Jan 29, 2025
This is an archive of our post on Aave governance forum. Read the full thread here.
Summary
LlamaRisk recommends onboarding rsETH on the Scroll V3 instance. Since the main use case is to leveraged-loop rsETH with wstETH, an rsETH-wstETH E-mode makes sense. Although the liquidity available for rsETH is limited, the fact that rsETH will be correlated with its debt asset wstETH allows for a larger supply cap.
A contract function — used for bridging funds — previously allowed an EOA to withdraw user funds to itself, representing a significant risk for users and Aave. After reaching out to the team, they promptly fixed the issue by upgrading the contract. We note that no Timelock is slowing down contract upgrades or parameter updates, something that could increase safety for users.
Liquidity
Source: Kyberswap, January 29th, 2025
We found 160 wrsETH ($467k) of liquidity within a 7.5% price impact.
The top 3 liquidity pools by TVL are:
Ambient wrsETH/ETH: $2.42m of TVL
Nuri wrsETH/ETH: $138k of TVL
Nuri wrsETH/agETH: $110k of TVL
Access Control
Kelp is using LayerZero for bridging the assets deposited on Scroll to the Ethereum mainnet, where it is restaked. Only ETH can be deposited for rsETH on Scroll. A LayerZero endpoint is used to receive the rsETH/ETH exchange rate.
Here are the controlling wallets:
ProxyAdmin contract from OpenZeppelin that is owned by the 2/6 Multisig
The Kelp architecture on Arbitrum is made of the two following contracts:
RSETHPool: deployed behind a TransparentUpgradeableProxy contract from OpenZeppelin. Allows for the minting of rsETH on Scroll by depositing ETH, which is then bridged to Ethereum mainnet for restaking within EigenLayer.
RSETH_OFT: LayerZero ERC20 contract representing rsETH on Scroll.
RsETHTokenWrapper: deployed behind a TransparentUpgradeableProxy contract, a thin wrapper around rsETH that is redeemable for it on a 1-1 basis.
The two following roles control the RSETHPool contract:
DEFAULT_ADMIN_ROLE: assigned to the 2/6 Multisig, can set the fee, pause/unpause deposits, update the oracle for rsETH, update the L1 vault address, update the Stargate pool, add/remove accepted tokens, and update the LayerZero destination chain.
BRIDGER_ROLE: assigned to the EOA, can withdraw fees and trigger the sending of funds to the bridge (bridgeAssets() method).
The RSETH_OFT contract is owned by the 2/6 Multisig.
The RsETHTokenWrapper contract has the following roles:
DEFAULT_ADMIN_ROLE: assigned to the 2/6 Multisig, can remove rsETH from the list of allowed collateral.
BRIDGER_ROLE: not assigned, can deposit assets to collateralize the wrsETH tokens minted.
MINTER_ROLE: assigned to the RSETHPool contract, can mint new units of wrsETH.
No timelocks slowing down contract upgrades or parameter changes were found. The EOA was previously able to send all ETH in the RSETHPool to itself, which was a significant risk. We contacted the Kelp team, who promptly deprecated the contract function associated with upgrading the contract.
Price feed
Although a Chainlink price feed for rsETH on Scroll is available, we recommend using the internal exchange rate of rsETH together with CAPO. The internal exchange rate for rsETH on Scroll is pushed through LayerZero, the risk of which is already borne by Aave since the minting and burning of rsETH on Scroll also happens through LayerZero. This will also depend on BGD’s preference and technical evaluation.
Aave V3 Specific Parameters
(discussed and aligned with @ChaosLabs)
Parameter rsETH Isolation Mode No Emode Yes Borrowable No Borrowable in Isolation No Collateral Enabled Yes Stable Borrowing No Supply Cap 600 Borrow Cap - Debt Ceiling - LTV 0.05% LT 0.10% Liquidation Bonus 7.5% Liquidation Protocol Fee 10% Reserve Factor - Base Variable Borrow Rate - Variable Slope 1 - Variable Slope 2 - Uoptimal - E-mode wrsETH/wstETH
rsETH/wstETH E-Mode on Scroll
Parameter Value Value Asset wrsETH wstETH Collateral Yes No Borrowable No Yes LTV 92.5% - LT 94.5% - Liquidation Penalty 1.00% -
Disclaimer
This review was independently prepared by LlamaRisk, a community-led non-profit decentralized organization funded in part by the Aave DAO. LlamaRisk is not directly affiliated with the protocol(s) reviewed in this assessment and did not receive any compensation from the protocol(s) or their affiliated entities for this work.
The information provided should not be construed as legal, financial, tax, or professional advice.