[ARFC] Onboard Strata srUSDe PT tokens to V3 Core Instance

Author: ACI

Date: 2025-12-01

---

Proposal has been updated with latest Risk Parameters by Service Providers on 2025-01-16

Summary

This proposal seeks to onboard the Strata srUSDe PT tokens to the Aave V3 Core Instance, after successful **[TEMP CHECK] Onboard Strata srUSDe January expiry PT tokens to V3 Core Instance.**

Taking into account timelines for onboarding we are targeting onboarding the next expiry after the January expiry PT token once they go live.

Motivation

Given both the popularity of PT token collateral on Aave and the adoption of the srUSDe PT token by LPs on Pendle, we believe this would be an attractive collateral token for Aave users.

We believe that Aave users would welcome the addition of a PT token from the Ethena ecosystem with circa 50% higher yields than sUSDe PT tokens at the time of writing.

Specification

Proposal has been updated with latest Risk Parameters by Service Providers on 2025-01-16

Initial E-Mode Risk Oracle

Linear Discount Rate Oracle

PT-srUSDe Stablecoins E-mode

PT-srUSDe USDe E-mode

Contract address to be updated once new expiry is live.

Risk Parameters

Risk parameters will be provided by Risk Service Providers and the proposal will be updated accordingly.

Useful Links

https://docs.pendle.finance/ProtocolMechanics/YieldTokenization/PT

Disclaimer

ACI is not directly affiliated with Pendle and did not receive compensation for the creation of this proposal. Some ACI employees may hold Pendle tokens.

Next Steps

1. Publish ARFC to get feedback from both community and Service Providers.
2. if ARFC Snapshot pass, publish an AIP vote for final confirmation and enforcement of the proposal.

Copyright

Copyright and related rights waived under CC0

Strata srUSDe - Base asset review

Summary

LlamaRisk supports onboarding PT-srUSDe-15JAN2026 to the Aave v3 Core instance as part of the initial PT token onboarding for srUSDe. srUSDe is the senior tranche token in Strata’s structure and represents a claim on pooled USDe that is staked into Ethena’s sUSDe strategy via Strata’s strategy contracts. The protocol’s accounting allocates realized sUSDe yield between senior and residual risk according to a Dynamic Yield Split, targeting a yield floor linked to the Aave v3 USDC/USDT lending benchmark, with additional upside when sUSDe APY exceeds this level. Pricing is based on the internal srUSDe/USDe exchange rate, combined with the Chainlink USDe/USD feed. Access control is implemented using role-based permissions and time locks for Strata’s upgradeable contracts. The Strata team has committed to launching a public bug bounty program in the first quarter.

Key risk takeaways are low secondary market liquidity in both srUSDe and PT-srUSDe-15JAN2026, a high concentration of srUSDe supply in a single holder address, and the short residual maturity of the PT (around 42 days). Thin liquidity and concentrated ownership increase the risk of slippage and gap moves if that holder or other large participants rebalance or unwind, even though srUSDe itself is anchored by primary 1:1 mint and redemption against USDe.

Since the mainnet launch in October 2025, the srUSDe supply has grown to approximately 183 million tokens on Ethereum, with a significant share allocated to the PT/YT-srUSDe-15JAN2026 market on Pendle and integrated PT-srUSDe collateral markets on Morpho and Euler. Strata’s core protocol and pre-deposit vaults have undergone multi-phase audits by Cyfrin, Guardian, and Quantstamp.

1. Asset Fundamental Characteristics

1.1 Asset

Strata is a perpetual risk-tranching protocol offering structured yield products on Ethena USDe. It allows investors to customize their risk and return exposure through two tranches, Senior and Junior.

1.2 Architecture

The protocol introduces two liquid and composable tokens built on Ethena’s reward-bearing synthetic dollar, sUSDe: Strata Senior USDe (srUSDe) and Strata Junior USDe (jrUSDe).

1) Strata Senior USDe (srUSDe): An over-collateralized, yield-bearing synthetic dollar backed by USDe, representing the senior risk tranche in Strata’s structure. It earns yield by taking principal-protected exposure with a minimum return linked to the benchmark rate, plus uncapped upside participation in realized sUSDe APY.

2) Strata Junior USDe (jrUSDe): A yield-bearing investment product, representing the junior risk tranche in Strata’s structure. jrUSDe absorbs excess risk and APY volatility from the underlying sUSDe strategy and, in return, earns a risk premium from the senior tranche, targeting higher returns for investors willing to take subordinated risk.

Source: Strata docs, December 3, 2025

Strata’s Dynamic Yield Split is the key mechanism that distributes yield from the pooled collateral between Senior USDe (srUSDe) and Junior USDe (jrUSDe), based on sUSDe APY, the benchmark rate, and how liquidity is split across the two tranches. When sUSDe APY is above the benchmark rate, the structure gives the senior tranche additional protection from the junior tranche, and the junior tranche earns a risk premium from the senior tranche, delivering potentially higher yields for risk-tolerant investors.

Source: Strata docs, December 3, 2025

The current benchmark rate is the supply-weighted average of USDC and USDT lending rates on Aave v3 Core market. This makes the Aave rates a purer measure of on-chain capital cost and a more neutral benchmark for Strata Senior USDe (srUSDe).

Source: Strata docs, December 3, 2025

srUSDe and jrUSDe yield split is calculated dynamically based on the USDe balance held in the Ethena StakingRewardsDistributor contract and is distributed linearly over each 8-hour reward epoch, following the same mechanism used by Ethena. The yield allocation dynamically adjusts on every protocol event based on the sUSDe performance, benchmark rate, and liquidity in both pools.

The srUSDe/USDe NAV started at ~$1 because each share initially represented USDe, and it has increased above as yield accrues to the underlying. The srUSDe contract tracks totalAssets (USDe/sUSDe backing the pool) and totalSupply (srUSDe outstanding), and the final srUSDe price is the exchange rate NAV = totalAssets / totalSupply.

The srUSDe earns a share of the yield generated by the protocol on the pooled USDe collateral by staking sUSDe. Its yield has a floor equivalent to the benchmark rate and uncapped upside exposure to sUSDe APY. In extreme scenarios (jrUSDe TVL ~ 0, sUSDe APY < benchmark rate), srUSDe will simply earn the same APY as sUSDe.

srUSDe earns a portion of the yield generated on pooled USDe collateral that is staked into sUSDe. Its return profile is structured with a floor at the benchmark rate and uncapped upside linked to realized sUSDe APY. In extreme scenarios (jrUSDe TVL = 0, sUSDe APY < benchmark rate), srUSDe effectively returns to earning the same APY as sUSDe.

Strata applies a 5% management fee on the yield generated from the pooled collateral. At present, this fee is waived for both srUSDe and jrUSDe. When activated, the full management fee is directed to the protocol treasury.

