Curve
Curve
Jul 7, 2023
Useful Links
Website: coinbase.com/cbeth
Documentation cbETH white paper | GitHub | Token Design | Audit | Pricing and Fee Disclosures | User Agreement | API Public Sandbox
Social: Twitter
Contracts: cbETH | ExchangeRateUpdater | MintForwarder
Governance: Investor Relations
Markets: Coinbase | UniV3 cbETH/ETH | Bal cbETH/wstETH | Bal cbETH/Boosted Aave v3 WETH | Curve cbETH/ETH
Dashboards: Dune: cbETH | Dune: Staking as a Service | DeFiLlama: cbETH
Introduction
This report is conducted by the Prisma independent risk and research team operated by Llama Risk as part of a series on LSD collateral risk assessments. In this report, we examine Coinbase's cbETH.
This report will comprehensively cover all relevant risk factors of cbETH for collateral onboarding. Our approach involves both quantitative and qualitative analysis to help determine whether the collateral can be safely onboarded and to what extent there should be restrictions on the protocol’s exposure to the collateral.
As Prisma will be onboarding a variety of LSDs as collateral, our review involves comparative analysis to determine suitability as collateral. Risks are categorized into:
Market Risk - risks related to market liquidity and volatility
Technology Risk - risks related to smart contracts, dependencies, and oracle price feeds
Counterparty Risk - risks related to governance, centralization vectors, and legal/regulatory considerations
These risk categories will be summarized in the final section of this report and are meant to assist tokenholders in their determination around cbETH onboarding and setting suitable parameters.
Section 1: Protocol Fundamentals
This section addresses the fundamentals of the proposed collateral. It is essential to convey (1) the value proposition of cbETH, and (2) the overall architecture of the protocol. This section contains descriptive elements that cannot be quantified and act as a descriptive introduction to the collateral.
This section is divided into 2 sub-sections:
1.1: Description of the Protocol
1.2: System Architecture
1.1 Description of the Protocol
Key metrics (as of June 2023)
Circulating Supply: 190.2K cbETH
Staked Tokens: 1,108,975 ETH (~$2.16b)
Number of stakers (validators): 65,677 (Coinbase Pool) | 23 (Coinbase Cloud Node Operator)
Number of operators (mainnet): unknown
Market share of ETH staked: 5.57%
Market share of LSDs: 11%
1.1.1 Underlying Collateral
Coinbase Wrapped Staked ETH (cbETH) is a utility token that represents ETH2 or ETH staked through Coinbase to validate transactions on the Beacon Chain. The underlying collateral is ETH and the staking provider and token issuer is exclusively Coinbase. It was deployed to mainnet in February 2022 and officially launched on August 24th, 2022.
The white paper describes how cbETH is based on Compound v2’s cToken model, with a notable feature that cbETH does not keep a 1:1 peg with ETH, but uses a rate conversion that updates based on staking rewards earned minus penalties. Coinbase has chosen to model cbETH after cTokens because it is not a rebasing token and is thus more easily compatible with DeFi applications.
The cbETH contract inherits from USDC (i.e. FiatTokenV2_1) with additional contracts to update the cbETH:ETH exchange rate (ExchangeRateUpdater) and set permissioned minters (MintForwarder). Coinbase manages all permissioned addresses within the cbETH system.
1.1.2 Yield Accrual Mechanism
cbETH represents staked ETH plus accrued staking interest (rewards) minus penalties starting from June 16, 2022, when cbETH's conversion rate and balance were initialized.
Users can realize their accrued yield upon redemption. A floating conversation rate accounts for staking/unstaking activity, rewards, penalties, and fees. The exchange rate is updated daily by the ExchangeRateUpdater contract. As the underlying staked ETH continues to accrue rewards, each cbETH’s token will represent more staked ETH and prices will diverge.
Here's a cbETH / ETH price chart showing yield accrual over time:
Source: Chainlink Price Feed | Date: 6/22/2023
Primary variables in the Conversion Rate equation are:
Conversion Rate = Total Wrapped Staked ETH / Total cbETH Supply.
Total Wrapped Staked ETH = Staked ETH in settled wraps - Staked ETH in settled unwraps + Net Rewards
Total cbETH Supply = cbETH issued - cbETH redeemed
Net Rewards = (inflationary protocol rewards + Transaction fees (tips) & any other validator rewards - Penalties) x 0.75
For the current conversion rate from CBETH/ETH, you can visit their public sandbox. Additional rates, including implied CBETH/USD Fair Value Rate and implied APY can be found here.
