LlamaRisk supports onboarding scUSD and scETH while recommending against scBTC due to low liquidity and limited price history. The meta assets issued by Rings represent deposits of USD, ETH, and BTC tokens, which generate yield within Veda’s BoringVault framework. The system’s architecture on Sonic creates an inherent cross-chain dependency as the protocol sends a portion of underlying assets from Sonic to the Ethereum mainnet. These assets are deployed across various yield farming strategies using protocols like Aave, EtherFi, Fluid, Lido, Morpho & Sky. When staked, some of the scTokens natively minted on Sonic are concurrently used to provide liquidity and yield in protocols such as Euler, Silo, Beets, Curve, and Uniswap v3.
This cross-chain structure introduces bridge risk and additional points of failure that could impact users’ funds, particularly during network congestion, bridge outages, or if any composing protocols are compromised. Stakeholders should recognize that onboarding scTokens integrates yield-farming tokens into the Aave ecosystem, exposing holders to evolving DeFi strategies and setting a precedent. Rings has self-imposed criteria for vault strategies (incl. fully audited protocols, >$100M TVL, >6 months deployment) but cannot guarantee future vault composition. scUSD and scETH vaults hold aTokens which present potential rehypothecation risks, which we suggest monitoring. Users should know withdrawal limitations, including a 5-day cooldown period and maximum 30-day maturity that may affect fund redemption.
The largest asset by TVL is scUSD (>$65m), followed by scETH (>$40m) and scBTC (>$20m). Liquidity for scETH and scUSD is significantly better, with multi-million dollar swaps possible within a 7.5% price impact, while scBTC liquidity is substantially more limited. scUSD and scETH have maintained reliable pegs to their underlying assets since December 2024 and are built on Veda’s BoringVault infrastructure and Thena V2’s codebase. Rings benefit from audited code foundations. The BoringVaults technology secures over $2B in assets for protocols such as EtherFi and Lombard.
Rings has an informal bug bounty with two previous payouts (non-critical issues), but we strongly recommend implementing a formal program to encourage responsible disclosure from whitehats.
Governance utilizes 4/6 multisigs managed by Veda and Paladin contributors. Various timelocks within a role-based system control each asset’s BoringVault contract set, with some EOAs having permissions to administer BoringOnChainQueue and BoringSolver contracts. Given the evolving nature of scTokens underlying and the potential offchain component required to updating their exchange rate, using market feeds is preferable.
Collateral Risk Assessment (Click to expand)
1. Asset Fundamental Characteristics
1.1 Asset
scETH, scUSD, and scBTC (collectively scTokens) are meta-assets of USD, ETH, and BTC issued by Rings Protocol on Sonic, an EVM-equivalent Layer 1. Based on a deposit and mint model, stablecoins, ETH, and BTC derivatives are used to mint scUSD, scETH, and scBTC, respectively.
Source: Rings App, Supported Assets
Assets can be deposited on Ethereum or Sonic. Assets from Sonic are bridged to Ethereum mainnet while scToken minting occurs on Sonic and Ethereum. Underlying assets are deposited into ETH Veda BoringVaults and then allocated to whitelisted strategies currently curated by Veda, Paladin, and Tholgar.
1.2 Architecture
Source: Rings Protocol Docs
scToken architecture is built on the Veda BoringVault contracts, with Rings deploying vaults on Ethereum and Sonic. All assets deposited into Rings go into BoringVaults, scUSD, scETH, and scBTC represent ERC-20 vault receipt tokens for their respective vault contracts. The architecture involves cross-chain components: the native Sonic bridge bridges the underlying capital between chains. In contrast, LayerZero bridges the vault shares for the corresponding vaults.
Source: Rings Protocol Docs, Collateral Vaults
Vaults are implemented either as Collateral Vaults or Staking Vaults. Collateral Vaults are Ethereum-based vaults that accept and deploy assets to whitelisted yield strategies in DeFi protocols. Staking Vaults are Sonic-based vaults that enable yield-bearing through scToken staking, deploying scTokens across various DeFi protocols.
Source: Rings Protocol Docs, Staking Vaults
Yields generated from vault strategies are distributed to a gauge contract (in the case of Collateral Vaults) or staked scToken holders (in the case of Staking Vaults).
Users who stake their scTokens receive stkscTokens, earning yields from scUSD, scETH, and scBTC. Yields are distributed through a weekly Merkle tree claim system or an ERC4626 wrapper (wstkscToken automatically compound yields).