Mint/Redeem

Users can mint srUSDe by depositing USDe. The amount of srUSDe received is determined by the real-time srUSDe/USDe exchange rate minus any applicable minting fees. When srUSDe is redeemed, the user receives USDe based on the exchange rate, minus redemption fees. sUSDe redemptions are processed instantly, while USDe redemptions follow a 7-day cooldown period, consistent with Ethena’s sUSDe unbonding period.

Strata charges a fee when senior and junior tranche assets are redeemed. The redemption fee is distributed to senior and junior tranche holders, with a portion allocated to the protocol treasury.

1.3 Tokenomics

1.3.1 Token Holder Concentration

Source: srUSDe holders, December 3, 2025

Almost the entire srUSDe supply is concentrated in a single SY-srUSDe wrapper contract. This address holds approximately 183M srUSDe (over 97%) out of a maximum supply.

2. Market Risk

2.1 Liquidity

For srUSDe, a secondary market is not strictly required because positions can be redeemed directly in the primary market for sUSDe at NAV without slippage. There is currently only a small srUSDe/USDe pool live on Uniswap, and the team plans to launch new sr/jr liquidity pools on Fluid, with incentives to bootstrap deeper secondary liquidity.

2.1.1 Liquidity Venue Concentration

Source: DexScreener, December 3, 2025

Spot srUSDe liquidity is currently concentrated in a single Uniswap pool (srUSDe/USDe), which holds approximately $92k of liquidity against a circulating market cap of roughly $184 million and records only around $ 1,500 in 24-hour volume. This pool is effectively the sole venue for direct spot trading, while the majority of srUSDe size sits in the primary mint/redeem contract and in Pendle PT/YT markets.

2.1.2 DEX LP Concentration

No DEX LP data is currently available for this asset.

2.2 Volatility

Source: GeckoTerminal, December 3, 2025

Secondary market data for srUSDe currently shows very limited realized volatility, largely because the token can be minted and redeemed 1:1 against USDe at NAV.

2.3 Exchanges

Strata srUSDe currently has no CEX listing.

2.4 Growth

Source: Dune, December 3, 2025

srUSDe has shown strong growth since launch, scaling from effectively zero TVL in early October to around $180M by early December and stabilising in the $170–180M range.

3. Technological Risk

3.1 Smart Contract Risk

The Strata smart contracts were audited by Quantstamp, Cyfrin, and Guardian.

The main Strata Protocol contracts were audited 3 times:

• Quantstamp (Oct, 2025) - 1 medium, 2 low, 1 informational.
• Guardian (Sep, 2025) - 1 critical, 5 high, 14 medium, 5 low, and 8 informational.
• Cyfrin (Sep, 2025) - 1 critical, 2 high, 6 medium, 5 low, and 12 informational.

3.2 Bug Bounty Program

As of 3 December 2025, there is no publicly documented bug bounty program for Strata or srUSDe, and no listings exist on major security platforms. The team has indicated that a formal bug bounty and responsible-disclosure program is planned for Q1 2026.

3.3 Price Feed Risk

srUSDe pricing is determined entirely on-chain through the srUSDe/USDe exchange rate, which is calculated from the vault’s senior tranche assets and total srUSDe supply. The protocol maintains this exchange rate through its internal accounting process, reflecting yield allocation and changes in senior TVL. Integrations that require a dollar-denominated value apply the external USDe/USD Chainlink oracle separately.

3.4 Dependency Risk

Strata’s core dependency risk stems from the fact that its tranching system is built entirely on top of Ethena’s USDe/sUSDe stack and is therefore fully exposed to Ethena’s solvency. Any material impairment of USDe/sUSDe, changes to Ethena’s hedging or cooldown parameters, or issues with the Ethena contracts would transmit directly into srUSDe/jrUSDe, with jrUSDe acting as first-loss but only up to its available buffer.

In addition, Strata relies on its own on-chain monitoring setup to detect anomalies and trigger pauses or parameter changes.

4. Counterparty Risk

4.1 Governance and Regulatory Risk

The Terms of Service do not specifically define srUSDe as a legal claim, security, derivative, or any regulated financial product. The protocol and its tokens are designed explicitly for “technical use, not investment,” and the Interface Providers (i.e., “entities that make the Interface available”) disclaim any offers or promises of profit, passive return, or capital protection.

The Protocol is presented as non-custodial and permissionless. The Interface is simply a frontend to autonomous smart contracts; there is no fiduciary or legal relationship between holders and Interface Providers beyond the agreed Terms.

The Terms do not explicitly enumerate detailed minting or redemption rights for srUSDe. There is no contractual right, guarantee, or entitlement to mint or redeem from the Interface Providers. All interactions occur directly with the smart contracts at the user’s risk. Respectively, the holders of srUSDe do not have any right to claim assets, seek compensation for losses, or enforce delivery, redemption, or performance against the Interface Providers or any party behind the Interface.

Holders represent and warrant that they are not US persons, are not from OFAC-sanctioned or other prohibited jurisdictions, and will not bypass restrictions by VPN or similar means. Breaching these representations exposes them to access blocks and possible reporting.

The Terms specifically disclaim any promised tokens, yield, launch, or rights stemming from pre-deposit activities or mere token holding. In case of loss—whether due to smart contract failure, market volatility, integration risk, or any mechanism related to risk tranches (“senior” or “junior”)—users have “no recourse to the Interface Providers.” Furthermore, the liability of Interface Providers is capped at USD 100, to the maximum extent permitted by law, with broad disclaimers of all indirect, incidental, or consequential damages.

Under the Terms, srUSDe is intentionally designed to have no enforceable off-chain legal nature; the only “right” is whatever the smart contract algorithm allows on-chain at any given moment.

Since the Terms are governed by the laws of the Cayman Islands, the functional approach of the domestic legal framework to digital assets shall be observed. In the absence of redemption claims, profit rights, or third-party obligations, and given the “no offer of securities or investment contracts” representations, srUSDe would most likely be regarded as a protocol-native crypto-asset or “virtual asset,” but not a financial product or regulated security under Cayman law.

Terms Update

Following the 28 November 2025 update of the Terms, several material clarifications and structural changes have been introduced. These adjustments, informed by direct discussions with the Strata team, are outlined below, together with the key implementation details.

Access controls now apply specifically and exclusively to the web-based front-end interface operated by Frontera Labs, rather than to the Strata protocol itself.

Frontera Labs has implemented IP-based geoblocking, disclosed in the updated Terms of Service and Privacy Policy, to restrict access to the Interface from certain high-risk or prohibited jurisdictions. The Interface must not be used by persons or entities located in the United States or in a range of designated high-risk or restricted regions, including Abkhazia, Afghanistan, Angola, Belarus, Burundi, the Central African Republic, the Democratic Republic of Congo, Cuba, Crimea, Ethiopia, Guinea-Bissau, Iran, Ivory Coast (Côte d’Ivoire), Lebanon, Liberia, Libya, Mali, Burma (Myanmar), Nicaragua, North Korea, Northern Cyprus, Russia, Somalia, Somaliland, South Ossetia, South Sudan, Sudan, Syria, the Donetsk and Luhansk regions of Ukraine, Venezuela, Yemen, and Zimbabwe.

