1. Asset Fundamental Characteristics

1.1 Asset

Key Statistics (as of February 11th, 2025):

• Circulating Supply: 67,251 pufETH
• Market Cap: $181m
• Current Yield: 3.25% APY
• Launch Date: January 31st, 2023.

Puffer Protocol is a native liquid restaking protocol (nLRP) built on Eigenlayer, meaning that Puffer manages the staking of the ETH deposited through permissionless validators itself. As a repricing token, the price of pufETH gradually increases against ETH over time. Users can deposit ETH, stETH, and wstETH to receive pufETH. The yield for pufETH comes from PoS rewards, restaking rewards from EigenLayer, and points.

There are two ways to redeem pufETH for ETH. The first one allows for an instant ETH redemption for a 1% fee (configured by the DAO and burned); however, this option is only available as long as the PufferVault has enough ETH liquidity. The second method is a fee-free two-step withdrawal process that takes a minimum of 14 days due to the EigenLayer withdrawal delay (14 days) and the Ethereum consensus exit queue.

1.2 Architecture

The Puffer protocol architecture revolves around the ability for independent Node Operators (NoOp) to run validators on behalf of Puffer permissionessly, in addition to the restaking ability with an EigenLayer integration and permissioned restaking node operators.

image1887×1110 438 KB

Puffer Protocol Architecture. Source: Puffer Docs

The process is straightforward for stakers, who deposit ETH into the PufferVault contract and get pufETH, the re-pricing LRT of the protocol, in return. Stakers can instantly redeem their pufETH for ETH by paying a 1% fee or through a free two-step process that takes a minimum of 14 days.

Puffer uses an innovative system to incentivize and reward NoOps. To run a validator, NoOps must provide either 1 or 2 ETH and a minimum of 28 VTs (Validator Tickets). Validator Tickets are minted by Puffer and sold to NoOps. They give NoOps the right to operate a validator for one day. To begin with, a new validator requires at least 28 VTs, corresponding to 1 month of operation. After that, the NoOp must top-up its balance and maintain a minimum of 4 VTs per validator to avoid having its validator exited from the consensus by Puffer. The price of VTs is set to equal the mean expected reward per validator/day on Ethereum minus a discount factor, which currently equals 10%. Effectively, NoOps must pre-pay 90% of the mean expected reward per validator/day 5 days in advance at a minimum and get to keep the remaining 10% for themselves.

Guardians

An important aspect of the protocol is the decentralized federation of Guardians, an off-chain service operated by community members related to Puffer. Guardians are essential to the continuous operation of the protocol. The need to operate off-chain services is true for all LSTs and LRTs. Their responsibilities include ejecting validators from the consensus layer, reimbursing them their bond if needed, verifying validator deposits, and provisioning them if they are valid. It is important to note that most if not all of those tasks will be possible onchain shortly, thanks to various network upgrades like EIP-7002, EIP-4788, and EIP-2537. With 8 members, a threshold of 7 approvals is necessary for any action.

Ticket pricing

Notably, the VT pricing mechanism is essential to the correct operation of the protocol. The price of a VT is equal to the expected reward per validator and per day discounted by factor D, which controls how much rewards a validator gets to keep after a given VT is consumed. During phase 1, the mean reward per validator is posted onchain by the Guardians through the ValidatorTicketPricer contract, and is updated every 12 hours or whenever a 10% MEV reward deviation is observed, or 5% deviation of consensus rewards is observed.

image682×118 5.84 KB

Source: Puffer documentation, February 11th, 2025

Considering a 3% staking yield and a 10% discount, a 1-ETH bonded validator would yield a 9.6% APY, and a 2-ETH bonded validator would yield a 4.8% APY, which is competitive compared to other sources of yield on ETH in Defi.

TEE innovation

Thanks to a grant from the Ethereum Foundation, the Puffer protocol has developed an innovative way to leverage TEE (Trusted Execution Environment) hardware components from node operators to increase the security of the protocol. TEE is a secure hardware component in which code execution is confidential and integrity is maintained. As such, even a malicious OS cannot temper with a TEE once it has been initialized with code. Only supporting Intel SGX for now, which accounts for most TEE in consumer hardware, a secure environment is created to host validator keys, create signatures using them, and prove to Puffer’s smart contract that a node operator is using such TEE for running validators.

