Strata srUSDe - Base asset review
Summary
LlamaRisk supports onboarding PT-srUSDe-15JAN2026 to the Aave v3 Core instance as part of the initial PT token onboarding for srUSDe. srUSDe is the senior tranche token in Strata’s structure and represents a claim on pooled USDe that is staked into Ethena’s sUSDe strategy via Strata’s strategy contracts. The protocol’s accounting allocates realized sUSDe yield between senior and residual risk according to a Dynamic Yield Split, targeting a yield floor linked to the Aave v3 USDC/USDT lending benchmark, with additional upside when sUSDe APY exceeds this level. Pricing is based on the internal srUSDe/USDe exchange rate, combined with the Chainlink USDe/USD feed. Access control is implemented using role-based permissions and time locks for Strata’s upgradeable contracts. The Strata team has committed to launching a public bug bounty program in the first quarter.
Key risk takeaways are low secondary market liquidity in both srUSDe and PT-srUSDe-15JAN2026, a high concentration of srUSDe supply in a single holder address, and the short residual maturity of the PT (around 42 days). Thin liquidity and concentrated ownership increase the risk of slippage and gap moves if that holder or other large participants rebalance or unwind, even though srUSDe itself is anchored by primary 1:1 mint and redemption against USDe.
Since the mainnet launch in October 2025, the srUSDe supply has grown to approximately 183 million tokens on Ethereum, with a significant share allocated to the PT/YT-srUSDe-15JAN2026 market on Pendle and integrated PT-srUSDe collateral markets on Morpho and Euler. Strata’s core protocol and pre-deposit vaults have undergone multi-phase audits by Cyfrin, Guardian, and Quantstamp.
1. Asset Fundamental Characteristics
1.1 Asset
Strata is a perpetual risk-tranching protocol offering structured yield products on Ethena USDe. It allows investors to customize their risk and return exposure through two tranches, Senior and Junior.
1.2 Architecture
The protocol introduces two liquid and composable tokens built on Ethena’s reward-bearing synthetic dollar, sUSDe: Strata Senior USDe (srUSDe) and Strata Junior USDe (jrUSDe).
1) Strata Senior USDe (srUSDe): An over-collateralized, yield-bearing synthetic dollar backed by USDe, representing the senior risk tranche in Strata’s structure. It earns yield by taking principal-protected exposure with a minimum return linked to the benchmark rate, plus uncapped upside participation in realized sUSDe APY.
2) Strata Junior USDe (jrUSDe): A yield-bearing investment product, representing the junior risk tranche in Strata’s structure. jrUSDe absorbs excess risk and APY volatility from the underlying sUSDe strategy and, in return, earns a risk premium from the senior tranche, targeting higher returns for investors willing to take subordinated risk.
Source:
Strata docs, December 3, 2025
Strata’s Dynamic Yield Split is the key mechanism that distributes yield from the pooled collateral between Senior USDe (srUSDe) and Junior USDe (jrUSDe), based on sUSDe APY, the benchmark rate, and how liquidity is split across the two tranches. When sUSDe APY is above the benchmark rate, the structure gives the senior tranche additional protection from the junior tranche, and the junior tranche earns a risk premium from the senior tranche, delivering potentially higher yields for risk-tolerant investors.
Source:
Strata docs, December 3, 2025
The current benchmark rate is the supply-weighted average of USDC and USDT lending rates on Aave v3 Core market. This makes the Aave rates a purer measure of on-chain capital cost and a more neutral benchmark for Strata Senior USDe (srUSDe).
Source:
Strata docs, December 3, 2025
srUSDe and jrUSDe yield split is calculated dynamically based on the USDe balance held in the Ethena StakingRewardsDistributor contract and is distributed linearly over each 8-hour reward epoch, following the same mechanism used by Ethena. The yield allocation dynamically adjusts on every protocol event based on the sUSDe performance, benchmark rate, and liquidity in both pools.
The srUSDe/USDe NAV started at ~$1 because each share initially represented USDe, and it has increased above as yield accrues to the underlying. The srUSDe contract tracks totalAssets (USDe/sUSDe backing the pool) and totalSupply (srUSDe outstanding), and the final srUSDe price is the exchange rate NAV = totalAssets / totalSupply.
The srUSDe earns a share of the yield generated by the protocol on the pooled USDe collateral by staking sUSDe. Its yield has a floor equivalent to the benchmark rate and uncapped upside exposure to sUSDe APY. In extreme scenarios (jrUSDe TVL ~ 0, sUSDe APY < benchmark rate), srUSDe will simply earn the same APY as sUSDe.
srUSDe earns a portion of the yield generated on pooled USDe collateral that is staked into sUSDe. Its return profile is structured with a floor at the benchmark rate and uncapped upside linked to realized sUSDe APY. In extreme scenarios (jrUSDe TVL = 0, sUSDe APY < benchmark rate), srUSDe effectively returns to earning the same APY as sUSDe.
