating platforms must pass KYC/AML verification and only approved platforms can mint and redeem tokens. This ensures that staking flows through trusted channels while allowing freely transferable LsETH to participate in DeFi post minting.
Technical Architecture
Liquid Collective’s technical architecture is engineered to meet the needs of institutions through a modular and upgradeable design. Its core components combine to enable liquid staking, enforce compliance requirements, support validator operations and facilitate gated minting and redemption flows for LsETH
Smart Contracts
At the heart of the protocol is the River smart contract, which orchestrates the staking lifecycle. KYC-verified users deposit ETH through approved, allowlisted Platforms and receive LsETH in return. These deposits are handled by the River smart contract, which delegates the ETH to a set of approved validators via the official Ethereum Deposit Contract. For redemptions, River coordinates with the protocol’s withdrawal and oracle systems to facilitate both full and partial redemptions.
Additional smart contract components include:
- Oracle: Receives validator balances from a quorum of Oracle Operators (every 24h) and reports this to River. This informs LsETH’s conversion rate and triggers redemptions from the withdrawal contract.
- Node Operator Registry: Manages the allowlist of approved Node Operators and facilitates round-robin ETH delegation.
- Allowlist: Enforces compliance by restricting mint and redemption access to verified wallet addresses.
- Withdraw Contract: Holds ETH received from validator exits, River pulls from this for redemptions.
- ELFeeRecipient: Collects execution layer fees (MEV, priority fees).
- Upgradeability: All core contracts follow the upgradeable proxy pattern.
Stake Management Logic
To manage staking inflows and outflows efficiently and minimize idle ETH, the protocol employs a layered queue and buffer architecture.
At the center of this system is the Redemption Queue, a first in first out (FIFO) mechanism that ensures redemptions are processed in the order they are requested.
Supporting the queue is the Redemption Buffer, which temporarily holds ETH earmarked for fulfilling redemption requests.
To supply ETH to the Redemption Buffer, the protocol uses a Withdrawal Stack, which draws funds from validator exits on the consensus layer or rebalances idle ETH from the Deposit Buffer. The Deposit Buffer itself holds ETH that is either awaiting staking or can be repurposed to satisfy redemptions, including deposits from users, accrued rewards, or slashing coverage reserves.
Altogether, this stake management logic enables Liquid Collective to dynamically allocate capital between staking and redemption needs.
Key Roles and Actors
Liquid Collective distributes protocol responsibilities across four key institutional roles.
Platforms
Platforms serve as the primary user interface layer, enabling access to LsETH staking. These are split into two categories. Minting/Redemption Platforms, such as Coinbase, handle core protocol interactions like ETH deposits and LsETH redemptions. They are responsible for conducting KYC/AML checks and submitting allowlisted addresses to the protocol. Secondary Platforms, such as DeFi protocols, facilitate indirect interactions like trading or lending without engaging in minting or redemption. All Platforms are required to uphold enterprise grade security and compliance standards.
Node Operators
Node Operators are responsible for running validator infrastructure. They must adhere to strict performance SLAs, operate across multiple cloud providers and regions and pass regular security audits.
Wallet & Custody Providers
Wallet & Custody Providers ****offer secure token storage, transaction signing infrastructure, and may also embed minting capabilities. Some may operate as Platforms themselves, while others function independently. Their role is especially critical for institutional users, ensuring compliant and secure custody of LsETH stakers across diverse operational setups.
Service Providers
Service Providers contribute to various support functions across the protocol stack, including technical development, governance architecture, security and decentralization tooling. Notable contributors include Alluvial (technical development), Reverie (governance design), Halborn (security audits), and Obol (distributed validator technology integration). Each of these actors plays a distinct but interconnected role in ensuring the protocol operates securely and in alignment with institutional standards.