By default, consensus clients manage validator keys themselves. However, remote signing is possible for increased security. Puffer uses this feature to perform validator signatures inside the TEE. Furthermore, additional verifications on the payload to be signed are made in the TEE, which protects against some slashing scenarios. However, the operation of a TEE by NoOp remains a trusted process, as nothing guarantees that NoOp is running them. This is why Puffer developed a mechanism called RAVe (Remote Attestation Verification) through which NoOp can prove to a smart contract that they are running a TEE with a specific code and data in a trustless way. NoOp opting in such a process can reduce their bond from 2 ETH to 1 ETH, doubling their yield per bond.

1.3 Tokenomics

PUFFER is the governance token for all Puffer products and services. The total supply is capped at 1B. It also has a vote escrow governance mechanism (vePUFFER) that is used for voting and doesn’t require users to specify a lockup duration. The voting power increases over time, rewarding long-term engagement but resets upon withdrawal, incentivizing rigid lockups.

image1400×788 166 KB

PUFFER Distribution. Source: Puffer documentation, February 11th, 2025

Puffer has already distributed 85.5% of the 7.5% amount set aside for Season 1 of their airdrop, with the remaining tokens subject to a 6-month vesting period, which will conclude on April 14th, 2025. Season 2 has also started, with a total of 5.5% of the supply allocated for this round.

1.3.1 Token Holder Concentration

image2098×796 141 KB

pufETH Top 100 Token Holders. Source: Etherscan, February 11th, 2025.

The top 5 holders of pufETH as of February 11th, 2025, are:

• Zircuit: Restaking Pool - 19.28% of the total supply.
• Nucleus: unifiETH - 9.03% of the total supply.
• Karak Network: KpufETH - 7.68% of the total supply.
• Pendle: SY pufETH - 5.75% of the total supply.
• Puffer Finance: Puffer Protocol - 4.96% of the total supply.

The top 10 holders own 63.11% of the total supply. When considering the top 100 holders, this concentration increases to 90.31%.

2. Market Risk

2.1 Liquidity

image828×744 42.1 KB

pufETH/ETH swap within 7.5% price impact. Source: KyberSwap, February 11th, 2025

KyberSwap shows a user can swap up to 3220 pufETH ($8.09m) for USDT on Ethereum within a 7.5% price impact.

2.1.1 Liquidity Venue Concentration

Here are the top liquidity venues by TVL:

• Curve pufETH/wstETH: $12.05m of TVL
• Curve pufETH/wstETH: $3.319m of TVL
• Uniswap pufETH/WETH: $3m of TVL

2.1.2 DEX LP Concentration

Although EOAs hold large liquidity positions in the available liquidity pools, their numbers compensate. Here is the breakdown for the top 3 pufETH pools by TVL (as of February 11th, 2025):

• Curve pufETH/wstETH: The top liquidity provider is an EOA, holding 56% of the total liquidity.
• Curve pufETH/wstETH: ~75% of the total liquidity is held by an EOA.
• Uniswap pufETH/WETH: The top liquidity provider is an EOA, holding $638k (68% of the pool’s liquidity).

2.2 Volatility

image2800×1042 189 KB

pufETH Peg Monitor. Source: IntoTheBlock, February 11th, 2025.

pufETH has had issues maintaining its peg in the past, with a maximum depeg of -5.46% observed August 5th, 2924. Since its peg has improved, it still sits at approximately -0.1%. Although this can be due to low liquidity, we believe this continuous depeg to be related to the difficulty of redeeming pufETH for ETH in the protocol, which is either possible instantly through a 1% fee or takes at least 14 days using a two-step process because of EigenLayer.

2.3 Exchanges

pufETH is exclusively traded on DEXs and is not currently listed on any centralized exchange despite being backed by Coinbase Ventures and YZi Labs (prev. Binance Labs).

2.4 Growth

image1928×686 38.6 KB

Puffer TVL. Source: Dune, February 11th, 2025.

A massive decline in the total supply of pufETH was observed after October 14th, 2024, triggered by several key catalysts like Puffer Finance enabling withdrawals on pufETH, PUFFER token launch (end of airdrop season), and EigenLayer concluding its Season 2 Stakedrop and enabling transfers a couple of weeks prior in September 2024.

Once the airdrop season concluded, many airdrop farmers, including notable figures like Justin Sun, unstaked their pufETH, contributing to the rapid decline in its TVL. Since then, Puffer Finance has failed to maintain its dominance among other LRT protocols, and as a result, the TVL continues to decline to date. The pufETH market share of all LRTs restaking through EigenLayer currently represents a fraction of the total addressable market.

image1628×890 65.6 KB

LRT market share, Source: Dune, February 11th, 2025

Puffer has had two ongoing campaigns with the Season 2, but its incentives aren’t targeted towards pufETH directly.