These territorial restrictions are implemented at the infrastructure layer via Cloudflare Firewall rules, which are maintained by Frontera Labs. Cloudflare applies automated IP-geolocation filtering that blocks direct access to the Interface from the listed jurisdictions. The relevant blocklist is reviewed and adjusted on an ongoing basis by Frontera Labs to reflect developments in global sanctions regimes and the company’s internal risk assessments.

Strata’s user-interface Terms were originally drafted under Cayman law at a time when no dedicated operating entity was in place. Responsibility for operating and maintaining the user interface has since been transitioned to Frontera Labs, Inc., a Delaware corporation, and the Terms are now governed by Delaware law. As users are required to accept the Terms as a condition for accessing the Strata Interface, the updated Terms form a binding contract under Delaware law. Accordingly, the associated risk disclosures, limitations of liability, and assumption-of-risk provisions will generally be enforceable, provided that they are presented in a clear, conspicuous, and reasonably noticeable manner prior to acceptance.

To clarify any residual ambiguity regarding the distinction between the Interface and autonomous smart contracts, the updated Terms now expressly state that the Strata Protocol itself does not form part of the “Services” provided by Frontera Labs. The Protocol is characterized as an independent, on-chain system that remains fully accessible without reliance on any infrastructure operated or controlled by Frontera Labs. Users may engage with the Protocol directly at the contract level or through third-party front-ends developed and operated by independent developers, without needing authorization from, or establishing a relationship with, Frontera Labs.

Consistent with this separation, Frontera Labs does not at any point have custody, possess, or control user assets. No Frontera Labs employee, system, private key, or administrative role is able to initiate, authorize, reroute, block, or execute transactions on a user’s behalf. Frontera Labs cannot alter balances, override withdrawal logic, seize or reassign tokens, freeze principal, mint assets to users, or direct the flow of funds; all such actions are exclusively governed by the autonomous operation of the deployed smart contracts.

The FAQ statement that “the senior tranche (srUSDe) is principal-protected in USDe terms” is now explicitly framed as a purely technical description of the mechanism implemented in the smart contracts, rather than as a promise, warranty, or guarantee by any legal entity or individual. The Strata team has clarified that this language is intended to describe how the autonomous risk-tranching logic functions under normal conditions, not to create an enforceable contractual undertaking, regulatory-style guarantee, or legally cognizable form of principal protection.

Under the revised structure, the risk disclosures, warranty disclaimers, assumption-of-risk provisions, and liability waivers contained in Strata’s UI Terms are intended to be fully effective and enforceable under the laws of the State of Delaware. There is no Cayman-law impediment to this arrangement: no Cayman entity is providing services to users, operating the Interface, or entering into contractual relationships with them. As a result, Cayman law does not impose separate contractual or licensing requirements on the Terms themselves.

Nonetheless, the team has undertaken a preliminary review of the Strata Protocol and the regulatory characterization of the srUSDe token under Cayman law. The conclusions of that analysis align with the assumptions outlined in the earlier sections of this risk assessment: srUSDe is most accurately understood as a “virtual asset” generated by an autonomous, non-custodial smart contract system, rather than as a security or a regulated investment product. No Cayman entity issues srUSDe, acts as custodian, intermediates user transactions, or conducts any activity that would constitute a “virtual asset service” under the Cayman VASP Act. On this basis, srUSDe does not constitute a security under the Securities Investment Business Act (SIBA) and does not form part of any Cayman-regulated investment fund structure.

4.2 Access Control Risk

4.2.1 Contract Modification Options

The srUSDe token is deployed as an ERC-1967 transparent proxy pattern controlled via a 48h Timelock contract. For srUSDe, the modification process is controlled through role-gated functions on the StrataCDO and related contracts. Governance assigns these roles to specific addresses; whoever holds a role can change only the parameters wired to that role.

• COOLDOWN_WORKER_ROLE: runs the technical steps for unstake/cooldown flows for the redemption.
• PAUSER_ROLE: can pause or unpause deposits/redemptions.
• RESERVE_MANAGER_ROLE: can move reserve funds and set the treasury address, directly affecting how much buffer remains to protect tranches.
• UPDATER_CDO_APR_ROLE: triggers CDO accounting updates so yield is realised into srUSDe/jrUSDe NAVs.
• UPDATER_FEED_ROLE: pushes new APR data into the rate feed.
• UPDATER_STRAT_CONFIG_ROLE: adjusts strategy and risk parameters (including cooldown settings), effectively tuning how conservative or aggressive the Ethena exposure is.

4.2.2 Timelock Duration and Function

Strata governance uses two timelock contracts for sensitive actions. The first timelock has a minimum delay of 48 hours. Its PROPOSER_ROLE is held by the Admin Multisig and its CANCELLER_ROLE is held by the Guardian. The second timelock has a minimum delay of 24 hours, with the same Admin Multisig holding the PROPOSER_ROLE.

4.2.3 Multisig Threshold / Signer Identity

Strata utilizes two Gnosis Safe multisigs, where each wallet is controlled by founding members and core contributors, and employs a separate-device cold-wallet setup. The Operational Multisig is a 2-of-3, and the Admin Multisig is a 3-of-4 multisig.

The Admin Multisig signers:

• 0x791fB9322132E7BD7A84D233371AA8C21AaD5A51
• 0x296400D87BE5cFB63C5025904cD006EBB23d15d5
• 0xd796E125aF489CFfb4A766Df4deD9272E458249C
• 0x206cFf3DF3C6af6F03eEB86fBa2c3dfa420B4ac7

The Operational Multisig signers:

• 0x296400D87BE5cFB63C5025904cD006EBB23d15d5
• 0xd796E125aF489CFfb4A766Df4deD9272E458249C
• 0xacE53036af66B74f4cEaf80443F0A7979056989C

The Guardian role is held by Patrick Collins, Co-Founder & CEO of Cyfrin. The Guardian adds an additional control layer on top of the 24h and 48h timelocks by holding the right to veto or cancel queued timelock transactions before execution if they appear malicious, compromised, or unsafe. This role actively monitors pending governance actions via internal tooling and third-party security systems, such as Hypernative, and can mitigate threats by canceling suspicious transactions and notifying contributors.

Disclaimer

This review was independently prepared by LlamaRisk, a DeFi risk service provider funded in part by the Aave DAO. LlamaRisk is not directly affiliated with the protocol(s) reviewed in this assessment and did not receive any compensation from the protocol(s) or their affiliated entities for this work.
The information provided should not be construed as legal, financial, tax, or professional advice.

