LlamaRisk recommends onboarding WETH to the Aave V3 Celo instance. While we acknowledge the asset’s limited liquidity, on-chain supply, and price history, these limitations are primarily due to Celo’s recent migration to an OP stack L2 (March 2025). The concentrated token distribution, with 85% held by just two accounts (primarily in Velodrome liquidity pools), reflects this recent deployment rather than fundamental concerns. From a technical perspective, WETH benefits from leveraging the extensively audited OP Stack infrastructure, which is protected by a robust $2 million bug bounty program providing additional security assurances. As a well-established asset, WETH’s introduction to the Aave Celo instance should attract significant liquidity, with the native bridged implementation expected to follow growth patterns similar to the existing Wormhole bridge WETH ($4.5M).
Collateral Risk Assessment
1. Asset Fundamental Characteristics
1.1 Asset
Wrapped ETH represents the ERC20 version of Ether. Tokenization solves the interoperability issue that limits ETH’s use in dApps and trade with other ERC20 tokens, given that it predates the ERC20 standard implementation.
1.2 Architecture
WETH represents a 1:1 peg with ETH, the canonical smart contract responsible for issuing WETH swaps ETH for an equivalent amount of WETH. Inversely, Wrapped ETH can be unwrapped in exchange for its underlying ETH amount.
1.3 Tokenomics
The primary functions for issuing WETH are deposit and withdraw. Total supply varies with the amount of ETH deposited. WETH on Celo is bridged natively using Standard Bridge, the bridging system for OP Stack chains. Users can access Superbridge, the frontend interface to bridge ETH from L1 to L2.
For context, Celo recently migrated from L1 to L2 (as of March 26th, 2025) using the OP stack. WETH is minted from L1 deposits, initiated by depositTransaction calls via the OptimismPortal contract on Mainnet. Thereafter, L2 nodes listen for TransactionDeposited events to mint on Celo.
1.3.1 Token Holder Concentration
| Description |
Value |
| Total Holders |
49 |
| Total WETH Supply |
999.99 |
| Top 10 Address Holdings |
99.88% |
| Largest Holder |
CLPool (58.47%) |
Source: Celoscan, April 10th, 2025
85% of WETH is concentrated in 2 accounts, with the largest holder being a Velodrome liquidity pool (58%) and the second a 2/6 Multisig (32%). The third, fourth, and fifth largest are an unverified contract (~5%), WETH/CELO Uniswap pool (~3%), and USDT/WETH Uniswap pool (~2%). While most WETH is in a liquidity pool with multiple LPs, the asset’s narrow distribution across accounts could be explained by the contract’s recent launch (March 26th, 2025).
2. Market Risk
2.1 Liquidity
Source: Velodrome Finance, April 14th, 2025
Relative to the available supply onchain (>1000 WETH), DEX liquidity is only available for ~56 WETH ($92K) within a 5% price impact.
2.1.1 Liquidity Venue Concentration
Source: Coingecko, April 12th, 2025
According to Coingecko, only 2 liquidity sources are available for WETH: Uniswap and Velodrome.
2.1.2 DEX LP Concentration
The Velodrome USDT/WETH pool currency has 19 liquidity providers (addresses holding VELO-CL-POS), with 1 address providing 66% of the pool’s liquidity.
Observing Uniswap liquidity provision events (add/remove) for WETH/CELO and USDT/WETH, no results were found post the contract creation, possibly indicating a single liquidity provider in each pair.
2.2 Volatility
Source: Geckoterminal, April 14th, 2025
Given L2 WETH’s short history, the available data is too small to infer the asset’s volatility.
2.3 Exchanges
No CEX currently supports Celo WETH.
2.4 Growth
Source: L2Beat, TVS Breakdown, April 14th, 2025
Early growth has been positive since the contract was deployed, accounting for approximately $1.5M (1K WETH).
3. Technological Risk
Celo’s transition from an EVM-compatible L1 to an OP stack layer 2 introduces significant technical changes, which are summarized below.
