[ARFC] Onboard tETH to Aave v3 Prime Instance

1. Asset Fundamental Characteristics

1.1 Asset

tETH, issued by Treehouse Protocol, is a liquid ETH staking ERC20 token on Ethereum and Arbitrum designed to consolidate the fragmented on-chain interest rate market. tETH implements a leverage staking strategy by integrating Lido and Aave. tETH boosts ETH staking yields via leverage. Throughout the 1-year backtesting period (from June 9, 2023, to June 9, 2024), the tETH strategy has outperformed Lido staking by approximately 0.6%.

image1984×1022 184 KB

1.2 Architecture

When a user deposits ETH, WETH, stETH, or wstETH, the protocol issues an equal amount of tETH, representing the depositor’s pool share. Deposited ETH is staked through Lido, yielding wstETH, and the protocol enters a leverage loop on Aave:

1. Use wstETH as collateral.
2. Borrow ETH.
3. Stake the borrowed ETH through Lido.
4. Wrap the resulting stETH to wstETH and repeat.

The loop halts at a loan-to-value (LTV) target of 0.80. With Aave’s 94.5% liquidation threshold (eMode), the resulting health factor is about 1.18, sufficient to remain ≥ 1.0 if wstETH falls roughly 15.8%—the largest historical de-peg observed.

image1536×1227 94.7 KB

Yield consists of

• Ethereum staking rewards and
• The spread between the ETH borrowing rate on Aave and the staking rate.
  If borrowing costs rise above staking returns, the position can become unprofitable.

Withdrawal methods

• Swap – Immediate exchange via the tETH/wstETH Curve pool for amounts up to 200 wstETH (the Redemption Band).
• Normal Redemption – For amounts above 200 wstETH. tETH is burned, positions are unwound, and wstETH is claimable after roughly 7 days; a 0.05% fee applies.
• Fast Redemption – Instant withdrawal up to a protocol-defined cap; incurs a flat 2% fee.

image548×237 16 KB

Multiple exit routes help limit forced selling pressure and reduce the likelihood of sharp price moves such as the -80 % ezETH event in 2024.

Peg-related mechanisms

1. Protocol-Owned Peg Protection (PPP)
   If tETH trades below its intrinsic value, the protocol uses the Insurance Fund to buy tETH in the Curve pool and redeem it. Arbitrage gains are allocated:
   • 25% – Insurance Fund
   • 25% – Curve pool liquidity
   • 25% – tETH holders
   • 25% – Treasury
2. Insurance Fund
   • Finances PPP operations.
   • Covers rebalancing shortfalls when borrowing costs exceed staking rewards (up to the staking rate).
   • May address other losses, subject to governance.
3. Underlying LST De-peg Plan
   If any collateral LST deviates by >2% from ETH for more than 24 h, the protocol:
   • Sells LST for ETH,
   • Repays Aave debt,
   • Withdraws remaining collateral, and
   • Allows users to withdraw in LST form.

Borrow-cost management

If Aave ETH utilization remains above 89% for two consecutive days, the protocol repays part of its debt by converting wstETH to ETH, aiming to reduce utilization and associated borrowing costs.

Decentralized Offered Rates (DOR)

Treehouse plans to publish on-chain benchmark rates (DOR). Future versions may allow tETH collateral to be restaked to support the rate-setting process and to earn additional rewards.

1.3 Tokenomics

tETH is denominated in wstETH, so tETH is a value-accumulating non-rebasing receipt token representing a user’s stake in the underlying assets in the tETH pool. That means a user’s balance of tETH will remain unchanged, and the value of tETH increases instead. The yield generated is credited to tETH holders once a day, and the yield distribution is reflected in the tETH:wstETH exchange rate.

The market cap of tETH to collateral value ratio is 1:1, as seen in the following images (Total collateral = tETH on Ethereum + Arbitrum):

image975×255 21.4 KB

Source: Vaults, Treehouse Finance, April 8th, 2025.

The total underlying ETH amount is 87,218 ETH, and the Vault Capacity is 100,000 ETH, which means 87.21% of the tETH vault that has been filled.

Treehouse Finance does not currently have a governance token.

1.3.1 Token Holder Concentration

image900×363 24.8 KB

Source: Top 100 tETH Holders on Ethereum, Etherscan, April 8, 2025.