PT token analysis

Summary

LlamaRisk supports listing PT-srUSDe-15JAN2026 on the Aave V3 Core instance. At the time of this analysis, the asset matures in approximately 42 days. The market for srUSDe is driven by a unique points-based yield mechanism, generating significant user demand for fixed-rate products based on Ethena’s sUSDe underlying asset.

Asset State

Underlying Yield Source

The underlying yield for srUSDe is generated by staking pooled USDe into Ethena’s sUSDe strategy. The yield allocated to srUSDe has a floor set by the benchmark rate, defined as the Aave v3 lending rate on USDC and USDT, with uncapped upside exposure to the realized sUSDe APY. In extreme scenarios, the srUSDe will effectively earn the same APY as sUSDe.

For PT-srUSDe, the fixed yield is implied by purchasing the principal token at a discount to its notional srUSDe face value and redeeming it 1:1 for srUSDe at maturity, so the discount accretes to par over time in line with the standard Pendle PT structure, while the floating srUSDe yield is stripped out to the corresponding yield token.

In addition to this underlying yield, srUSDe holders currently earn 30x Strata Points and 30x Ethena Points under the Strata rewards program.

Underlying stability

srUSDe derives its value from the on-chain accounting of a single pooled USDe/sUSDe position. Stability, therefore, depends on USDe/sUSDe maintaining solvency and liquidity, sUSDe redemptions and cooldowns functioning efficiently so that TVL can be unwound in stress, and on resilient secondary market liquidity for USDe around its $1 target.

Source: LlamaRisk, December 3, 2025

Market Analysis

Total Supply

The PT-srUSDe-15JAN2026 maturity pool has recorded substantial growth since launch. As of December 3, 2025, the total available liquidity (TVL) stands at approximately $45 million, while the aggregate supply of the underlying SY-srUSDe has expanded to more than $ 175 million.

Source: LlamaRisk, December 3, 2025

The total available liquidity in the PT-srUSDe pool is about $45.46M, of which roughly $38.08M (83.8%) sits in SY-srUSDe and $7.38M (16.2%) in PT-srUSDe. The pool is currently incentivized with an estimated 282 PENDLE tokens in daily rewards.

Source: Pendle, December 3, 2025

Market Depth

The market’s order book shows substantial two-sided depth around the current yield. Around the 8% implied yield level, there is sizeable cumulative bid interest in the low millions of PT, with additional buy size resting at gradually higher yields. On the sell side, meaningful offer size is visible down to the mid-6% yield area.

Overall, the depth profile suggests that reasonably large orders can be executed with minimal yield slippage and that pricing is supported by an active two-way interest rate rather than a thin, one-sided flow.

Source: Pendle, December 3, 2025

Price and Yield

PT-srUSDe-15JAN2026 pricing has normalised as the market matured: implied PT yield started in the mid-teens with a wide premium over LP returns, briefly spiked again in early November, and has since compressed. As of early December, implied PT yield is tracking around 8% APY, while the maximum LP yield in the same pool is materially lower, leaving fixed-yield PT buyers with a persistent positive spread.

Source: LlamaRisk, December 3, 2025

Maturities

On Pendle, srUSDe exposure is concentrated in a single term market: the PT/YT srUSDe contract maturing on January 15th, 2026. As of 3 December 2025, the full SY-srUSDe supply on Pendle (approximatelt $177.61 million) is linked to this maturity, making the 15JAN2026 market the sole venue for fixed-yield pricing, YT leverage, and rollover activity in srUSDe.

Source: Pendle, December 3, 2025

Integrated Venues

PT-srUSDe-15JAN2026 is already integrated across several lending venues. On Morpho, it is used as primary collateral in multiple USDC lending vaults. On Euler Yield, PT-srUSDe-15JAN2026 is enabled as collateral within dedicated vaults, allowing users to borrow against their fixed-yield position.

Recommendations

Aave Market Parameters

Will be presented jointly with @ChaosLabs. Other parameters will be handled via Risk Oracle.

Price Feed Recommendation

For pricing PT tokens on Aave, a specific dynamic linear discount rate oracle has been developed by BGD Labs. It is recommended that PT srUSDe tokens be priced using it. In addition, due to full direct redemption availability, srUSDe would be priced on par with sUSDe; therefore, it would use sUSDe’s standard pricing mechanism on Aave’s markets.

Disclaimer

This review was independently prepared by LlamaRisk, a DeFi risk service provider funded in part by the Aave DAO. LlamaRisk is not directly affiliated with the protocol(s) reviewed in this assessment and did not receive any compensation from the protocol(s) or their affiliated entities for this work. The information provided should not be construed as legal, financial, tax, or professional advice.

Strata is a fully on-chain protocol built with the same security-driven DeFi ethos embraced by pioneers like Aave. We follow a security-first process across the full lifecycle of our smart contracts, supported by audits from leading firms including Guardian, Cyfrin, and Quantstamp, alongside continuous internal testing and protocol monitoring.

Following the recommendation of @LlamaRisk and to further strengthen public confidence, we will be launching a public bug bounty program in Q1 2026.

This program will have a particular focus on the core smart contracts of the Strata Protocol. We will share more details as we approach launch.

Overview

In response to the ARFC proposing the listing of srUSDe PT tokens on the Ethereum Core instance of Aave v3, we have conducted a comprehensive analysis of the underlying Strata protocol. Specifically, the analysis focuses on the underlying economic design of the protocol, covering the system design, internal pricing dynamics of senior and junior tranches, along with yield distribution logic and historical performance of the assets. As the ARFC targets a future srUSDe principal token that has not yet been deployed on Pendle, this post focuses on Strata’s structural design and utilizes the most recent January-maturity PT-srUSDe as an illustrative case study for the expected pricing, liquidity, and implied APY dynamics of the next srUSDe PT. Once the next srUSDe PT is listed on Pendle and sufficient market data is available, we will follow up with specific risk parameter recommendations calibrated to that maturity under the Principal Token Risk Oracle framework.

Strata Overview

Strata is a structured yield protocol built on top of Ethena’s staked USDe. The protocol introduces a two-tranche system that segregates yield and risk exposure into distinct instruments — srUSDe (the senior tranche) and jrUSDe (the junior tranche). Through this mechanism, Strata seeks to create differentiated risk and return profiles, offering a tailored approach to the risk and reward bundling.

At the core of Strata’s design is its Dynamic Yield Split mechanism, which governs the allocation of realized yield from the underlying sUSDe between senior and junior tranche holders. The mechanism references a benchmark rate, defined as the supply-weighted average yield across major USDT and USDC stablecoin lending markets on Aave; a TVL ratio, which represents relative shares of notional locked in senior and junior tranches; and a set of exogenously set risk premium parameters, which govern the allocation of yield between the instruments.