3.1 Smart Contract Risk
Since the Standard Bridge and OptimismMintableERC20 facilitate the minting of WETH and form part of a wider OP stack codebase, risk assessments fall under OP stack audits. Multiple audits have been completed on OP stack code, with 6 audits related to Bedrock (the current OP stack version) to date.
3.2 Bug Bounty Program
An Optimism bug bounty program worth $2m provides security incentives for the general codebase, which includes the OptimismMintableERC20Factory contract that generates OptimismMintableERC20 contracts on the network it is deployed to, L1StandardBridge, and L1CrossDomainMessenger.
3.3 Price Feed Risk
WETH is pegged 1:1 to ETH based on a collateralization pricing mechanism. The REMOTE_TOKEN address points to the L1 WETH contract on the Ethereum mainnet. The price is maintained at L1 WETH through:
- Minting/Burning: Only the
BRIDGE (StandardBridge) can mint/burn tokens (via mint and burn), ensuring supply matches locked L1 WETH.
- Collateral: L1 WETH is locked in the L1 bridge contract when users deposit and unlocked when withdrawn.
Potential intrinsic pricing risk if the L1 WETH contract is exploited, affecting the price of L2 WETH.
An ETH/USD Chainlink price feed is available on Celo, which has a 0.1% deviation threshold and 24-hour heartbeat.
3.4 Dependency Risk
Native bridged WETH utilizes Standard Bridge to bridge L1 WETH to Celo. The Standard Bridge comprises 2 contracts, L1StandardBridge on Ethereum and L2StandardBridge on Celo. CrossDomainMessenger is used to communicate deposits and withdrawals between the chains.
WETH relies on the L1StandardBridge contract to escrow L1 ETH and the L2StandardBridge to mint WETH on Celo.
4. Counterparty Risk
4.1 Governance and Regulatory Risk
4.2 Access Control Risk
OptimismMintableERC20 contract is a representation of a token on an L2 from mainnet. It allows Standard Bridge to mint and burn tokens.
The Standard Bridge contract can:
- Mint tokens when assets are deposited from L1 to L2.
- Burn tokens when assets are withdrawn back to L1.
The BRIDGE role is set at deployment by the OptimismMintableERC20Factory and is the only address with mint/burn privileges.
Proxy Admin is the owned by 2/2 Nested Multisig.
Here are the controlling wallets:
These multisigs are controlled by cLabs and the Celo Community Security Council. Proxy Admin control over the bridging contract is evenly distributed between the Celo development team and Community members.
4.2.1 Contract Modification Options
The contract has no proxy pattern (non-upgradeable).
4.2.2 Timelock Duration and Function
No timelocks are present.
4.2.3 Multisig Threshold / Signer identity
As stated in section 3.4. The Proxy Admin contact is managed by 2 nested multisigs, one owned by the cLabs team and the other by Celo community members.
The most recent update on Celo Community Security Council members consists of:
L2Beat
Hyperlane
Valora
Mento
Nitya Subramanian
Kris Kaczor
Tim Moreton
Aaron Boyd
Below is a list of addresses for each of the signers in no particular order:
0x148dfac5df51ab1d7b02a3b53f1e2da1f0a6b5ca
0xD1C635987B6Aa287361d08C6461491Fa9df087f2
0x2be5e223e368e8c0f404a1f3eb4eb09f99c8fad8
0x6fdb3ea186981aa32dd8e7b782d95733ca3c13a1
0x5f70938aa8d2fd91ee3959998e5ddaacfb6ffb85
0xd0cE4D055d04bDA69b20815A3F796019bB68c6Db
0xb963047c5d875b7fe777339b1e6b61ac4df1f3e2
0xc3E966E79eF1aA4751221F55fB8A36589C24C0cA
Note: This assessment follows the LLR-Aave Framework, a comprehensive methodology for asset onboarding and parameterization in Aave V3. This framework is continuously updated and available here.
This review was independently prepared by LlamaRisk, a community-led decentralized organization funded in part by the Aave DAO. LlamaRisk is not directly affiliated with the protocol(s) reviewed in this assessment and did not receive any compensation from the protocol(s) or their affiliated entities for this work.
The information provided should not be construed as legal, financial, tax, or professional advice.