Users can also lock their stkscTokens to receive veNFTs. Holders of veNFTs forfeit their yield-bearing abilities for voting rights to determine gauge distribution in exchange for protocol voting incentives.
BoringVaults
Source: Veda, BoringVault Architecture Overview
BoringVaults architecture consists of a set of key contracts that include:
BoringVault: A barebones vault contract that outsources complex functionality to external contracts.Manager: Rebalances the vault and whitelists strategies BoringVaults can use.Teller: Facilitates user deposits and withdrawals in/out of the BoringVault.Accountant: Provides a share price for Teller to price BoringVault shares via off-chain oracles.
1.3 Tokenomics
scTokens are minted on an equivalent basis, representing a basket of assets. The underlying assets backing each token are redeemable 1:1; if the backing assets lose value, then similarly, the scToken loses value on par.
There is no fee or time delay for minting scTokens. Redemptions offer an optional percentage priority fee payable and come with a 5-day delay; each asset has its withdrawal queue contract that manages redemptions.
The Teller and Accountant contracts can impose fees for minting and redemptions. The TellerWithMultiAssetSupport contract allows a sharePremium to be applied during deposits while the AccountantWithRateProviders contract calculates platform and performance fees during withdrawals. Limits placed include a 10% share premium cap and 10% increase and decrease limits on exchange rates (for redemptions)
Source: Rings Protocol Docs, veNFT Locking
Rings Protocol employs a fork of Thena 's ve(3,3) model. The ve(3,3) model used by other DEXs, such as Solidly, aims to incentivize efficient liquidity provision through directing emissions based on veToken votes in a gauge system.
Rings’ iteration of the ve(3,3) model only uses a simplified gauge system and delegation of voting power from the Thena codebase. Vault yields are used to mint for scETH, scUSD, and scBTC and sent to the gauge system contract. Holders of staked scToken can lock their assets for veNFT to participate in gauge voting (voting weight is equivalent to the duration of their lock). In return, veNFT holders receive bribes/vote incentives in exchange for their votes. Holders of veNFTs forfeit the yield from staked scAssets.
Risk Considerations
5-day delay: The negative implications of a 5-day redemption delay include the inability to access underlying assets from the Rings protocol promptly and uncertainty regarding underlying asset value. A long delay is highly unfavorable for liquidators, given their need to cover bad debts immediately. Asset price fluctuations during the cooldown window may result in insufficient liquidity once unlocked.
This delay may also make managing liquidations difficult if liquidators are unwilling to wait to cover bad debts, which Aave could be burdened with, limiting scToken liquidity venues to DEXs. The Rings team has informed us they intend to shorten the delay to 3 days.
1.3.1 Token Holder Concentration
| Description |
Value |
| Total Holders |
3,266 |
| Total scETH Supply |
20,210 |
| Top 10 Address Holdings |
94.37% |
| Largest Holder |
RamsesV3Pool (~26%) |
Source: Sonicscan, March 24th, 2025
The top 10 addresses hold a high concentration of scETH, approximately 94% of the total supply. As of March 24th, the largest address is a RamsesV3Pool contract, forked by Shadow Exchange. This core Ramses V3 contract is responsible for liquidity management, token swaps, and collecting protocol fees.
| Description |
Value |
| Total Holders |
7,617 |
| Total scUSD Supply |
66,267,043 |
| Top 10 Address Holdings |
80.7% |
| Largest Holder |
BeaconProxy (~28%) |
Source: Sonicscan, March 24th, 2025
The top 10 addresses hold a high concentration of scUSD, approximately 81% of the total supply. As of March 11th, the largest address is an Euler BeaconProxy contract, an EVault upgradeable instance for scUSD. The credit vault is governed by a ⅔ Multisig owned by MEV Capital. Governors can change the vault’s risk parameters. Supply to the vault is permissionless.
| Description |
Value |
| Total Holders |
405 |
| Total scBTC Supply |
289 |
| Top 10 Address Holdings |
98.69% |
| Largest Holder |
sonicLBTCv BoringVault (~41%) |
Source: Sonicscan, March 24th, 2025
The top 10 addresses hold a high concentration of scBTC, approximately 98.69% of the total supply. A large portion of scBTC’s supply (>41%) is held in a Lombard Sonic BTC BoringVault contract. The vaults Teller and Manager contracts are owned by Lombard, with a Lombard Security Consortium of 14 ‘digital asset institution’ members (e.g., OKX, Nansen, and Wintermute) making a transaction (e.g., deposits, minting, and redemptions) and governance decisions.