Yield Distribution

Risk Premium

srUSDe Yield

Hence, if the junior TVL ratio is at the 105% threshold and sUSDe yield is 0%, while the stablecoin supply yield on Aave is 10%, the runway for srUSDe would be 6.5 months. While such a scenario is unlikely, the current baseline of 5% supply rate would allow for 1 year of runway. As jrUSDe is bound to depreciate under such extreme scenarios, the yield of the senior tranche will be represented by the yield of the underlying staked USDe if the TVL of the junior tranche is to reach zero.

jrUSDe Yield

The chart above illustrates the regime shift inherent in Strata’s perpetual tranche instruments. Between October 15 and October 25, jrUSDe experienced pronounced depreciation as the sUSDe yield fell materially below the Aave stablecoin supply rate. The resulting yield shortfall was absorbed by the junior tranche, leading to a decline in its exchange rate. Following October 25, this dynamic reversed: jrUSDe began appreciating at a substantially higher rate, reflecting the leveraged upside that junior holders earn when underlying yields exceed the benchmark. This pattern is consistent with the economic design of the protocol, in which junior capital absorbs downside during unfavorable yield regimes and captures amplified returns during favorable ones.

Rate Sourcing

Such contract logic ensures that the benchmark reflects the liquidity distribution while remaining anchored to the yields of the USDT and USDC lending markets. To prevent abrupt or manipulated rate spikes, the contract applies strict bounds to the computed value; if the benchmark APR falls outside this range, the call reverts, and the prior valid rate is retained.

The sUSDe base rate is derived from Ethena’s vesting process. Unvested rewards accumulate and vest linearly over an eight-hour window, and the contract annualizes the remaining unvested amount relative to vesting time and total assets to produce an APR. If vesting has been fully completed, the base rate returns zero. This approach ensures the reported sUSDe APR reflects the immediate realized yield rather than a smoothed estimate.

While the historical performance of the asset is limited, we have replicated the rate computation logic from the AaveAprPairProvider contract in order to observe the APY dynamics on a longer horizon. As expected, the yield profiles of the senior and junior tranches outline similar dynamics to the recent period, where jrUSDe represents a leveraged bet on the positive spread between sUSDe yield and the Aave supply rate, while srUSDe, in large part, tracks the Aave supply rate with a meaningful premium obtained from the sUSDe yield. Within the simulation, the quantities of the minted reserves were assumed to be constant at a junior TVL share of 10%, which, as expected, resulted in mean junior tranche APYs of approximately 22% over the course of the year and, during several periods of extreme yield, in excess of 50% on an annualized basis. This indicates that, under the current fixed parameterization, the junior tranche is structurally over-incentivized.

Additionally, inspection of the Accounting contract shows that jrUSDe and srUSDe exchange rates are updated on an event basis: internal accounting is refreshed via updateAccounting, which is called on each mint or redeem operation. Such a configuration ensures minimal abuse of the yield distribution; additionally, the points distribution system also exhibits substantial robustness, with appropriate measures in place to minimize points sandwiching activity.

Mints & Redemptions

Strata supports minting and redeeming srUSDe against both USDe and sUSDe via the Strata UI and smart contracts, with srUSDe redemptions into USDe subject to Ethena’s 7-day unstaking period, while sUSDe redemptions are processed instantly. The protocol is designed with configurable redemption fees on senior and junior tranche assets, intended to dampen short-term arbitrage and speculative flow and to help stabilize tranche liquidity over time. In practice, these fees are currently set to 0 bps, and there appears to be no effective fee on direct srUSDe to sUSDe conversions. As a result, there is limited friction for yield arbitrage between srUSDe and sUSDe, which may facilitate fast repricing of the senior tranche yield but also reduces the protocol’s ability to discourage purely opportunistic, yield-seeking rebalancing. However, the team has indicated that redemption fees will be increased in the near term, which should reduce or eliminate the incentive to arbitrage the rates.

srUSDe Performance

Considering srUSDe as a standalone asset, its utility on Aave is fairly limited as the senior tranche entails a conservative and, to an extent, hedged exposure to sUSDe. For the yield-bearing class of stablecoins, the primary utility is traditionally centered around leveraged yield strategies, where users supply the yield-bearing asset as collateral, while borrowing non-yield-bearing stablecoins and recursively minting the yield-bearing asset, thereby increasing the notional exposure to the yield-bearing asset. By leveraging the spread between the yield of the collateral asset and borrowing costs, users can achieve substantial leveraged net yields. In the case of srUSDe, which, yield-wise, has two modes of operation: supply APY of the average of USDT and USDC, discounted sUSDe yield; both of which need to be considered to assess the utility of the token within the protocol.

In cases where the benchmark rate is lower than the underlying yield of sUSDe, the strategy is not profitable, as the benchmark rate represents the supply yield of stablecoins, which is a reserve-factor-discounted borrow rate of the same assets; hence, the spread on such a strategy would be strictly negative and leveraged strategies would be guaranteed to have a negative PnL.

On the other hand, during periods of elevated sUSDe yield, the senior tranche yield would be discounted by the risk premium; hence, utility-wise, in the short term the asset’s yield would not be competitive with sUSDe, due to the inferred discount.

Additionally, in scenarios where the junior tranche TVL approaches zero, srUSDe may be unable to deliver the Benchmark rate. In the absence of sufficient jrUSDe to absorb losses or fund the senior yield, srUSDe would effectively function as a deposit vault for sUSDe.

Therefore, the asset on its own presents minimal short-term utility on Aave, as both regimes are either unprofitable or dominated by alternatives. In the first case, srUSDe’s yield will be lower than stablecoin borrow costs. In the second operational mode, the yield will be at a competitive disadvantage compared to sUSDe. From a protocol-design perspective, these dynamics will be inherited by any srUSDe-based PT listed on Pendle: the PT’s implied yield will primarily reflect srUSDe’s yield accrual mechanics and incentives rather than offering fundamentally new risk–return characteristics at the underlying level.

While srUSDe represents a conservative instrument, which aims to expose investors to the staked USDe yield while providing protection in case of subpar performance by subsidizing the yield up to the weighted supply rate of USDT and USDC on Aave v3, the junior instrument presents an entirely different risk and return profile, as it effectively facilitates investor exposure to the leveraged spread between sUSDe yield and Aave weighted stablecoin supply.

Audits

Strata’s core tranche contracts have undergone a multi-phased audit process by three independent security firms. The initial round of audits was conducted in parallel by Cyfrin and Guardian, followed by a second phase performed by Quantstamp, covering the tranche accounting logic, yield-split mechanics, withdrawal flows, and supporting contracts. A list of public reports is available here.