LsETH
LsETH is Liquid Collective’s liquid staking token for Ethereum. It is a fixed-supply, rebasing asset that accrues staking rewards over time through an exchange rate mechanism, similar to cToken-style models. The token was launched on Ethereum mainnet three years ago and is designed to serve the needs of institutional participants seeking compliant exposure to Ethereum staking.
Market Capitalization
The supply of LsETH remained relatively stagnant for over a year, hovering between 80k and 100k tokens without experiencing notable growth. This stability shifted dramatically in July 2025, when LsETH began to see significant inflows.
Over the past two months, the total supply expanded from ~100k to ~335k LsETH, marking a 3.3x increase and reached $1.6 billion market cap. Importantly, the vast majority of this growth has been driven by Sharplink Gaming (NASDAQ: SBet), which began minting LsETH at scale during this period.
As a result, Sharplink now owns approximately 70% of the circulating supply of LsETH. While this concentration presents potential risks, it also underscores LsETH’s institutional positioning. Historically designed for institutional stakers, the protocol’s adoption by a public company with an ETH treasury strengthens its credibility and showcases alignment with its intended user base.
Liquidity
On-chain liquidity for LsETH has historically been extremely limited and this remains the case today. Since the inception of the token, only one pool has ever been created, which continues to serve as the sole venue for on-chain trades.
Currently, this pool holds approximately $2 million in combined liquidity between LsETH and WETH. Liquidity provision is highly concentrated, with a single large LP accounting for nearly all activity. This LP is linked to an address associated with LBank, an exchange and known partner of Liquid Collective. It is therefore reasonable to assume that LBank is providing market making services on behalf of the protocol.
Despite this support, the pool remains shallow. Swapping just 200 LsETH (~$1 million) into ETH incurs a 5.5% price impact, underscoring the lack of depth. Daily trading volumes average only $40–50k, further reflecting the token’s limited on-chain activity.
This highly constrained liquidity environment makes LsETH poorly suited as collateral for uncorrelated debt assets on Aave. The lack of sufficient secondary market depth increases the risk of slippage during liquidations, raising the likelihood of bad debt under stress scenarios.
Volatility
The market price of LsETH frequently deviates from its fair exchange rate, largely due to the persistent on-chain illiquidity discount. At times, these deviations have reached as much as ±6%, reflecting the difficulty of efficiently trading the token on decentralized venues.
Since July 2025, when additional liquidity was injected into the existing DEX pool, pricing has become somewhat more stable. However, LsETH continues to trade at a discount of 0.5–2% relative to its fair value.
This recurring deviation underscores the structural weakness of LsETH’s on-chain markets, even moderate trades can move the price materially, making it less reliable as a pricing reference or collateral asset.
Mint and Redemption
Permissioned Access
Minting and redemption of LsETH are strictly permissioned, reflecting Liquid Collective’s compliance-first design for institutional staking. Access to the protocol’s core contracts is controlled via a KYC/AML-based allowlist system managed by a designated Allowlister.
- The Allowlister is a trusted role within the protocol, responsible for granting participation rights to user addresses.
- Platforms (e.g., Coinbase Prime) that support minting and redemption perform KYC/AML checks on their users and submit verified wallet addresses to the Allowlister.
- Once added to the Allowlist, the user’s address is permitted to interact with the protocol’s minting and redemption functions.
This architecture enables Liquid Collective to meet enterprise compliance requirements while maintaining composability, LsETH is freely transferable and tradable once minted, but access to primary protocol functions is restricted to verified participants via approved platforms.
Minting Flow
LsETH minting is initiated via whitelisted Platforms that have been granted minting permissions by the Liquid Collective protocol (e.g., Coinbase Prime). These platforms perform KYC/AML checks and submit approved wallet addresses to the protocol’s Allowlist contract.
Once a KYC’d user initiates a deposit through an approved Platform, ETH is transferred from the user to the Liquid Collective River contract, where it is held in the protocol’s Deposit Buffer. As the Deposit Buffer accumulates ETH in 32 ETH increments, it is programmatically committed to Ethereum’s consensus layer to register new validators. The user receives LsETH at the protocol’s current conversion rate. The minted LsETH is then distributed to the user’s wallet via the Platform, and becomes freely transferable within the DeFi ecosystem.