Underlying assets behind tETH, 87,218 ETH, represent 0.072% of the total ETH supply.

The top 5 holders of tETH are:

• Pendle SY tETH Contract: 19.3% of the supply.
• 0xbe8dCE3e74B225180BC2e3D1290AB6997E810Df8: 12.2% of the supply.
• Ether.Fi Liquid ETH Contract: 11.6% of the supply.
• Compound cWstETHv3 Contract: 5.7% of the supply.
• 3/4 Safe Multisig: 4.9% of the supply.

The top 10 holders own 70.6% of the total supply. When considering the top 100 holders, this concentration increases to 98.0%.

2. Market Risk

2.1 Liquidity

image460×423 22.4 KB

Source: tETH Liquidity, LlamaSwap, April 8th, 2025.

There is a 7.07% slippage for selling 1650 tETH. Considering tETH’s market cap, tETH has poor DEX liquidity. If Aave liquidators need to sell tETH to cover bad debt, this could cause tETH price fluctuations on DEXs.

2.1.1 Liquidity Venue Concentration

image1015×375 51.1 KB

Source: tETH Liquidity Pools on Ethereum by Trading Volume, DEX Screener, April 8, 2025.

The total tETH liquidity across DEXs on the Ethereum network is approximately $9.2M, with most of it held in two Curve pools. These 2 Curve pools and a Balancer liquidity pool are the only liquidity venues with significant volume.

tETH Liquidity pools, ranked by TVL (as of April 8, 2025):

• Curve tETH/weETH: $4.4M
• Balancer tETH/wstETH: $2.8M
• Curve tETH/wstETH: $2.0M
  • tETH redemptions within the value of the Redemption Band are done through this pool.

2.1.2 DEX LP Concentration

LP concentration is very high, with Treehouse nearly providing all the liquidity. However, Treehouse does not have an incentive to pull the liquidity out. Here is the breakdown for the 3 liquidity pools (as of April 8, 2025):

• Curve tETH/weETH: 99.4% of the liquidity is held by 2 addresses.
  • 76.0% of the liquidity is held by 0xaD744e7B3ae782b2c6DD6c316332d60ac33D8Db2. Examining the transaction history, it is very likely that this contract belongs to Treehouse.
  • 23.4% of the liquidity is held by 0x5E4ACCa7a9989007cD74aE4ed1b096c000779DCC. This is a SimpleStakingERC20 contract that belongs to Treehouse.
• Curve tETH/wstETH: 99.9% of the liquidity is held by the same 2 addresses as the other Curve liquidity pool above.
  • 76.3% of the liquidity is held by 0x5E4ACCa7a9989007cD74aE4ed1b096c000779DCC.
  • 23.6% of the liquidity is held by 0xaD744e7B3ae782b2c6DD6c316332d60ac33D8Db2.
• Balancer tETH/wstETH: 93.5% of the liquidity is held by the same 0xaD744e7B3ae782b2c6DD6c316332d60ac33D8Db2 that likely belongs to Treehouse.

2.2 Volatility

Since launch, tETH has closely tracked wstETH—its underlying asset—exhibiting no material price dislocations. The protocol denominates all internal accounting in wstETH. Historical price behavior should align with this ratio, assuming the yield differential between tETH and wstETH has remained broadly constant. The Curve pool data below supports that expectation.

image2100×850 141 KB

Source: tETH/wstETH pool, Curve, 28 Mar 2025.

Across the observed period, deviations from the modeled ratio have stayed within ±1 %, indicating limited volatility relative to the underlying asset.

2.3 Exchanges

tETH is exclusively traded on DEXs and is not currently listed on any centralized exchange.

2.4 Growth

image2844×1194 148 KB

Source: tETH TVL regarding ETH on Ethereum and Arbitrum, Dune, March 28, 2025.

image1462×616 29.9 KB

Source: tETH Number of Holders on Ethereum, Dune, April 4, 2025.

The TVL (in terms of ETH) of tETH on Ethereum and Arbitrum and the number of tETH holders have been constantly increasing.