Across these reviews, auditors identified issues ranging from configuration and accounting inconsistencies to withdrawal behavior and strategy-level attack vectors. Public tracking of the findings shows the vulnerabilities have been addressed in commits and marked as fixed and verified by the auditor. Additionally, BGD will conduct an independent, in-depth technical review of the Strata integration and its interaction with Aave, providing its conclusions in a separate technical assessment.

Case Study: PT-srUSDe-14JAN2026

As the ARFC does not specify a concrete principal token for the upcoming listing, the most recent January-maturity srUSDe principal token, PT-srUSDe-14JAN2026, is used here purely to exemplify the expected dynamics of a future srUSDe PT. Please note that a separate, token-specific assessment and parameter recommendation will be presented once the next srUSDe PT is available on Pendle and has accumulated sufficient market history.

Performance

The implied APY of Pendle’s PT-srUSDe-14JAN2026 materially exceeds the realized yield of srUSDe, largely due to ongoing incentive programs. The current premium is approximately 4 percentage points: PT-sUSDe trades near a 6% implied rate, whereas PT-srUSDe is priced around 10%. At this level, the January maturity can attract considerable stablecoin borrowing demand. A user looping PT-srUSDe could capture a spread of over 6%, and with roughly 10x leverage, the net return may approach 60% under favorable market conditions. Such elevated implied yields, therefore, create strong incentives for leveraged borrowing activity if a comparable asset is to be listed on Aave v3.

Initial Discount Rate Per Year and Maximum Discount Rate Per Year

Based on the limited historical observed data and the pricing configuration of the PT-srUSDe-14JAN2026 market, our initial recommendations for the discountRatePerYear and maxDiscountRatePerYear would be as follows:

• Initial discountRatePerYear: 9.46%
• maxDiscountRatePerYear: 31.82%

For the forthcoming srUSDe PT, these values will be reassessed based on the observed term structure, liquidity, and volatility at that specific maturity, and may differ from the example above.

Liquidity Dynamics

With PT-srUSDe-14JAN2026, liquidity depends on both the underlying USDe markets and Pendle’s PT/SY AMM pool, and current depth is sufficiently strong. The plot below represents the liquidity available under 3% slippage as the market approaches maturity. As the market matures and moves closer to expiry, the slippage associated with selling PT becomes less extreme. This trend is especially pronounced for assets with higher expected implied yield fluctuation, as they tend to have more variance in liquidity concentration. The market currently facilitates swaps of up to $30M with slippage limited to 3% or less.

The SY liquidity in PT-srUSDe-14JAN2026’s AMM has stabilized at $30M, indicating a substantial liquidity depth, and has remained at that level since.

While these liquidity dynamics are specific to the January 14th-maturity principal token, they provide a reasonable baseline for the order of magnitude and slippage profile that can be expected for a subsequent srUSDe PT, subject to re-evaluation at the time of listing.

Recommendation

Chaos Labs supports, in principle, the listing of a future srUSDe-based PT on the Aave v3 Ethereum Core instance under the Principal Token Risk Oracle framework with the dynamic linear discount-rate oracle, conditional on the specific maturity, liquidity profile, and market conditions at the time of listing. While listing the senior tranche instrument itself is not expected to expand stablecoin borrowing demand significantly, a sufficiently incentivized srUSDe PT can present substantial potential: Pendle market data for PT-srUSDe-14JAN2026 shows a materially higher implied APY than srUSDe. Since standalone short-term srUSDe looping is either inefficient or unprofitable, incremental demand for any future srUSDe PT is likewise expected to come primarily from the incentivized PT market.

Additionally, to ease the unwinding frictions, we aim to recommend including sUSDe in the E-Modes as an alternative collateral, thereby increasing debt stickiness within the associated market. Separately, listing an srUSDe PT will expose Aave to additional smart contract risk, as much of Strata’s on-chain infrastructure is unique and novel. A comprehensive technical assessment by BGD is therefore crucial, and proceeding with any srUSDe PT listing should be conditional on a positive technical review.

Disclaimer

Chaos Labs has not been compensated by any third party for publishing this recommendation.

Copyright

Copyright and related rights waived via CC0

srUSDe (Strata) technical analysis

Summary

This is a technical analysis of all the smart contracts of the srUSDe asset and its main dependencies.

Disclosure: This is not an exhaustive security review of the asset like the ones done by Strata Team, but an analysis from an Aave technical service provider on different aspects we consider critical to review before a new type of listing. Consequently, like with any security review, this is not an absolute statement that the asset is flawless, only that, in our opinion, we don’t see significant problems with its integration with Aave, apart from different trust points.

Analysis

Senior USDe (srUSDe) is a yield-bearing token backed by USDe and represents the senior risk tranche within Strata’s system, which is composed of senior and junior tranches. The senior tranche receives a guaranteed yield tied to the benchmark rate, with uncapped upside to sUSDe APY, and pays a risk premium to the junior tranche for protection. Junior receives the base yield from sUSDe plus the risk premium paid by the senior tranche, adjusted by the TVL ratio, and absorbs shortfalls if sUSDe APY drops below the benchmark. Users can deposit USDe, sUSDe, and pUSDe to receive srUSDe. While they can redeem sUSDe immediately, they must wait for Ethena’s unstaking period to redeem USDe.

For the context of this analysis, our focus has been on the following aspects, critical for the correct and secure integration with Aave:

• A recommendation of pricing strategy to be used in the integration asset <> Aave.
• Any miscellaneous aspect of the code that can be considered important.
• Analysis of the access control (ownerships, admin roles) and the nature of the entities involved in the system. Regarding the table permissions’ holders and their criticality/risk, it is done following these guidelines:

General points

• The Strata system relies on a set of upgradable contracts, with main dependencies from OZ for access control, tokenization, math, and upgradability. It also uses the PRBMath library.

• The srUSDe and jrUSDe are receipt tokens that implement the OZ ERC4626 pattern.

• For proxies, it uses OZ Transparent pattern.

• The system upgradability is controlled by a 2-day Timelock.

• General access control is managed via the Access Controlled contract, which is a wrapper around the OZ access control. The admin is shared between timelocks and a safe wallet.

Contracts

The following is a non-exhaustive overview of the main smart contracts involved with srUSDe.

srUSDe (Tranche)

The Senior tranche srUSDe is the core system’s contract. It implements the OZ ERC4626, which users interact with to mint and burn srUSDe shares by depositing USDe and sUSDe. It forwards deposits and withdrawals to StrataCDO, orchestrated via the sUSDeStrategy. The Junior tranche (jrUSDe) uses the same contract infrastructure (Tranche) as srUSDe. It is an upgradable Transparent Proxy with ownable access control via the AccessControlled contract.

• Access Control

  • The owner can configure the AccessControlManager and TwoStepConfigManager addresses via setAccessControlManager(address) and setTwoStepConfigManager(address) functions respectfully.

  • The StrataCDO contract can call configure(), which sets the maximum allowance of the underlying assets toward the sUSDeStrategy contract. This is called once.