2. Market Risk
2.1 Liquidity
Source: OpenOcean, March 21st, 2025
DEX aggregator OpenOcean indicates that approximately 4320 scETH ($8.5M), 4.6M scUSD ($4.6M), and 1.4 scBTC ($118K) are available within a 7.5% price impact.
As shown in section 1.3.1, scBTC has the lowest available supply relative to the other scTokens and the lowest available liquidity.
2.1.1 Liquidity Venue Concentration
Sources of liquidity for each asset according to Coingecko:
scETH: Shadow Exchange, Beets, Silverswap, SwapX, Metropolis, Equalizer, and Curve
scUSD: Shadow Exchange, SwapX, Silverswap, and Curve
scBTC: Beets, SwapX, 9mm, and Shadow Exchange
2.1.2 DEX LP Concentration
The largest LPs for each scToken as of March 21st, 2025:
2.2 Volatility
Source: GeckoTerminal, scETH/WETH, March 22nd, 2025
According to Geckoterminal, scETH has remained close to WETH, trading at a slight discount over its short history (data from January 3rd, 2025).
Source: GeckoTerminal, scUSD/USD, March 22nd, 2025
Since the middle of February 2025, scUSD has mostly traded at a low discount close to the peg, however, according to Geckoterminal. Between February 22nd and February 24th, scUSD fluctuated more significantly between approximately +1% and -19%. The depeg during this period is likely explained by the market shock caused by the Bybit hack on February 21st, 2025. It should be noted that scUSD is not pegged to the US dollar.
Source: GeckoTerminal, scBTC/WBTC, March 22nd, 2025
Given the short history of scBTC, available data is too small to make inferences about the asset’s volatility.
2.3 Exchanges
No CEX currently supports scETH, scUSD, or scBTC.
2.4 Growth
Source: Dune x3research, scETH Supply
Source: Dune x3research, scUSD Supply
Source: Dune beg1, March 22nd, 2025
scETH, scUSD, and scBTC have shown positive early growth since their launch in December 2024. scBTC is the most recent asset added to Rings.
3. Technological Risk
3.1 Smart Contract Risk
BoringVault
Veda BoringVault contracts have been audited by Spearbit and by 0xMacro:
Among the issues identified and resolved by 0xMarco related to protocol design (e.g. rogue strategist risk and transaction delays), pricing, validation, error recovery, and roles.
Spearbit identified issues related to malicious strategies risk, reentrancy risk, minting of fake shares, and a potential exploit to harvest rewards. All findings were either fixed, acknowledged, or the concerned function removed.
The BoringVault Github repository can be found here.
Thena V2
OpenZepplin has audited Thena V2, a fork of Velodrome. Thena’s codebase is publicly available here. Since only the delegation of voting power and the gauge system have been used in the Rings protocol, an OpenZepplin report identified 1 critical, 4 high, and 6 medium relevant risks. All pertinent findings were either fully or partially resolved.
3.2 Bug Bounty Program
The widespread utilization of BoringVaults by protocols such as EtherFi and Lombard to secure over $2B in assets provides some security assurances for the underlying infrastructure.
For context, similar protocols in the ecosystem have established formal programs. Thena previously ran a $150k bug bounty program with Immunefi, though it is no longer active. Currently, Immunefi hosts a $100K bug bounty for the Velodrome codebase, which includes various smart contract components like LeafCLPool, RootCLPool, and related factories.
Rings maintains an informal bug bounty program that has already resulted in two payouts for identified issues (neither involving funds at risk). While this demonstrates a commitment to security, we recommend implementing a formal, well-advertised program to encourage responsible disclosure from whitehats.
3.3 Price Feed Risk
Chainlink offers both scUSD/USD and scETH/USD market price feeds.
We recommend against using the internal getratesafe() rate for price feeds due to the inherent risks associated with cross-chain dependencies and the reliance on off-chain computation methods for loss reporting. Instead, we favor using market-based pricing through Chainlink’s price feeds, which provide a more transparent, permissionless valuation mechanism.
3.4 Dependency Risk
3.4.1 Underlying Strategy Allocation
Rings implement self-limiting rules for strategy selection that may evolve based on market conditions and security considerations. These rules provide guardrails for the protocol’s risk management.