1.1.3 Provider Fee
Coinbase takes a 25% staking service fee for ETH. There are no fees associated with wrapping or unwrapping cbETH.
1.1.4 Node Operator Set
Coinbase claim in their whitepaper to enlist a number of different node operators to reduce the risk of relying on one. We are unable to corroborate this claim based on publicly available information.
Coinbase does distribute validators across software clients. Information from rated.network gives us the following distribution:
Lighthouse: 41.74%
Nimbus: 5.84%
Prysm: 29.20%
Teku: 23.21%
1.1.5 Validator Selection
Coinbase Cloud is a blockchain infrastructure platform-as-a-service (PaaS) provider. They provide dev tooling, database management, operating system, servers, storage, networking, security, and a data center required to run a cluster of nodes and clients that make up proof-of-stake networks.
There are three options for how to stake assets through Coinbase. All options are powered by the underlying Coinbase Cloud infrastructure but differ in branding and operational controls. Each option varies in terms of cost, revenue, reporting, governance, deployment time, implementation, and service level agreements:
Public Validator owned and operated by Coinbase Cloud- not controlled by the Client.
Public Validator (third-party branded)- not controlled by the Client or by Coinbase
Dedicated Validator- owned and operated by the Client
Coinbase validators run multiple Ethereum clients. As of May 31, 2022, Coinbase Cloud Validators are distributed roughly evenly across Lighthouse and Prysm, with 65% of validators on non-Prysm clients.
1.1.6 Governance Model
cbETH is a centralized LSD product that is unilaterally governed by Coinbase.
Two general considerations around governance could have implications for cbETH. First is governance within Coinbase Inc. as a publicly traded company (more details in section 5.1). Second is how Coinbase-run validators participate in Ethereum Governance, which happens off-chain.
Ethereum governance involves a diverse stakeholder group including node operators, protocol developers, ether holders, application users, application developers, and EIP authors. The full scope of Ethereum governance is beyond this report but may have relevance depending on how Coinbase-run validators choose to participate in this governance process.
1.2 System Architecture Diagram
1.2.1 Network Architecture Overview
cbETH architecture is quite simple since accounting is handled by Coinbase's internal systems. The cbETH token receives mint/burn commands from designated minters via the MintForward contract and the cbETH:ETH exchange rate is updated by designated callers via the ExchangeRateUpdater contract. The underlying ETH is custodied by Coinbase and its node operators, and user funds are never directly handled through the cbETH contracts.
There are four entities in ETH2 validator management on Coinbase Cloud:
Clusters: A single set of infra composed of one or more Beacon Nodes. To create Validators, at least one Ethereum cluster must be deployed from the platform.
Beacon Nodes: One or more of these are deployed within a cluster. This collection represents the entire set of Beacon Nodes running with an account.
Validators: Entities responsible for generating blocks and voting for consensus on the ETH Beacon Chain.
Validator Clients: Ethereum client software running within a cluster. Validators are assigned to Validator Clients to evenly distribute them.
1.2.2 Architecture Diagram
High-level System Architecture Diagram of Wrapped Staked ETH (cbETH):
Source: Coinbase Repo
1.2.3 Key Components
Both the ExchangeRateUpdater
and MintForwarder
contracts inherit from the RateLimit
contract which enforces rate-limiting parameters such as:
maximum (minting) allowance
current (minting) allowance
Interval minter
contract that Coinbase uses to reset the minting allowancesetting allowance where Coinbase sets via
configureMinter
how many times a caller can exercise these functions
how much the exchange rate can change
RateLimit
is controlled by the owner of the cbETH contract. The owner
can re-assign any of the roles related to minting and burning tokens, except for the admin
role.
To illustrate the cbETH token architecture in action, here are two primary actions taken by cbETH users:
User wrapping staked ETH to cbETH:
User sends a wrap request to convert staked ETH into cbETH.
Coinbase assesses how much eligible ETH the User has staked on the platform
Wrap request goes through settlement where a set amount of cbETH to be issued is determined, given the amount of staked ETH.
Coinbase calls the MintForwarder contract and mints a corresponding amount of cbETH, per User request, in accordance with the conversion rate.
cbETH is minted to the User's wallet.
User unwrapping cbETH to staked ETH:
User sends an unwrap request to convert cbETH to ETH.
Coinbase calls the ExchangeRateUpdater to get the latest conversion rate.
Unwrap requests go through settlement where Coinbase sets the amount of staked ETH to credit the User, given the amount of cbETH in the unwrap request.