Redemption Flow
LsETH redemptions are also permissioned and require the user’s wallet to be allowlisted. Redemption requests are initiated through approved Platforms, which interact with the protocol’s Withdraw contract and Redemption Queue to begin the three-stage redemption lifecycle.
1- Request:
User submits a requestRedeem call, surrendering LsETH and receiving a unique Redeem Request ID. The LsETH is burned or held pending withdrawal satisfaction.
2- Satisfaction:
The protocol attempts to fulfill the redemption from the Redemption Buffer, which is pre-filled via validator exits or ETH rebalanced from the Deposit Buffer. If liquidity is insufficient:
- The protocol triggers validator exits via Node Operators
- Exited validators enter Ethereum’s exit queue and are subject to withdrawal latency
- Upon exit, validator balances are automatically routed to the Withdraw contract
Historical data shows that ETH held in both the Deposit and Withdrawal Buffers has typically remained low, except during short periods following large mints that await batching into the Beacon Chain deposit contract. This pattern indicates that the protocol generally maintains minimal idle ETH, with the majority of backing deposited into Ethereum’s Beacon Chain.
3- Claim:
Once the ETH corresponding to the redemption is available, the user executes claimRedeemRequests, specifying the Redeem Request ID. The ETH is transferred to the user’s wallet.
Throughout the process, redemptions are executed at the conversion rate in effect at the time the request is made. Partial satisfaction is supported for large requests and the protocol maintains strict FIFO. Redemption requests are irrevocable once submitted, due to the non-cancelable nature of validator exits on Ethereum.
Slashing Coverage
Liquid Collective employs a multi-layered slashing coverage mechanism designed to mitigate the financial impact of validator slashing events. The program is available to all LsETH holders automatically, no additional action is required beyond holding LsETH, and is governed by a defined waterfall structure involving three components:
-
Nexus Mutual Coverage
Liquid Collective has partnered with Nexus Mutual to provide decentralized, third-party slashing insurance. The coverage dynamically scales with the protocol’s total Assets on Platform (AoP) and reimburses slashing losses up to a maximum of $5 million per incident, net of applicable deductibles. Deductibles are assigned based on the nature of the incident:
- For network-wide events (e.g., client bugs or global outages), deductibles are paid by the Slashing Coverage Treasury.
- For node operator specific incidents (e.g., infrastructure misconfigurations), deductibles are paid by the responsible node operator.
-
Slashing Coverage Treasury
The Slashing Coverage Treasury is funded by a fixed 0.30% allocation of all staking rewards and is used primarily to cover deductibles under the Nexus Mutual policy in the event of network wide slashing. The Treasury also serves as a backstop for losses exceeding Nexus Mutual’s $5 million limit or for events not covered by insurance. While the exact size of the Slashing Coverage Treasury is not publicly disclosed, on-chain data shows that the address which previously donated to the Treasury currently holds 84 ETH.
-
Node Operator Commitment
Each node operator supporting the Liquid Collective protocol is required to provide slashing deductible coverage up to 0.30% of the protocol’s AoP, capped at $5 million per operator. These funds are reserved for slashing losses caused by the node operator’s infrastructure. The coverage commitment is recalculated periodically based on the node operator’s pro-rata share of validators.
While slashing remains a non-zero risk in any Ethereum staking protocol, Liquid Collective’s approach is structured to minimize user impact and provide predictable recovery pathways in adverse scenarios.
Node Operator Set
Liquid Collective’s node operator set has evolved over time. Initially, the protocol launched with three node operators—Figment, Coinbase Cloud, and Staked—each responsible for running a share of the active validator set. As the protocol matured, two additional node operators, Blockdaemon and Galaxy, were added, bringing the total to five. At steady state, the validator set has been evenly distributed across these operators, with each managing approximately 2,300 active validators.