3. Technological Risk

3.1 Smart Contract Risk

Treehouse Finance has demonstrated a strong commitment to security by subjecting its smart contracts to multiple external audits. 3 recent audits have been done that relate to tETH:

• Trail of Bits (October, 2024): 2 medium severity vulnerabilities and 4 informational issues were found. 1 medium severity vulnerability and 3 informational issues were resolved.
• Sigma Prime (September, 2024): 1 low severity vulnerability and 3 informational issues were found. One low-severity vulnerability and 2 informational issues were resolved.
• Fuzzland (September, 2024): 6 low severity vulnerability and 4 informational issues were found. All resolved.

Omniscia and BlockSec audits are announced to be coming soon.

3.2 Bug Bounty Program

Treehouse Finance has a Bug Bounty program with Hackenproof. There are 2 programs, Treehouse Web and Treehouse Smart Contracts, with rewards up to $10,000 and $250,000 respectively, depending on the severity of the threat.

Treehouse Web program offers $2,500 - $10,000 for critical, $1,000 - $2,500 for high, $500 - $1,000 for medium, $100 - $500 for low severity vulnerabilities found. There have been 58 submissions for this program so far.

Treehouse Smart Contracts program offers $100,000 - $250,000 for critical, $25,000 - $50,000 for high, $5,000 - $10,000 for medium, $1,000 - $2,000 for low severity vulnerabilities found. There have been 63 submissions for this program so far.

There are no disclosed reports at the moment, so the results of the Bug Bounty Program are unknown.

3.3 Price Feed Risk

tETH is priced based on the protocol’s internal accounting of its underlying wstETH holdings, with the exchange rate updated by smart contract logic. To prevent donation attacks or sudden, unaccounted-for changes in net asset value (NAV), a “deviation” threshold limits how much the NAV can change in a single update—if the change exceeds this limit, the update is blocked. This mechanism protects users from manipulation or operational errors affecting tETH’s value.

3.4 Dependency Risk

tETH is presently collateralized by wstETH. A failure of Lido—or any additional LST protocol that Treehouse may add—would eliminate that collateral and, by extension, the intrinsic value of tETH. Because the protocol has no control over external LST operations, its main mitigation is diversification: Treehouse assesses other LSTs, applies risk-weight caps, and may hold several tokens to avoid total reliance on a single provider.

A sustained wstETH price decline relative to ETH raises the loan-to-value (LTV) of the leveraged position on Aave. A 16 % de-peg, for example, would push the strategy’s LTV to 96 %, exceeding Aave’s 95 % liquidation threshold and forcing collateral sales. The –80 % ezETH event in 2024 illustrates how sharply an LST can diverge. Treehouse’s automated De-pegging Contingency Plan unwinds positions and repays debt whenever a > 2 % de-peg persists for 24 hours.

The leverage loop relies on Aave. A failure of that lending protocol—due to contract exploits, insolvency, or regulatory action—would endanger the collateralized wstETH. Treehouse can reduce concentration by splitting leverage across several over-collateralized lenders, which increases operational complexity.

Aave’s positions depend on Chainlink price feeds. Incorrect or delayed oracle data can prompt liquidations, with losses estimated by (1 − LTV) + LTV × de-peg %, as described in the oracle-risk documentation. The specific feeds are the ETH/USD and wstETH/ETH oracles.

Transfers of tETH from Ethereum to Arbitrum use Chainlink’s CCIP. Any downtime, message-layer attack, or oracle manipulation affecting CCIP could delay or mis-route bridged funds, adding another dependency risk for users who rely on cross-chain liquidity.

4. Counterparty Risk

4.1 Governance and Regulatory Risk

Treehouse Finance does not have a DAO and does not have a governance token. The core team currently handles all operations. However, it is mentioned in the documentation that parameters will be subject to governance in the future, so the creation of a DAO structure is to be expected.

Treehouse’s corporate architecture is anchored in the Republic of Panama, with Gaia Labs Corp identified in the Terms of Service as the owner and operator of the website located at https://treehouse.finance/. These Terms govern every aspect of a user’s interaction with the website, the Treehouse Protocols, and any additional blockchains on which the protocols are deployed. Although the Treehouse Protocols are freely accessible as open-source software on GitHub, Gaia Labs Corp, and its affiliates retain the ability to maintain and modify the codebase.