Strata applies a 5% management fee on the yield generated from the pooled collateral. At present, this fee is waived for both srUSDe and jrUSDe. When activated, the full management fee is directed to the protocol treasury.
Mint/Redeem
Users can mint srUSDe by depositing USDe. The amount of srUSDe received is determined by the real-time srUSDe/USDe exchange rate minus any applicable minting fees. When srUSDe is redeemed, the user receives USDe based on the exchange rate, minus redemption fees. sUSDe redemptions are processed instantly, while USDe redemptions follow a 7-day cooldown period, consistent with Ethena’s sUSDe unbonding period.
Strata charges a fee when senior and junior tranche assets are redeemed. The redemption fee is distributed to senior and junior tranche holders, with a portion allocated to the protocol treasury.
1.3 Tokenomics
1.3.1 Token Holder Concentration
Source:
srUSDe holders, December 3, 2025
Almost the entire srUSDe supply is concentrated in a single SY-srUSDe wrapper contract. This address holds approximately 183M srUSDe (over 97%) out of a maximum supply.
2. Market Risk
2.1 Liquidity
For srUSDe, a secondary market is not strictly required because positions can be redeemed directly in the primary market for sUSDe at NAV without slippage. There is currently only a small srUSDe/USDe pool live on Uniswap, and the team plans to launch new sr/jr liquidity pools on Fluid, with incentives to bootstrap deeper secondary liquidity.
2.1.1 Liquidity Venue Concentration
Source:
DexScreener, December 3, 2025
Spot srUSDe liquidity is currently concentrated in a single Uniswap pool (srUSDe/USDe), which holds approximately $92k of liquidity against a circulating market cap of roughly $184 million and records only around $ 1,500 in 24-hour volume. This pool is effectively the sole venue for direct spot trading, while the majority of srUSDe size sits in the primary mint/redeem contract and in Pendle PT/YT markets.
2.1.2 DEX LP Concentration
No DEX LP data is currently available for this asset.
2.2 Volatility
Source:
GeckoTerminal, December 3, 2025
Secondary market data for srUSDe currently shows very limited realized volatility, largely because the token can be minted and redeemed 1:1 against USDe at NAV.
2.3 Exchanges
Strata srUSDe currently has no CEX listing.
2.4 Growth
Source:
Dune, December 3, 2025
srUSDe has shown strong growth since launch, scaling from effectively zero TVL in early October to around $180M by early December and stabilising in the $170–180M range.
3. Technological Risk
3.1 Smart Contract Risk
The Strata smart contracts were audited by Quantstamp, Cyfrin, and Guardian.
The main Strata Protocol contracts were audited 3 times:
- Quantstamp (Oct, 2025) - 1 medium, 2 low, 1 informational.
- Guardian (Sep, 2025) - 1 critical, 5 high, 14 medium, 5 low, and 8 informational.
- Cyfrin (Sep, 2025) - 1 critical, 2 high, 6 medium, 5 low, and 12 informational.
3.2 Bug Bounty Program
As of 3 December 2025, there is no publicly documented bug bounty program for Strata or srUSDe, and no listings exist on major security platforms. The team has indicated that a formal bug bounty and responsible-disclosure program is planned for Q1 2026.
3.3 Price Feed Risk
srUSDe pricing is determined entirely on-chain through the srUSDe/USDe exchange rate, which is calculated from the vault’s senior tranche assets and total srUSDe supply. The protocol maintains this exchange rate through its internal accounting process, reflecting yield allocation and changes in senior TVL. Integrations that require a dollar-denominated value apply the external USDe/USD Chainlink oracle separately.
3.4 Dependency Risk
Strata’s core dependency risk stems from the fact that its tranching system is built entirely on top of Ethena’s USDe/sUSDe stack and is therefore fully exposed to Ethena’s solvency. Any material impairment of USDe/sUSDe, changes to Ethena’s hedging or cooldown parameters, or issues with the Ethena contracts would transmit directly into srUSDe/jrUSDe, with jrUSDe acting as first-loss but only up to its available buffer.
In addition, Strata relies on its own on-chain monitoring setup to detect anomalies and trigger pauses or parameter changes.