• Deposit and Redemptions

  • All deposit and redemption operations first updates the accounting index via cdo.updateAccounting(), syncing the total assets under the strategy’s control. After the inflow/outflow of assets into the strategy, the cdo adjusts the NAV for Senior and Junior tranches via the accounting.updateBalanceFlow() method.

  • Users can deposit USDe and sUSDe via the deposit(token, tokenAmount, receiver) function. Internally, it calculates the user’s srUSDe shares via strategy.convertToAssets(token, tokenAmount), mints them, and transfers them to the receiver.

  • The deposit assets flow to a Strategy contract where they are transformed into sUSDe.

  • Users can redeem sUSDe instantly via the redeem(token, shares, receiver, owner) function. Internally, it calculates the baseAssets via previewRedeem(shares) and uses them to calculate the assets strategy.convertToTokens(token, baseAssets), burns the owner’s srUSDe shares and transfers sUSDe to the ERC20Cooldown contract. Since the cooldown period for withdraws of sUSDe is zero, the ERC20Cooldown contract transfers the sUSDe to the receiver immediately.

  • Users who want to redeem USDe are subject to Ethena’s unstaking period. In that case, the sUSDe goes to the UnstakeCooldown contract, which handles the unstaking period, and later users can finalize and claim USDe.

• Exchange Rate

  • The exchange rate of srUSDe <> USDe is calculate through the StrataCDO, Accounting and sUSDeStrategy contracts. The system uses two distinct exchange rates: one for processing new deposits and the other for finalizing redemptions.

    • Deposit exchange rate: Relies on the previewDeposit(assets) function, which is calculated using the standard ERC4626 pattern of assets * totalSupply() / totalAssets().

    • Redemption exchange rate: Relies into the previewRedeem(shares) function, which takes a 0.025% fee from the srUSDe shares and then uses the standard ERC4626 of shares * totalAssets() / totalSupply().

    • The totalAssets() is fetched from cdo.totalAssets(), which internally queries the totalUSDe held by the sUSDeStrategy contract and extracts the srUSDe portion from accounting.totalAssets(totalUSDe) function, which splits the totalUSDe into srUSDe and jrUSDe portions.

    • It’s important to note that totalUSDe is derived from the total sUSDe shares held by the Strategy, sUSDe.balanceOf(strategy), and the sUSDe <> USDe exchange rate, sUSDe.convertToAssets(shares).

    • By relying on balanceOf(), the Strata system is not fully donation-resistant, meaning that sUSDe donations to the Strategy can change the general totalUSDe value.

    • Given the system dynamics, where the Accounting contract splits the totalUSDe in portions, the Junior tranche receives all donation because the Senior tranche

    • Given the system dynamics, in a scenario where a large amount of sUSDe is donated to the Strategy, the Junior tranche would absorb the entire donation because the Senior tranche’s totalAssets gains are capped at the Senior target APR (set via risk params).

AccessControlManager

The AccessControlManager contract coordinates access control for the Strata system. It’s a non-upgradable wrapper of the OZ Access control.

• Access Control
  • The DEFAULT_ADMIN_ROLE manages all role assignments in the Strata system through the grantRole(role, address) function. It can also revoke roles from accounts using the revokeRole(role, address) function.

StrataCDO

The StrataCDO contract is the core orchestrator of the Strata system. It orchestrates the Senior and Junior tranches, accounting, and sUSDe strategy; Deposits and withdrawals are routed through the CDO. It enforces tranche-level pause states and exit fees. It is an upgradeable OZ Transparent Proxy controlled via an ownable, role-based access control implemented by the AccessControlled contract.

• Access Control

  • The owner can configure the AccessControlManager and TwoStepConfigManager addresses via setAccessControlManager(address) and setTwoStepConfigManager(address) functions, respectively.

  • The owner can call configure(), which calls the configure() functions in the Senior and Junior tranche contracts. This is called once after deployment.

  • Senior and Junior tranches can call deposit() and withdraw() functions, which internally orchestrate the inflow and outflow of assets to the sUSDeStrategy contract. During these operations, updateAccounting() is called, and accrueFee() is called only during withdrawals.

  • The RESERVE_MANAGER_ROLE can configure the treasury address via the setReserveTreasury(address) function, redistribute reserve back to tranche TVL via the distributeReserve(uint jrAmountIn, uint srAmountIn) function, or withdraw protocol reserve to the treasury address via the reduceReserve(token, amount) function.

  • The PAUSER_ROLE can pause and resume deposits and redemptions in the Senior and Junior tranches via the setActionStates(tranche, isDepositEnabled, isWithdrawEnabled) function. It can also pause Junior deposits via the setJrtShortfallPausePrice(shortfallPrice) function; The shortfallPrice must be below the current Junior sUSDe share price.

sUSDeStrategy

The Strategy manages USDe stakes into sUSDe during CDO deposits, holds sUSDe, and fulfills withdrawals via cooldown contracts for each tranche. It is an upgradeable OZ Transparent Proxy controlled via an ownable, role-based access control implemented by the AccessControlled contract.

• Access Control

  • The owner can configure the AccessControlManager and TwoStepConfigManager addresses via setAccessControlManager(address) and setTwoStepConfigManager(address) functions respectfully.

  • The UPDATER_STRAT_CONFIG_ROLE can adjusts and disable tranche-specific sUSDe cooldowns via the setCooldowns(uint sUSDeCooldownJrt, uint sUSDeCooldownSrt) function.

  • StrataCDO contract can move assets into/out of the strategy through the deposit(tranche, token, amount, baseAssets, owner) and withdraw(tranche, token, amount, baseAssets, sender, receiver) methods and the reserve via the reduceReserve(token, amount, receiver) method.

Accounting

The Accounting contract tracks the tranches’ TVL, calculates Net Asset Value (NAV), and implements the so-called Dynamic Yield Split (DYS) mechanism, which splits NAV between Senior and Junior tranches, based on the risk parameters and benchmark rate set in the contract. It is an upgradeable OZ Transparent Proxy controlled via an ownable, role-based access control implemented by the AccessControlled contract.

• Access Control

  • The owner can configure the AprPairFeed contract using the setAprPairFeed(address) method.

  • The owner can adjust the protocol gains and the fee allocation for each tranche via the setReserveBps(uint bps) and setFeeRetentionBps(uint jrBps, uint srBps) methods, respectively. The owner can also adjust the minimum ratio and buffer between Junior and Senior tranches (the ratio at which Jr withdrawals are blocked and deposits are halted) by calling the setMinimumJrtSrtRatio(uint ratio) and setMinimumJrtSrtRatioBuffer(uint ratio) functions.

  • The UPDATER_STRAT_CONFIG_ROLE can configure risk parameters used by the NAV calculation via the setRiskParameters(x, y, k) function, where:

    • x: Minimum risk premium.
    • y: additional premium applied on top of x.
    • k: Exponential scaling factor controlling premium growth.