According to the Terms, the protocol enables users to engage in specific activities, particularly deploying their own supported digital tokens through a pass-through mechanism that can direct those assets to external protocols such as Lido or Aave. Using Treehouse for that purpose, users acknowledge that each deployment is executed solely at their own initiative; no third party assumes custody of, exercises discretion over, or otherwise controls their tokens. The documentation further clarifies that Treehouse has no corporate affiliation with Lido, Aave, or their respective development teams and offers no assurances regarding the stability or security of those third-party platforms.

Access to Treehouse is barred for any “Excluded Person,” meaning an individual or entity that is a citizen of, resident in, domiciled in, or physically present within an “Excluded Jurisdiction.” The list of excluded territories presently encompasses the United States and its possessions, the People’s Republic of China, any jurisdiction designated by the Financial Action Task Force as “High-Risk or Other Monitored,” and any other locale where the use of Treehouse would be illegal or subject to licensing, permit, or approval requirements. Users are prohibited from using virtual private networks or similar tools to conceal their location.

From a regulatory standpoint, Treehouse operates where Panamanian law currently leaves largely unaddressed. Panama has yet to impose a supervisory regime on non-custodial staking services; by extension, DeFi activities that rely on non-custodial staking remain outside established oversight. Likewise, Panamanian statutes do not expressly regulate liquid-staking tokens, and the Superintendency of the Securities Market has indicated that, under existing securities legislation, it does not regard cryptocurrencies—or, by implication, LSTs—as securities.

4.2 Access Control Risk

4.2.1 Contract Modification Options

The tETH contract is an ERC1967 upgradeable proxy implemented via an ERC-4626-compliant upgradeable vault contract. The implementation address is 0xD1A622566F277AA76c3C47A30469432AAec95E38, and it inherits from ERC4626Upgradeable. The strategy execution is primarily automated. For example, looping continues programmatically until the safe LTV is reached. The Loan Repayment Strategy triggers automatically when ETH borrowing utilization exceeds 89% for 48 hours. Manual governance is only required for upgrades or parameter tuning, not day-to-day operations. It has critical modification options controlled by its admin, including:

The contract includes several privileged functions that allow administrative modifications, posing significant access control risks. The most critical modification capabilities are:

Changing Contract Ownership:
Functions: transferOwnership, acceptOwnership, renounceOwnership.
Impact: Transfers or permanently relinquishes ownership.

Upgrading Contract Logic:
Function: upgradeToAndCall.
Impact: Enables upgrades to the contract’s implementation (via UUPS proxy pattern); this allows changes to the core logic, tokenomics, or security.

Blacklisting/Unblacklisting Addresses:
Functions: blacklist, unBlacklist.
Impact: Restricts or permits specific addresses from interacting with the contract.

Modifying Blacklister Role:
Function: updateBlacklister.
Impact: Changes the address authorized to execute blacklist/unblacklist actions, altering access control parameters.

Minting New Tokens:
Function: mint.
Impact: Increases token supply. This enables inflationary exploits.

Altering Administrative Privileges:
Functions: Ownership-related functions (transferOwnership, renounceOwnership) and role updates (updateBlacklister).
Impact: Shifts critical permissions to new addresses, risking centralized control.

Since there is no timelock or governance process, these modification options bring a centralization risk.

4.2.2 Timelock Duration and Function

The tETH contract and the owner do not appear to have timelock functionality.

4.2.3 Multisig Threshold / Signer identity

The owner of tETH contract is a 5/7 Safe multisig.

The signers are:

• 0x4D8aC8527849018E1fe60Bafce26D635fDB570a9
• 0xaBA92efa92a7a8F10bDf3d608838D368c7860F5b
• 0x52fD0D1C58Ea9f0F4336583E29b403c96143d1D0
• 0x9F24fDD290c4A32a7Eef0CD0C4365fA326420Da7
• 0xD795504963F418B35bFB108e5cA87e8cC97Ee067
• 0x21B57aC972D4DF5f452a1E36EBAB68d96b2aC692
• 0xfE801FEbd1c0A13652d6325f789b9a50fC90e617]

Note: This assessment follows the LLR-Aave Framework, a comprehensive methodology for asset onboarding and parameterization in Aave V3. This framework is continuously updated and available here.