Rules for Collateral Vault (Ethereum):
- Fully audited strategies
- Must pass additional internal security due diligence
- Limited to lending or staking only
- Protocol TVL greater than $100M
- Deployed for more than 6 months
- Offering direct redeemability or an equivalent
- The vault cannot be more than 10% of the TVL of where it deposits
Rules for Staking Vault (Sonic):
- Fully audited strategies
- Must pass additional internal security due diligence
- Protocol TVL greater than $1M
- The vault cannot be more than 25% of the TVL of where it deposits
- Offering direct redeemability or an equivalent
- No strategies leading to excessive impermanent loss
In addition, Vault deposits capped at:
- 10% of a protocol’s TVL on Ethereum
- 25% of a protocol’s TVL on Sonic
New strategies are added through a controlled process. The Manager contract is responsible for rebalancing the BoringVault, with calls being made by a designated strategist. The Manager contract gates strategist calls to expose only the minimum functionality required for vault rebalancing. This is implemented through a Merkle verification system. Every rebalance call by a strategist must include a Merkle proof verifying that the vault permitted call content, effectively enforcing a whitelist of DeFi protocols or assets the vault can interact with. This logic is implemented in the ManagerWithMerkleVerification.
Losses are reported via an update to the share price at the smart contract level. If a loss is significant, the update will trigger an automatic pause of the contracts, halting deposits and withdrawals. At the same time, a determination is made regarding how losses will be handled, including potential socialization across users.
Below is a snapshot of strategies employed for scUSD as of March 24th, 2025. Most of to date information for all skTokens can be found here.
scUSD contract holdings
- Aave V3 (Sonic) - Supply USDC.e
- Aave V3 (mainnet) - Supply USDT and USDC
- Morpho (mainnet) - Supply to Steakhouse USDC, exposure to cbBTC, WBTC, wstETH and wUSDM
- Sky (mainnet), Staked into savings USDS
- Fluid (mainnet) - Supply GHO
Source: scUSD allocation, Debank, March 24th, 2025
stkscUSD holdings
Source: stkscUSD allocation, Debank, March 24th, 2025
Bridges
In our analysis of Sonic, we identified that the Sonic Gateway had particular risk implications:
The primary network bridge (Sonic Gateway) is managed by a 2/4 Safe owned by Sonic Labs. This introduces significant risk and centralizes critical infrastructure into Labs’ hands. This Safe may change signers and thresholds, change ownership structures, and execute specific transactions.
This dependency similarly exposes scTokens to additional trust assumptions given the utilization of bridges as a key component in scToken architecture; bridges are expected to operate consistently and, in the case of a decentralized bridge like LayerZero, have sufficient trust minimization.
on LayerZero Bridge
The Teller contract is an OApp Standard that allows users to deposit assets, mint shares, and transfer them across chains based on Accountant provider rates. The LayerZero V2 OApp implementation provides a message-passing interface, allowing arbitrary data to be sent and received across chains.
LayerZero-Specific Functions:
_lzReceive(): Handles incoming messages from LayerZero
_lzSend(): Sends messages via LayerZero
_quote(): Gets fee estimates for cross-chain messages
Uses LayerZero’s OptionsBuilder library for constructing message options
Main trust assumptions include:
Contract authority, TimeLocker could pause withdrawals or block addresses
Accountant rates: rate providers are accurate/honest about pricing
LayerZero Validators: honest non-colluding validators, relay attacks or censorship
Potential Risks
Bridge risk, minting delays, failures, or incorrect calculation.
Rate manipulation
Blocked/delayed withdrawals
Vault aTokens
Source: scETH Vault Underlying Assets, Octav, March 21st, 2025
Source: scUSD Vault Underlying Assets, Octav, March 21st, 2025
The composition of scETH and scUSD vaults includes aTokens (aWETH, aUSDC, and aUSDT). The underlying assets would be rehypothecated by onboarding these tokens, given their initial Aave deposits.
This is relevant because assets backed by aTokens could expose Aave to liquidity shortages in scenarios where supply utilization is high. Under these conditions, if liquidators need to redeem underlying assets to cover bad debt, the increased demand could strain available liquidity further, making it difficult to recover funds efficiently. This highlights a potential risk for the protocol during market stress or high demand for redemptions coupled with the need for liquidations.