4. Counterparty Risk
4.1 Governance and Regulatory Risk
The Terms of Service do not specifically define srUSDe as a legal claim, security, derivative, or any regulated financial product. The protocol and its tokens are designed explicitly for “technical use, not investment,” and the Interface Providers (i.e., “entities that make the Interface available”) disclaim any offers or promises of profit, passive return, or capital protection.
The Protocol is presented as non-custodial and permissionless. The Interface is simply a frontend to autonomous smart contracts; there is no fiduciary or legal relationship between holders and Interface Providers beyond the agreed Terms.
The Terms do not explicitly enumerate detailed minting or redemption rights for srUSDe. There is no contractual right, guarantee, or entitlement to mint or redeem from the Interface Providers. All interactions occur directly with the smart contracts at the user’s risk. Respectively, the holders of srUSDe do not have any right to claim assets, seek compensation for losses, or enforce delivery, redemption, or performance against the Interface Providers or any party behind the Interface.
Holders represent and warrant that they are not US persons, are not from OFAC-sanctioned or other prohibited jurisdictions, and will not bypass restrictions by VPN or similar means. Breaching these representations exposes them to access blocks and possible reporting.
The Terms specifically disclaim any promised tokens, yield, launch, or rights stemming from pre-deposit activities or mere token holding. In case of loss—whether due to smart contract failure, market volatility, integration risk, or any mechanism related to risk tranches (“senior” or “junior”)—users have “no recourse to the Interface Providers.” Furthermore, the liability of Interface Providers is capped at USD 100, to the maximum extent permitted by law, with broad disclaimers of all indirect, incidental, or consequential damages.
Under the Terms, srUSDe is intentionally designed to have no enforceable off-chain legal nature; the only “right” is whatever the smart contract algorithm allows on-chain at any given moment.
Since the Terms are governed by the laws of the Cayman Islands, the functional approach of the domestic legal framework to digital assets shall be observed. In the absence of redemption claims, profit rights, or third-party obligations, and given the “no offer of securities or investment contracts” representations, srUSDe would most likely be regarded as a protocol-native crypto-asset or “virtual asset,” but not a financial product or regulated security under Cayman law.
Terms Update
Following the 28 November 2025 update of the Terms, several material clarifications and structural changes have been introduced. These adjustments, informed by direct discussions with the Strata team, are outlined below, together with the key implementation details.
Access controls now apply specifically and exclusively to the web-based front-end interface operated by Frontera Labs, rather than to the Strata protocol itself.
Frontera Labs has implemented IP-based geoblocking, disclosed in the updated Terms of Service and Privacy Policy, to restrict access to the Interface from certain high-risk or prohibited jurisdictions. The Interface must not be used by persons or entities located in the United States or in a range of designated high-risk or restricted regions, including Abkhazia, Afghanistan, Angola, Belarus, Burundi, the Central African Republic, the Democratic Republic of Congo, Cuba, Crimea, Ethiopia, Guinea-Bissau, Iran, Ivory Coast (Côte d’Ivoire), Lebanon, Liberia, Libya, Mali, Burma (Myanmar), Nicaragua, North Korea, Northern Cyprus, Russia, Somalia, Somaliland, South Ossetia, South Sudan, Sudan, Syria, the Donetsk and Luhansk regions of Ukraine, Venezuela, Yemen, and Zimbabwe.
These territorial restrictions are implemented at the infrastructure layer via Cloudflare Firewall rules, which are maintained by Frontera Labs. Cloudflare applies automated IP-geolocation filtering that blocks direct access to the Interface from the listed jurisdictions. The relevant blocklist is reviewed and adjusted on an ongoing basis by Frontera Labs to reflect developments in global sanctions regimes and the company’s internal risk assessments.
Strata’s user-interface Terms were originally drafted under Cayman law at a time when no dedicated operating entity was in place. Responsibility for operating and maintaining the user interface has since been transitioned to Frontera Labs, Inc., a Delaware corporation, and the Terms are now governed by Delaware law. As users are required to accept the Terms as a condition for accessing the Strata Interface, the updated Terms form a binding contract under Delaware law. Accordingly, the associated risk disclosures, limitations of liability, and assumption-of-risk provisions will generally be enforceable, provided that they are presented in a clear, conspicuous, and reasonably noticeable manner prior to acceptance.
To clarify any residual ambiguity regarding the distinction between the Interface and autonomous smart contracts, the updated Terms now expressly state that the Strata Protocol itself does not form part of the “Services” provided by Frontera Labs. The Protocol is characterized as an independent, on-chain system that remains fully accessible without reliance on any infrastructure operated or controlled by Frontera Labs. Users may engage with the Protocol directly at the contract level or through third-party front-ends developed and operated by independent developers, without needing authorization from, or establishing a relationship with, Frontera Labs.