Recently, Liquid Collective onboarded a sixth node operator, Parafi Technologies. While Parafi’s current share of active validators remains minimal, the protocol is now directing the activation of all new validators to Parafi. This approach allows Parafi to gradually reach parity with the existing operators. The catch-up process reflects Liquid Collective’s round-robin delegation mechanism, which ensures that, over time, the validator set is evenly distributed across all node operators.
Client Diversity
Client diversity is a critical component of Ethereum validator resilience, particularly in mitigating correlated slashing penalty risks and inactivity leaks caused by faulty client releases or widespread network failure. As detailed in our Ethereum Slashing Penalties research post, reliance on a homogenous client set increases the risk of systemic validator downtime and associated penalties, issues especially relevant to protocols operating at institutional scale.
Liquid Collective’s validator set demonstrates a reasonably balanced distribution across both the Consensus Layer and Execution Layer:
- Consensus Layer: Prysm (41%), Lighthouse (39%), Teku (20%)
- Execution Layer: Geth (55%), Erigon (36%), Nethermind (9%)
This configuration avoids excessive reliance on a single client across either layer, with meaningful participation from three distinct clients on the Consensus Layer and three on the Execution Layer. Such diversity materially reduces the likelihood of correlated validator failures, particularly in the event of a client-specific bug or chain-wide incident.
In addition, Liquid Collective is actively collaborating with Obol to integrate distributed validator (DV) infrastructure across its operator set, a development that can further improve client heterogeneity and fault tolerance at the validator level.
We view this distribution as a positive indicator of infrastructure resilience. However, there is still room for improvement, particularly in reducing reliance on majority clients like Geth and Lighthouse. To further support transparency and informed risk management in downstream integrations like Aave, we encourage Liquid Collective to publishing and maintaining up-to-date client diversity metrics in collaboration with their node operators.
Risks
This section outlines key areas of concern relevant to Aave integration, focusing on supply concentration, on-chain liquidity limitations, and Ethereum staking-related slashing exposure. Where applicable, we highlight how Aave’s parameterization and protocol safeguards can mitigate these risks.
Supply Concentration
Over 70% of LsETH supply is currently held by a single entity, Sharplink. While this capital has not yet been deployed into Aave, such concentration raises potential risks. To mitigate these risks, we propose keeping LsETH non-borrowable on Aave and closely monitoring any capital deployment from this entity.
Liquidity
Despite a $1.6 billion market capitalization, LsETH exhibits limited on-chain liquidity, with approximately $2 million currently available across decentralized exchanges. This constrained DEX liquidity presents challenges for executing or liquidating large positions without incurring significant slippage, particularly under stress scenarios where rapid collateral liquidation may be necessary.
To mitigate this limitation, we are actively working to integrate OTC liquidity solutions for LsETH via Galaxy and FalconX, two of the largest OTC desks in crypto. This provides a reliable pathway to internalize liquidations and minimize adverse market impact, especially during periods of volatility or protocol stress.
While these OTC channels remain subject to pricing variability (often linked to Ethereum’s validator exit queue and cost of capital), they represent a critical layer of redundancy that complements on-chain liquidity. Once integrations are finalized, Aave will have access to LsETH liquidity in excess of what is visible on public DEXs.
Given these dynamics, we recommend maintaining conservative risk parameters for LsETH collateral usage until on-chain liquidity deepens. We will continue to monitor both DEX activity and OTC integration to inform future risk parameter updates.
Slashing
LsETH inherits Ethereum staking risks, including potential correlated slashing events stemming from faulty clients, validator downtime due to infrastructure failures and inactivity leaks triggered by consensus-layer bugs. These risks are partially mitigated through Liquid Collective’s slashing coverage fund and a reasonably diversified node operator set.
To assess the potential severity of these risks, we simulate one of the most damaging edge-case failures in Ethereum staking, a Consensus Layer Majority Client Bug scenario. This methodology mirrors the approach we used in our Staking Penalties on Ethereum research post.