  • The UPDATER_FEED_ROLE can trigger an update in the srtTargetIndex by fetching new APRs via the onAprChanged() function.

  • The strataCDO calls the updateAccounting(), updateBalanceFlow(), and accrueFee() methods during the assets’ inflow/outflow (already explained in the StrataCDO).

AprPairFeed

The AprPairFeed contract aggregates base and target APR data, checking for pushed updates or pulling from a provider when stale. It is primarily used by the Accounting contract during asset inflows/outflows to update the Senior and Junior NAVs. It is an upgradeable OZ Transparent Proxy controlled via an ownable, role-based access control implemented by the AccessControlled contract.

• Access Control

  • The owner can set the provider contract, from which the contract pulls data via the setProvider(address) method. The owner can also configure the time duration after which a round is considered stale via the setRoundStaleAfter(uint value) function.

  • The UPDATER_FEED_ROLE can pull APR data via the updateRoundData() or push off-chain APR data via the updateRoundData(int aprTarget, int aprBase, uint timestamp) function. Both fall back to an internal function that checks whether the update is not stale and whether both APRs are within the acceptable bounds (-50% and 200%).

AaveAprPairProvider

The AaveAprPairProvider contract is a stateless APR source that computes the target APR from Aave’s USDC and USDT reserves data, and the base APR from sUSDe’s vesting. It is primarily used by the AprPairFeed contract and has no privileged access controls.

ERC20Cooldown

The ERC20Cooldown holds sUSDe during cooldown-based withdrawals and releases funds after the unlock time. It is an upgradeable OZ Transparent Proxy controlled via an ownable, role-based access control implemented by the AccessControlled contract.

• Access Control

  • The owner can configure the AccessControlManager and TwoStepConfigManager addresses via setAccessControlManager(address) and setTwoStepConfigManager(address) functions respectfully.

  • Cooldowns are enabled or disabled by calling the setCooldownDisabled(token, bool) function, which is initiated via the strategy contract. Currently, there’s no cooldown for sUSDe withdrawals, so after the strategy calls transfer(), it immediately transfers the assets to the user.

UnstakeCooldown

UnstakeCooldown manages token-specific unstake handlers via per-user clone proxies and finalizes requests after underlying cooldowns; it is upgradeable via TransparentUpgradeableProxy with AccessControlled roles and a CRITICAL ProxyAdmin.

• Access Control

  • The owner can configure the AccessControlManager and TwoStepConfigManager addresses via setAccessControlManager(address) and setTwoStepConfigManager(address) functions respectfully.

  • The owner can configure token implementations that handle the unstake from sUSDe via the setImplementations(token, address) function.

  • When a user requests a USDe redemption, the strategy calls transfer(), and the UnstakeCooldown initiates the sUSDe unstake from Ethena. After the unstake period finishes, the user calls finalize(), which transfers USDe to the user.

Pricing strategy

Although srUSDe is not initially planned to be listed on Aave, it’s important to provide our recommendation, as the DAO is considering listing its PT token. Our suggestion is to price srUSDe using a CAPO adapter, applying the srUSDe <> USDe redemption exchange rate along with the USDT stable CAPO feed.

This recommendation follows the USDe price strategy across Aave instances.

We also must highlight that the Strata system is not donation-resistant, and sUSDe can manipulate the underlying assets. However, as explained in the exchange rate section, given the split dynamics, the Senior tranche caps its total assets at the target APR, and donations are redirected to the Junior tranche’s total assets. Still, we recommend not listing this asset (and definitely not jrUSDe) as collateral without a deep review of the analysis.

Miscellaneous

• The system has undergone several security reviews by Quantstamp, Cyfrin and Guardian. They can be found in the Strata documentation here.

Conclusion

We believe srUSDe has no issues with Aave integration and no major blockers for listing.

Overview

Following up on our previous review of the underlying economics of Strata and BDG’s technical assessment, we hereby propose risk parameters for PT-srUSDe-1APR2026, including recommended initialDiscountRatePerYear and maxDiscountRatePerYear values based on the dynamic linear discount rate oracle methodology described here. The recommended parameters are built on top of our Principal Token Risk Oracle framework, outlined in detail here.

Risk Oracle Parameter Evolution

Through rigorous quantification of the algorithm, we find that the integration risk of PT-srUSDe decays as the token approaches maturity. This dynamic justifies using increasingly efficient risk parameters over time. Given that Strata’s tranche products are fully allocated to sUSDe in the worst-case scenario, and as outlined in the previous review, the yield profile of srUSDe converges to that of sUSDe, we recommend aligning the final parameters of PT-srUSDe with those of sUSDe. We project the evolution of the LT, LTV, and LB, with the initial parameterization approximately as follows:

Stablecoin E-Mode

LTV: 89.5%, LT: 91.5%, LB: 4.5%

USDe E-Mode

LTV: 91.2%, LT: 93.2%, LB: 2.6%

Discount Rates

Based on the observed data and pricing dynamics of the market, our initial recommendations for the discount rate parameters are as follows: initialDiscountRatePerYear : 6.72%, maxDiscountRatePerYear : 24.01%

Supply Cap

Given the dynamics underlying the expansion of the liquidity profile in Pendle’s PT/SY AMM Pool, along with the relatively recent listing of the asset on Pendle, we view the liquidity depth as sufficient for meaningful supply caps. The plot below represents the amount of liquidity available under 3% price impact as the market approaches expiry, given the current liquidity distribution in the AMM. With the maturity of the market, the price impact associated with swapping PT becomes less extreme. With higher market maturity, the costs associated with executing sell orders of the asset compress; this trend is especially pronounced for the assets with lower scalarRoot values, which imply greater expected implied yield fluctuations, and such tokens tend to exhibit greater liquidity concentration variance. As shown in the chart below, the AMM can currently facilitate swaps exceeding 10 million tokens at a relatively conservative 3% slippage.

Additionally, both the PT and SY liquidity profiles have expanded steadily, reaching 12 and 2 million tokens, respectively.

Specification

Initial E-Mode Risk Oracle

Linear Discount Rate Oracle

PT-srUSDe Stablecoins E-mode

PT-srUSDe USDe E-mode

Disclaimer

Chaos Labs has not been compensated by any third party for publishing this recommendation.

Copyright

Copyright and related rights waived via CC0

The current proposal has been escalated to ARFC Snapshot. Thank you to all Service Providers involved.

Vote will start tomorrow, we encourage everyone to participate.

The current ARFC Snapshot ended recently, reaching out both Quorum and YAE as winning option with 1.1M votes.

Therefore, [ARFC] Onboard Strata srUSDe PT tokens to V3 Core Instance has PASSED.

Next step will be the publication of an AIP for final confirmation and enforcement of the proposal.