A 50% supply cap based on underlying assets should be set to minimize liquidity risks from rehypothecation. Using the most significant underlying asset at current market conditions (as of March 21st, 2025):
- scUSD supply cap: $7.2M (from Steakhouse USDC $14.39M)
- scETH supply cap: $6.7M (from weWETH $13.31M)
- scBTC supply cap: $17M (from wBTC $34.95 M)
4. Counterparty Risk
4.1 Governance and Regulatory Risk
Rings does not have a DAO. While mention of the PAL token being migrated to perform this task is noted, all operations are currently handled by a core team. This places significant assumptions on their continued compliance and capacity to operate the protocol. This presents a large risk.
Users can participate in governance by choosing to lock stkscUSD. In return, they receive vestkscUSD, a veNFT that grants governance privileges. Although this locking process means relinquishing any direct staking yield of stkscUSD, holders of the veNFT can earn rewards through voting incentives. Those rewards will be administered via Quests integration, which is still under development as of the date of this report.
At the time of this assessment, the team is revising its Terms and Conditions to better reflect and accommodate potential implications under the MiCA Regulation. The Rings team has also sought input from the French financial markets regulator, the AMF, regarding the protocol’s structural features. As the principal developers maintain open communication with the AMF, a more comprehensive legal review will occur once the revised legal documents are finalized and any guidance from the authorities is implemented in the Rings protocol and user interface.
4.2 Access Control Risk
4.2.1 Contract Modification Options
The Rings Protocol is built on Veda BoringVaults operating on Sonic and follows a fork of Thena’s ve(3,3) model. In this architecture, a series of permissioned contracts control scToken minting and protocol modifications. Key controlling entities include:
- Multisig Admins & Proxy Safes: On Sonic, 4/6 multisig wallets serve as proxy safes that hold key governance roles—
PROPOSER_ROLE, EXECUTOR_ROLE, and CANCELLER_ROLE—which control sensitive actions (e.g., pausing, managing vault positions, or updating important parameters) via Timelock controllers and other core contracts.
- Strategists: Designated strategist entities execute critical calls to Manager contracts (e.g., vault rebalancing or refunding assets from questionable deposits).
Sonic Network Addresses (scBTC, scETH, scUSD):
The main Sonic contracts relevant for scToken minting and governance include:
- RolesAuthority Contracts: These contracts enforce role-based access control for high-risk function calls and are governed through Timelock contracts.
- TimelockControllers: Protocol changes are secured by a 24-hour timelock via the following controllers:
- BoringVault Contracts:
- Teller Contracts (for minting and burning):
- Accountant Contracts: These update vault share exchange rates. The
updateExchangeRate function is designed with a maximum delay of 14 days between updates:
- Manager Contracts: These allow verified callers to execute management functions, such as rebalancing vaults, via an asset Merkle tree verification process:
- BoringSolver Contracts: These handle redemption and exchange requests for vault shares:
Additional controls on Sonic include multisig functions to pause and unpause the AccountantWithRateProviders, TellerWithMultiAssetSupport, and ManagerWithMerkleVerification contracts. In emergencies, a designated Strategist multisig may also invoke refundDeposit to recover assets from questionable deposits.
There are explicitly listed EOAs (Rings Deployer EOA and this unknown EOA) that have been granted permissions on BoringOnChainQueue (setAuthority, transferOwnership, rescueTokens & udateWithdrawAsset functions) and BoringSolver (transferOwnership, setAuthority, boringRedeemMintSolve, boringRedeemSolve functions).
4.2.2 Timelock Duration and Function
Within the Sonic governance architecture, all protocol modifications—including role updates and function pausing—are secured by a 24-hour timelock enforced by the TimeLocker contracts. In addition, the updateExchangeRate function in the AccountantWithRateProviders contract is subject to a maximum delay of 14 days between updates, ensuring gradual changes to share pricing.
4.2.3 Multisig Threshold / Signer Identity
On Sonic, the governance structure mandates that all multisig operations follow a 4-out-of-6 threshold. The signers are equally divided between Veda and Paladin contributors (a 3:3 split), ensuring that no single party can unilaterally alter critical parameters or execute high-risk functions without broad consensus.
Note: This assessment follows the LLR-Aave Framework, a comprehensive methodology for asset onboarding and parameterization in Aave V3. This framework is continuously updated and available here.
Given the evolving nature of scTokens underlying and the off-chain component to updating their exchange rate, using market feeds is preferable.
This review was independently prepared by LlamaRisk, a community-led decentralized organization funded in part by the Aave DAO. LlamaRisk is not directly affiliated with the protocol(s) reviewed in this assessment and did not receive any compensation from the protocol(s) or their affiliated entities for this work.
The information provided should not be construed as legal, financial, tax, or professional advice.