Scenario Simulation: Consensus Layer Majority Client Bug (Finality Blocked, Inactivity Leak Triggered)
Impact Summary
- Impact Rating: Severe
- Projected ETH Loss: 32,122.95 ETH
- % of LsETH Stake: ~8.8%
- Impact on Aave: High — significant collateral drawdown, price deviation and potential bad debt.
In this scenario, if a critical bug affects a majority client such as Lighthouse (which currently holds a 40% share among Ethereum validators and 39% among LsETH node operators), the chain would enter a prolonged inactivity leak. Based on the current validator set size and client distribution, it would take approximately 13 days for the faulty validators’ stake to drop below the one-third threshold necessary to restore finality.
During this period, LsETH validators running Lighthouse would be unable to safely switch clients due to the risk of surround vote slashing. Their only viable option would be to remain offline and absorb penalties until finality is restored. This contrasts with Execution Layer bugs, where recovery paths are more flexible.
Over the 13 day period, LsETH validators operating Lighthouse are projected to lose 32,122.95 ETH, amounting to an 8.8% reduction in LsETH’s total ETH backing.
Downstream Effects on Aave
In the event of a Consensus Layer Majority Client Bug impacting LsETH, the projected 8.8% reduction in ETH backing would cause a sharp deviation from its 1:1 ETH parity. While penalties accrue gradually over a 13-day inactivity leak, markets are expected to front-run the backing loss, immediately pricing in the anticipated drawdown. As a result, LsETH’s market price would rapidly converge toward its post-penalty fair value.
This drawdown exceeds the 1 - E-Mode LT threshold, making Aave vulnerable to continuous arbitrage, where users borrow against overvalued collateral and exit with higher value assets. The integration of a Risk Oracle, capable of incorporating known staking penalties, would enable automated freezing of the reserve, preventing these reflexive second order effects and helping preserve protocol solvency.
While this scenario represents an extreme and improbable edge case in Ethereum staking, it serves to illustrate the maximum potential backing loss LsETH could incur under worst-case conditions. By contrast, other slashing risks — such as a single node operator going offline, key compromise leading to slashing, operator-level failures, or even Execution Layer bugs — are typically more contained, recoverable and well within the scope of existing safeguards. These incidents are expected to be seamlessly covered by Liquid Collective’s slashing coverage fund and third-party insurance mechanisms, offering robust protection for LsETH holders during normal operations. As such, they are anticipated to have limited downstream effects on Aave under standard market conditions and are therefore not covered extensively in this analysis.
Oracle/Pricing
LsETH uses a fixed-supply, rebasing model where staking rewards accrue via an internal exchange rate exposed through the underlyingBalanceFromShares method in the River contract.
To price LsETH in USD terms, Chaos Labs recommends the following oracle composition using a CAPO adaptor architecture:
- LsETH/ETH Exchange Rate
Use the River contract to retrieve the ETH value of 1 LsETH via underlyingBalanceFromShares method.
- CAPO Adapter
Implement a CAPO adaptor to track the LsETH/ETH exchange rate, with safeguards for staleness and large deviations.
- ETH/USD Feed
Use the existing ETH/USD price feed to convert the LsETH value into USD terms.
LT, LTV and Liquidation Bonus
Given the severely limited on-chain liquidity of LsETH, the proposed LTV and Liquidation LT parameters are intentionally set at minimal levels, 0.05% and 0.1% respectively. These values are designed to effectively restrict LsETH’s use as collateral in Aave outside of specific, controlled contexts. A 10% liquidation bonus is applied to account for the high potential slippage in the event of forced liquidations.
This configuration reflects a conservative risk posture, recognizing that current market depth is insufficient to support meaningful liquidation flows. With only ~$2 million in liquidity and over 5% slippage on $1 million trades, even small positions pose slippage risk. As such, LsETH should not be used as general-purpose collateral until there is substantial and sustained improvement in on-chain liquidity conditions.