Consistent with this separation, Frontera Labs does not at any point have custody, possess, or control user assets. No Frontera Labs employee, system, private key, or administrative role is able to initiate, authorize, reroute, block, or execute transactions on a user’s behalf. Frontera Labs cannot alter balances, override withdrawal logic, seize or reassign tokens, freeze principal, mint assets to users, or direct the flow of funds; all such actions are exclusively governed by the autonomous operation of the deployed smart contracts.
The FAQ statement that “the senior tranche (srUSDe) is principal-protected in USDe terms” is now explicitly framed as a purely technical description of the mechanism implemented in the smart contracts, rather than as a promise, warranty, or guarantee by any legal entity or individual. The Strata team has clarified that this language is intended to describe how the autonomous risk-tranching logic functions under normal conditions, not to create an enforceable contractual undertaking, regulatory-style guarantee, or legally cognizable form of principal protection.
Under the revised structure, the risk disclosures, warranty disclaimers, assumption-of-risk provisions, and liability waivers contained in Strata’s UI Terms are intended to be fully effective and enforceable under the laws of the State of Delaware. There is no Cayman-law impediment to this arrangement: no Cayman entity is providing services to users, operating the Interface, or entering into contractual relationships with them. As a result, Cayman law does not impose separate contractual or licensing requirements on the Terms themselves.
Nonetheless, the team has undertaken a preliminary review of the Strata Protocol and the regulatory characterization of the srUSDe token under Cayman law. The conclusions of that analysis align with the assumptions outlined in the earlier sections of this risk assessment: srUSDe is most accurately understood as a “virtual asset” generated by an autonomous, non-custodial smart contract system, rather than as a security or a regulated investment product. No Cayman entity issues srUSDe, acts as custodian, intermediates user transactions, or conducts any activity that would constitute a “virtual asset service” under the Cayman VASP Act. On this basis, srUSDe does not constitute a security under the Securities Investment Business Act (SIBA) and does not form part of any Cayman-regulated investment fund structure.
4.2 Access Control Risk
4.2.1 Contract Modification Options
The srUSDe token is deployed as an ERC-1967 transparent proxy pattern controlled via a 48h Timelock contract. For srUSDe, the modification process is controlled through role-gated functions on the StrataCDO and related contracts. Governance assigns these roles to specific addresses; whoever holds a role can change only the parameters wired to that role.
- COOLDOWN_WORKER_ROLE: runs the technical steps for unstake/cooldown flows for the redemption.
- PAUSER_ROLE: can pause or unpause deposits/redemptions.
- RESERVE_MANAGER_ROLE: can move reserve funds and set the treasury address, directly affecting how much buffer remains to protect tranches.
- UPDATER_CDO_APR_ROLE: triggers CDO accounting updates so yield is realised into srUSDe/jrUSDe NAVs.
- UPDATER_FEED_ROLE: pushes new APR data into the rate feed.
- UPDATER_STRAT_CONFIG_ROLE: adjusts strategy and risk parameters (including cooldown settings), effectively tuning how conservative or aggressive the Ethena exposure is.
4.2.2 Timelock Duration and Function
Strata governance uses two timelock contracts for sensitive actions. The first timelock has a minimum delay of 48 hours. Its PROPOSER_ROLE is held by the Admin Multisig and its CANCELLER_ROLE is held by the Guardian. The second timelock has a minimum delay of 24 hours, with the same Admin Multisig holding the PROPOSER_ROLE.
4.2.3 Multisig Threshold / Signer Identity
Strata utilizes two Gnosis Safe multisigs, where each wallet is controlled by founding members and core contributors, and employs a separate-device cold-wallet setup. The Operational Multisig is a 2-of-3, and the Admin Multisig is a 3-of-4 multisig.
The Admin Multisig signers:
The Operational Multisig signers:
The Guardian role is held by Patrick Collins, Co-Founder & CEO of Cyfrin. The Guardian adds an additional control layer on top of the 24h and 48h timelocks by holding the right to veto or cancel queued timelock transactions before execution if they appear malicious, compromised, or unsafe. This role actively monitors pending governance actions via internal tooling and third-party security systems, such as Hypernative, and can mitigate threats by canceling suspicious transactions and notifying contributors.
Disclaimer
This review was independently prepared by LlamaRisk, a DeFi risk service provider funded in part by the Aave DAO. LlamaRisk is not directly affiliated with the protocol(s) reviewed in this assessment and did not receive any compensation from the protocol(s) or their affiliated entities for this work.
The information provided should not be construed as legal, financial, tax, or professional advice.
