1. Asset Fundamental Characteristics

1.1 Asset

STONE on Scroll is a Liquid Restaking Token (LRT) with advanced allocation strategies launched by StakeStone in March 2024. It is a re-pricing token whose exchange rate against ETH is determined based on the amount of ETH derivatives held in the STONE protocol. More specifically, STONE is a yield-bearing asset whose yield is the sum of the native Ethereum consensus yield, re-staking yield from EigenLayer and Symbiotic, and potential other yield generation venues. It currently offers a 2.81% yield, with $495m / 178k ETH in the protocol.

Source: StakeStone Portfolio Allocation, September 4th, 2024

The yield is generated through different asset allocation strategies that are decided through the OPAP (Optimizing Portfolio and Allocation Proposal) mechanism. Proposals are created to create a Strategy Pool, a segregated pool of assets implementing a specific strategy. The weight given to each Strategy Pool ensures that any loss of funds remains limited to the amount of asset allocated to that pool.

So far, 9 proposals have been made with 8 passing. See the above diagram for the allocation as of August 29, 2024. Only the StakeStone team can make proposals, but it is mentioned that this will be transitioned to a DAO soon. It is important to note that re-staking strategies are, for now, highly speculative and that some strategies involve using poor quality collaterals such as BETH.

STONE is made an omnichain fungible token through LayerZero, which allows the asset to be bridged between networks with reduced friction. STONE is never burned on its source chain, and collateral can only released once bridged back to aid redemption stability. It is live on 17 chains, including Ethereum, Arbitrum, Sei, and Scroll.

The largest holder of the asset is a Tranchess STONE fund, which ends in October 2024.

1.2 Architecture

Source: StakeStone documentation, September 4, 2024

The StakeStone protocol aggregates the yield earned from different yield-generating venues transparently for users. This is achieved by distributing the ETH deposited into the protocol into each of the StrategyPool according to their assigned asset allocation weight, which is decided by the OPAP contract.

The process can be summarized as follows:

1. The user deposits ETH into the StakeStone Vault contract and gets STONE tokens in returns according to the current internal exchange rate.
2. An off-chain service allocates the ETH sitting in the StakeStone Vault contract to the different StrategyPool contracts according to their asset allocation weight set through OPAP parameters. It may imply sending the asset to StrategyPool contracts on other chains.
3. Users may wish to withdraw their ETH at any time by burning their STONE tokens without incurring a fee from the StakeStone Vault. The StakeStone Vault currently holds 906 STONE.

Users should note that until TGE, their repository will remain private, though this architecture may be verified through block explorers.

1.3 Tokenomics

StakeStone does not have a DAO with a governance token, but one is planned shortly. This DAO will be tasked with making OPAP proposals and voting for them. The documentation mentions that those proposal deployments will be fully on-chain. Currently, only the team-controlled address 0xc52d678f99bfc43ae777a16a79b78db571a3e2a1 can make OPAP proposals, and those proposals are deployed in an off-chain manner, meaning that the teams retain full control over what gets deployed and when.

The vast majority of STONE is held on Ethereum (174K) with large amounts on Manta (10K), while the asset has most velocity on Ethereum and Scroll. Scrollscan reports 130K STONE, although this amount is largely held on mainnet (via LayerZero).

image2790×1496 153 KB

Source: LayerZeroScan (September 4, 2024)

2. Market Risk

2.1 Liquidity

Source: ODOS, September 4, 2024

STONE on Scroll is most liquid on Nuri exchange, STONE’s partner DEX. For reference, the weETH market of the Aave Scroll instance is maxed out with 16K deposited, and 1.6K weETH borrowed. The asset has 27,300 weETH on the network. Deposits of the asset are at their cap, indicating that more would be deposited should it be lifted. We believe that the same is true for STONE, given the circulating supply of the asset, but liquidity for STONE should first increase before considering a larger supply cap.

2.2 Volatility

image2936×1158 307 KB

Source: Coingecko Terminal, Nuri STONE/WETH (September 4, 2024)

From the end of July 2024 to the beginning of August 2024, the secondary exchange rate for STONE remained relatively flat and gradually increased after that. It currently trades slightly above ETH at 1.0248. It hasn’t suffered from any short or long-lived depeg event.

2.3 Exchanges

image2620×1136 435 KB

Source: Coingecko, September 4, 2024

STONE is mostly paired with WETH, with more than 50% of the volume being found on Ethereum mainnet. Most liquidity is found on Scroll, with 2400 STONE available to be liquidated within a 7.5% price impact on ODOS.

2.4 Growth

3. Technological Risk

3.1 Smart Contract Risk

The StakeStone protocol has received a total of 7 audits:

• Secure3 (March 18th, 2023)
• Secure3 (August 14th, 2023)
• Veridise (December 15th, 2023)
• SlowMist (December 18th, 2023)
• SlowMist (March 11th, 2024)
• SlowMist (May 7th, 2024)
• SlowMist (June 24th, 2024)
• SlowMist (July 9th, 2024)

SlowMist, a reputable auditor with only one entry on Rekt’s leaderboard, conducted the most recent audit of StakeStone. This audit resulted in fewer high-risk findings compared to earlier audits, indicating an improvement in the project’s security. StakeStone is currently working on implementing a bug bounty program, which will offer a maximum payout of $200K for smart contract bugs and $10K for frontend bugs. However, considering the protocol’s total value locked (TVL), the bounty amounts could be higher to attract more skilled security researchers. In addition to the bug bounty program, StakeStone has engaged in audit competitions through Secure3, demonstrating their commitment to ensuring the security of their platform.