New pufETH mints have been minimal, indicating a lack of demand.

image2806×884 113 KB

pufETH Total Supply Flows. Source: IntoTheBlock, February 11th, 2025.

3. Technological Risk

3.1 Smart Contract Risk

Puffer Finance has been audited multiple times by leading audit firms:

• Creed (May 1st, 2024)
• BlockSec (April 23rd, 2024)
• Nethermind (April 16th, 2024)
• Trail of Bits (March 25th, 2024)
• Immunefi (March 7th, 2024)
• Quantstamp (February 14th, 2024)
• SlowMist (January 29th, 2024)

The deployed smart contract code is verified on Etherscan, and the presence of these audits goes some distance in mitigating smart contract risk.

3.2 Bug Bounty Program

Puffer Finance does not currently have an active bug bounty program. Previously, they collaborated with Immunefi to launch Puffer Boost, an audited competition that ran from February 22nd to March 7th, 2024. The program offered a $50,000 guaranteed reward pool and an additional $200,000 for critical vulnerabilities. Throughout the audit, 14 valid vulnerabilities (categorized as medium or low severity) were identified. The program’s full scope can be found here.

3.3 Price Feed Risk

Chainlink recently deployed a pufETH/ETH feed. The update trigger parameters are set at a 0.5% deviation threshold and 24-hour heartbeat.

3.4 Dependency Risk

EigenLayer

While the concept of restaking is promising, it introduces inherent risks to stakers. These revolve around potential AVS slashing and additional smart contract risks. Puffer only relies on reputable restaking operators (ReOps) to operate its selected AVS. In the future, NoOp, which demonstrated excellent performance over time, will be able to become ReOp as well without DAO governance.

Base

NoOps must interact continuously with Ethereum to withdraw their staking rewards and VT tokens, which they need to operate their validators. Because of the significant cost associated with this, Puffer decided to move those operations to Base L2, where transaction fees are much lower. Base is still at stage 0 in the l2beat classification because it allows for the instant upgrade of its contracts, which could represent a risk for users. Furthermore, Base is owned by Coinbase, a US-regulated entity. As such, it must submit to US regulations, which can impact Puffer NoOps in the future.

4. Counterparty Risk

4.1 Governance and Regulatory Risk

PUFFER is the governance token of Puffer Finance. Holders can stake their PUFFER tokens for vePUFFER and gain voting rights. The staking of PUFFER for vePUFFER gives continuous voting power to its holder. Redeeming vePUFFER for PUFFER takes at least one month because of an exit queue preventing certain types of governance attacks.

image1280×720 88 KB

Puffer DAO Governance Model. Source: Puffer Docs, February 11th, 2025

A minimum five-day discussion period allows community members to study the proposal on the Puffer Governance Forum. After the discussion period, the Puffer Governance Review Committee evaluates and finalizes the proposals for voting, which takes at least 2 days. The voting lasts seven days and occurs every Thursday at midnight UTC. A simple majority decides the quorum. A minimum warmup period of 3 days is required for vePUFFER to become active for a vote. Voting is exclusive to vePUFFER holders and is conducted through the [vote. Puffer.fi](vote. Puffer.fi) platform.

Legal Observations

Puffer’s Terms of Service describe the platform and technologies operated by a Cayman Islands foundation company that provides a website (Puffer.fi) and related functionalities. The Services themselves largely revolve around offering information, online tools, and technologies that connect to public blockchains without guaranteeing the execution or settlement of trades. In essence, Puffer makes a technological gateway available for users to explore decentralized networks but does not assume any role akin to a broker or fiduciary. If someone disagrees with the Terms, they must discontinue using the platform.

Within the Terms, there is a strict emphasis on lawful use. Puffer prohibits any conduct that disrupts, damages, or otherwise interferes with the Services or other users’ experiences. This includes bans on hacking attempts, probes of system vulnerabilities, or usage that breaches laws, regulations, or third-party rights. Users are similarly warned against any behavior that could expose Puffer or its user community to legal or security risks. Puffer reserves broad powers to restrict or terminate access in the event of misuse.

The Terms also contain comprehensive disclaimers, clarifying that the Services are provided “as is” and “as available.” Users are reminded that reliance on any information presented is at their own risk and that Puffer cannot guarantee continuous, uninterrupted, or error-free access. Any content from third-party sources on the platform remains the responsibility of the original contributor, and Puffer explicitly disclaims liability for errors, inaccuracies, or harm that might arise from such content. There is no promise of reliability, safety, or fitness for any specific purpose, highlighting that users should exercise independent judgment when using or relying upon the Services.