Collateral usage is permitted only within E-Mode categories where LsETH is grouped with other ETH correlated assets. This enables composability with ETH-pegged tokens in a more controlled environment, while preventing broader protocol exposure to liquidation shortfall risk. Until liquidity improves, the collateral functionality of LsETH should remain tightly constrained.
Supply and Borrow Caps
Given the current state of LsETH’s on-chain liquidity and holder concentration, a conservative supply cap of 10,000 LsETH is proposed.
No borrow cap is set, as there is currently no meaningful use case for borrowing LsETH. The asset is not widely integrated across DeFi lending markets and demand for LsETH borrow positions is effectively nonexistent. In the absence of organic borrow-side activity and to avoid expanding Aave’s risk surface unnecessarily, borrowing remains disabled.
E-mode
We propose including LsETH in Aave’s ETH-correlated E-Mode category, alongside other Ethereum staking derivatives, to enable efficient leverage while maintaining controlled risk exposure.
While general purpose borrowing against LsETH is restricted due to its limited liquidity, E-Mode allows for capital-efficient strategies in cases where collateral and debt assets are highly correlated. This setup ensures that LsETH can participate in safe, one directional looped positions with ETH, without exposing the protocol to outsized liquidation risk from unrelated market moves.
CAPO
LsETH inherits staking rewards from Ethereum validation, with yield accruing through the protocol’s rebasing exchange rate every 24 hours. The effective yield reflects consensus-layer rewards, minus validator fees and any slashing events.
To ensure a robust and manipulation-resistant CAPO feed for the LsETH/ETH pair, we propose the following parameters:
maxYearlyRatioGrowthPercent: 5.26%, reflecting expected annualized net staking yieldMINIMUM_SNAPSHOT_DELAY: 14 days, to smooth short-term fluctuations and enforce consistency across oracle inputs
These settings ensure that the LsETH/ETH exchange rate feed used by the CAPO adapter accurately reflects staking economics while remaining resistant to manipulation or noise.
Specification
| Parameter |
Value |
| Asset |
LsETH |
| Isolation Mode |
N/A |
| Borrowable |
No |
| Collateral Enabled |
Yes |
| Supply Cap |
10,000 |
| Borrow Cap |
- |
| Debt Ceiling |
- |
| LTV |
0.05% |
| LT |
0.1% |
| Liquidation Penalty |
10% |
| Liquidation Protocol Fee |
10% |
| Variable Base |
- |
| Variable Slope1 |
- |
| Variable Slope2 |
- |
| Uoptimal |
- |
| Reserve Factor |
- |
| Stable Borrowing |
Disabled |
| Flashloanable |
Yes |
| Siloed Borrowing |
No |
| Borrowable in Isolation |
No |
| E-Mode Category |
ETH correlated |
E-mode (ETH correlated)
| Parameter |
Value |
Value |
Value |
Value |
Value |
Value |
Value |
Value |
| Asset |
LsETH |
weETH |
wstETH |
osETH |
rETH |
ETHx |
cbETH |
ETH |
| Collateral |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
| Borrowable |
No |
No |
No |
No |
No |
No |
No |
Yes |
| Max LTV |
93.00% |
93.00% |
93.00% |
93.00% |
93.00% |
93.00% |
93.00% |
- |
| Liquidation Threshold |
95.00% |
95.00% |
95.00% |
95.00% |
95.00% |
95.00% |
95.00% |
- |
| Liquidation Bonus |
1.00% |
1.00% |
1.00% |
1.00% |
1.00% |
1.00% |
1.00% |
- |
CAPO
| maxYearlyRatioGrowthPercent |
ratioReferenceTime |
MINIMUM_SNAPSHOT_DELAY |
| 5.26% |
monthly |
14 |
Disclaimer
Chaos Labs has not been compensated by any third party for publishing this recommendation.
Copyright
Copyright and related rights waived via CC0