Coinbase calls the MintForwarder contract and burns a corresponding amount of cbETH, per User request, in accordance with the conversion rate.
A new staked ETH amount is returned to the User's wallet.
The ExchangeRateUpdater updates the cbETH:ETH exchange rate daily based on off-chain calculations of rewards earned minus penalties accrued.
Section 2: Performance Analysis
This section evaluates cbETH from a quantitative perspective. It analyzes token usage and competitive metrics, and accounts for subsidized economic activity.
This section is divided into 3 sub-sections:
2.1: Usage Metrics
2.2: Competitive Analysis Metrics
2.3: Subsidization of Economic Activity
2.1 Usage Metrics
2.1.1 Total Value Locked (TVL)
Coinbase cbETH has ~1,142,273 ETH in TVL worth ~$2.12 billion (Jun 30, 2023). Its TVL declined after April 14th, 2023 (when ETH staking withdrawals were activated). Its TVL has since begun a recovery since that date.
Source: DefiLlama
2.1.2 Transaction Volume
cbETH daily average on-chain transaction volume for the last 30 days: $9.98m
cbETH volume 7-day MA: $4.08m
cbETH daily minimum volume for the last 30 days: $930.69k
cbETH daily maximum on-chain transaction volume for the last 30 days: $ 64.74m
Source: Santiment | Date range: 4/14/23 - 6/27/23
2.1.3 DEX Trading Volume
Most trading takes place (in descending order) on Uniswap, Balancer, and Maverick.
Source: Dune Analytics
Source: Dune Analytics
2.1.4 Average Transaction or Trading Size
cbETH average daily trade size over the past 3 months, with a notable decline in the past 2 weeks:
Source: Dune Analytics
2.1.5 Trading Volume to Market Capitalization Ratio
cbETH Trading Volume / Market Capitalization 30-day exponential moving average over the past two months is currently 0.36% and has been declining since mid-June. The following chart shows data since May 27th:
Source: Spreadsheet, DefiLlama, Santiment | Date Range: 5/27/23 - 6/27/23
2.1.6 LSD Token Velocity
The chart below shows the daily velocity (on-chain txs volume/market cap) expressed in percentages for the last 30 days:
Source: Santiment and DefiLlama
2.1.7 Active Addresses/Users
Since it started trading in August 2022, the daily active addresses that have interacted with the cbETH token have generally been less than 100 (with a couple of outlier days). There's been a slight rise since March 2023.
(source: Dune Analytics)
Source: Dune Analytics
Usage increase is more evident on a month-to-month basis:
Source: Dune Analytics
2.1.8 User Growth
Since around the time of the merge in September 2022, daily, weekly, and monthly cbETH users have increased:
Daily growth 9/15/22: 86 6/26/23: 94 Daily user growth since the merge: 8.51%
Weekly growth Week of 9/19/22: 305 Week of 6/26/23: 598 Weekly user growth since the merge: 96.06%
Monthly growth Month of 9/22: 1132 Month of 6/23: 2773 Monthly user growth since the merge: 144.96%
2.1.9 Integration with Other Protocols
Of the 1.12m cbETH supply, only 35,580 is used in DeFi. This makes up 3.17% of the total supply deployed into DeFi applications.
Source: Etherscan I Date: 06/28/2023
Below is a dynamic table showing cbETH DeFi integrations from Dune Analytics (note: some entries show up more than once)
Source: Dune Analytics
2.2 Competitive Analysis Metrics
2.2.1 Market Share
Coinbase cbETH currently captures a 10.97% share of the Liquid Staking Derivative sector (as of June 23, 2023).
Source: DefiLlama | Date: 6/23/2023
As a relative newcomer among the top-5 staking derivative tokens, cbETH quickly captured ~12% market share since its launch in the summer of 2022. cbETH's share rose to a peak of 15.8% in January/February and has recently declined to ~11% market share since April 2023.
Source: DefiLlama | Date: 6/23/2023
2.2.2 Trading Volume Share in Total LSD Trading Volume
As of July 4th, 2023, cbETH is the second most liquid ETH LSD after stETH/wstETH with the second largest daily trading volume.
stETH combined liquidity: $555,903,547 cbETH liquidity: $96,182,787
stETH combined volume: $21,974,744 cbETH volume: $2,296,965 cbETH:stETH volume ratio: 10.45%
Source: Dex.guru | Date: 7/4/2023
The cbETH:stETH volume ratio below shows a period in May when cbETH volume periodically exceeded stETH. Since then the volume ratio has declined to a range typically around 5-25%.