Moreover, users should be aware that Puffer’s liability is significantly limited. The company expressly excludes liability for indirect, incidental, or consequential damages (like lost profits or data), and it imposes a cap of one hundred dollars for any claims related to the use of its Services.

Finally, the Terms set forth a dispute resolution framework built around binding arbitration. Instead of going before a judge or jury, most disputes must be settled individually by arbitration, conducted under JAMS rules, with a short window for users to opt out. This ensures that users are aware they are giving up their right to a trial by jury and any opportunity to participate in class or collective actions against Puffer. The Terms make room for small claims court in certain instances and maintain an avenue to seek injunctions or protective orders in intellectual property matters. Users who wish to sidestep arbitration must do so within thirty days of their first use of the Services, thereby preserving the right to litigate in court for that limited period if they so choose.

4.2 Access Control Risk

4.2.1 Contract Modification Options

Here are the controlling wallets:

• AccessManager: keeps track of all roles and their assignation.
• Pauser Multisig: 1/12 Safe multisig.
• Community Multisig: 3/8 Safe multisig.
• Operations Multisig: 3/6 Safe multisig.
• Timelock: 7 days timelock.

The pufETH architecture is powered by the following contracts:

• pufETH: ERC20 contract for the pufETH token. Deployed behind a ERC1967Proxy contract controlled by the AccessManager.
• PufferVault: keeps track of all assets backing pufETH, and receives deposits temporarily and allocates assets to NoOps for staking. Deployed behind a ERC1967Proxy contract controlled by the AccessManager.
• PufferDepositor: allows for the swapping of deposited assets into ETH. Deployed behind a ERC1967Proxy contract controlled by the AccessManager.
• PufferOracle: receives proof of reserves from Guardians, which establishes a fair market rate for pufETH/ETH.
• EnclaveVerifier: receives proof from NoOp that they use remote signing with secure enclaves and the protocol’s slashing protection system.
• GuardianModule: keeps track of the guardians, their secure enclave proofs, and allow them to perform operations on the protocol.
• PufferModuleManager: keeps track of the different modules of the protocol. It is deployed behind a ERC1967Proxy contract that is controlled by the AccessManager.
• PufferModule: acts as a bridge between Puffer and EigenLayer by managing staking, delegation, withdrawals, and rewards for Ethereum validators. It is controlled by the AccessManager.
• PufferProtocol: central contract of the protocol, orchestrates the different components. Deployed behind a ERC1967Proxy contract, it is controlled by the AccessManager.
• RestakingOperator: deployed for each ReOp whitelisted by the protocol, it is controlled by the AccessManager.
• ValidatorTicket: responsible for minting and deployed behind a ERC1967Proxy contract that is controlled by the AccessManager.
• OperationsCoordinator: manages price updates for validator ticket (VT) minting. It is controlled by the AccessManager.
• AVSContractsRegistry: access control layer for the whitelisted AVS, it is controlled by the AccessManager.
• ValidatorTicketPricer: receives price updates for the Validator Tickets (VTs). It is controlled by the AccessManager.
• xPufETH: manages the issuance of pufETH on L2 networks. It deployed behind a ERC1967Proxy contract controlled by the AccessManager.
• xERC20Lockbox: locks pufETH on L1 to mint pufETH on L2, and conversely, on a 1-1 basis. The contract is immutable.
• L1RewardManager: manages the bridging of staking rewards to L2 (Base). It is deployed a ERC1967Proxy that is controlled by the AccessManager.
• WithdrawalManager: manages withdrawal requests from pufETH holders. It is deployed a ERC1967Proxy that is controlled by the AccessManager.
• RevenueDepositor: ensures that revenue deposits are controlled over time, preventing sudden fluctuations in pufETH exchange rate by the PufferVault contract. It is deployed a ERC1967Proxy that is controlled by the AccessManager.

The AccessManager contract handles the role-based controls for critical protocol functions, which includes the following role assignation:

4.2.2 Timelock Duration and Function

Puffer Finance has a 5-day timelock configured on the AccessManager contract to slow down role assignment. It also has 7 days Timelock, which is the admin of the AccessManager contract.

4.2.3 Multisig Threshold / Signer identity

The Operations Multisig, which handles critical roles like withdrawal finalizer and revenue depositor, has a 3/6 threshold. The Community Multisig, which can censor the Operations Multisig and act without delay, has a 3/8 threshold. Its signers include renowned members of the community who are aligned with Puffer’s mission. Finally, the Pauser Multisig has a 1/12 threshold.

Note: This assessment follows the LLR-Aave Framework, a comprehensive methodology for asset onboarding and parameterization in Aave V3. This framework is continuously updated and available here.