SlowMist Audit Report - EigenLSTRestaking.pdf

3.2 Price Feed Risk

STONE on Scroll has a STONE/ETH Chainlink price feed with a 24-hour heartbeat and a 0.5% deviation threshold. This could be paired with an ETH/USD feed to allow Aave contracts to price the asset reliably.

3.3 Dependency Risk

The StakeStone protocol has multiple dependencies.

Liquid Staking Protocols

The ETH users deposit into the StakeStone protocol and other Liquid Staking Protocols to generate yield. Most LST collateral is currently wstETH, though 7% is wBETH from Binance. wBETH is an asset with significant dependency, counterparty, and regulatory risks. Currently, wBETH is not on Aave. If STONE’s team can enter and exit wBETH as it pleases (given that the DAO has not yet matured), then there is no obstacle to them entering assets with significantly higher risk profiles to chase additional yield. While there is some framework detailing how yield will be generated that specifically states safety is the priority, it is difficult to verify if it is being used and there is no programmatic enforcement. There is a timelock documented with at least a 24-hour delay with many votes waiting 3-7 days to implement. Without verified OPAP contracts, this is impossible to verify. The example set primarily involves point farming, which has many inherent risks. Therefore, modifying STONE’s collateral presents the most significant risk to the Aave DAO.

Re-staking protocols

StakeStone re-stakes the LST it minted from the deposited ETH into different re-staking protocols, including EigenLayer (68% of the protocol’s asset), Symbiotic (7.1% of the protocol’s asset), and Mellow from Lido (23% of the protocol’s assets). Apart from the additional smart contract risks, failure to correctly perform the tasks required by the secured AVSs could put the re-staked assets at risk.

Future DAO selected strategies

Once the team relinquishes strategy control and the OPAP mechanism decentralizes, a DAO will allocate the ETH deposited into the protocol. Nascent DAOs face many problems, and managing an asset while establishing necessary frameworks may present significant risks. DAO participants might also lack the expertise required to gauge the risk of a strategy correctly. A risk assessment process similar to the one Aave used—with external risk providers — could help mitigate this risk.

Offchain services

StakeStone provides no details regarding the off-chain services it uses to allocate the deposited assets and eventually undelegate and unstake the assets needed to honor withdrawals.

4. Counterparty Risk

4.1 Governance and Regulatory Risk

The StakeStone team has full control over the protocol and can unilaterally change the deployed smart contract code and the underlying yield-generating strategies, including the LSTs used, the re-staking protocol used, and the choice of AVSs and underlying node operators. Only the team can make OPAP proposals and deploy them. No vote has ever received a no, and votes pass with as little as 6 STONE with no quorum, which is a security risk.

The team self-reports via LinkedIn is based in Singapore, which is known for being one of the friendliest jurisdictions to DeFi applications globally. But without regulatory clarity, uncertainty (and therefore risk) remains.

4.2 Access Control Risk

Because the codebase is not open-sourced and most contracts are not verified in blockchain explorers like Etherscan or ScrollScan, it is impossible to correctly investigate the access control systems in place in the StakeStone protocol. This forces us to rely on information communicated to us by the StakeStone team.

The StakeStone team mentions using Cobo MPC (Multi-Party Computation Wallet) as a permission management system. An MPC wallet differs from a Safe multisig in that each signer possesses a shard of the private key, and signatures are obtained through an off-chain distributed process where the main private key is never fully assembled. Using the Cobo MPC wallet makes it harder to verify signers and their actions over time.

Because the Cobo MPC wallet does not support contract deployments, the StakeStone protocol’s contracts on Scroll are deployed and owned by the StakeStone deployer address. This EOA can unilaterally renounce and transfer ownership to another address. Beyond deploying the protocol’s contracts, it can update the STONE cap on each chain. Therefore, this EOA also acts as an emergency management tool that could prevent exploits and abuse of the protocol.

We note that very few contracts are published and verified on block explorers like Etherscan (e.g., the StoneVault contract on mainnet), which reduces transparency and makes it harder for security researchers to investigate the protocol properly.

OPAP timelocks are documented, but deployer contract timelocks are not. Given that these contracts are not verified, these timelocks cannot be proven.

5. Aave V3 Specific Parameters

We use the recommended methodology for the supply cap to consider 2x the liquidity available within the liquidation bonus as a price impact. There are currently 2,400 ETH available with a 7.5% price impact. We usually select 10% of the supply cap as the borrowing cap — 480 ETH.

Although the STONE/ETH soft peg is relatively stable, we advise against using e-mode. This could be revised once StakeStone demonstrates a stronger track record, enhanced liquidity, and more decentralized governance processes are in place.

Note: This assessment follows the LLR-Aave Framework, a comprehensive methodology for asset onboarding and parameterization in Aave V3. This framework is continuously updated and available here.