Source: Santiment | Date: 7/4/2023
2.2.3 Protocol Staking Yield
DefiLlama calculates the 7-day MA APY to range between 6.15% and 3.28% since January 15th and is currently 4.12%.
Source: DefiLlama | Date: 1/15/2023 - 7/4/2023
According to DeFiLlama, the average 30-day APY of cbETH vs. competitors is (as of July 4th, 2023):
Coinbase Wrapped Staked ETH (cbETH): 3.57%
Lido (stETH): 3.94%
Rocket Pool (rETH): 3.19%
Frax Ether (sfrxETH): 4.93%
Binance staked ETH: 4.33%
The relatively low yield compared to more competitors can be attributed to Coinbase's high fee (25% vs an average fee of 12.8% between the five competitors). Coinbase's fees are over 78% higher than its next closest competitor (rETH fee is 14%).
2.2.4 Slashing Rate
Coinbase has experienced only 1 lifetime slashing event since its launch in August 2022. Its losses as a percent of total consensus rewards earned are on par with most competitors.
Source: Rated.network | Date: 6/26/23
2.3 Subsidization of Economic Activity
2.3.1 Existence of an Incentive Program
Coinbase does not appear to provide extra incentives to boost cbETH adoption, outside of the stated benefits of wrapping staked ETH to cbETH for users on their platform.
According to an SEC complaint against Coinbase filed on June 6, 2023, Coinbase has publicly acknowledged its ability and intention to "change the reward payout at its discretion".
Source: SEC Complaint (pg.86)
A related allegation claims Coinbase advertised a 10% bonus for staking at least $100 in ETH, as of March 2023.
Source: SEC Complaint (pg.86)
The Coinbase website now does not advertise a reward rate or any such incentive program. It instead carefully discloses that rewards are purely from Ethereum staking directly minus a fee. It seems likely that Coinbase will avoid any form of incentive program in response to SEC scrutiny.
2.3.2 Size of the Incentive Program in USD
N/A
Section 3: Market Risk
This section addresses the ease of liquidation based on historical market conditions. It seeks to clarify (1) the Liquid Staking Basis & Volatility of cbETH, and (2) the liquidity profile of the collateral. Market risk refers to the potential for financial losses resulting from adverse changes in market conditions.
This section is divided into 2 sub-sections:
3.1: Volatility Analysis
3.2: Liquidity Analysis
3.1 Volatility Analysis
3.1.1 Liquid Staking Basis (LSB)
The LSB represents the price difference between cbETH (liquid staking token) and its underlying asset, ETH. It measures the deviation of the cbETH price from the ETH price.
cbETH is a value-accrual type LSD token and therefore can be expected to have a constant increase in LSB value. The chart below shows the constantly increasing trend (linear) of the cbETH LSB value over time:
Source: CryptoCompare
The LSB values range from negative to positive, indicating periods when cbETH traded at a discount or premium relative to ETH. Positive LSB values suggest that cbETH traded at a premium compared to ETH, while negative LSB values indicate a discount. As seen from the chart, cbETH tends to oscillate for several week periods between a slight premium and discount to the underlying ETH.
3.1.2 LSD Volatility
cbETH volatility based on daily returns: Source: CoinCodex
cbETH and ETH volatility compared (overlap) based on daily returns: Source: CoinCodex | Date: 4/1/2023 - 7/1/2023
Since April 2023, cbETH has exhibited quite comparable volatility to ETH with the exception of early May. This was shortly after the Shapella upgrade when withdrawals began being processed. Overall, during sharp volatility spikes, cbETH tends to experience a slightly exaggerated spike compared to ETH.
3.1.3 Yield Volatility
The Compass Staking Yield Reference Index Ethereum (STYETH) is a measure of the annualized daily ETH staking yield. The following chart shows the Coinbase ETH staking median APY after the Shanghai upgrade compared with the STYETH:
Source: Defi Llama - historical data and Compass STYETH index
Coinbase's daily average, highest, and lowest staking APY for the period from 12 April 2023 to 2 July 2023 compared to the STYETH:
Average daily APY: 4.27% (STYETH average 5.21%)
Min daily APY: 2.62% (STYETH min 4.18%)
Max daily APY: 7.66% (STYETH max 8.31%)
3.2 Liquidity Analysis
3.2.1 Supported DEXs and CEXs
97.70% of all cbETH on exchanges is on Coinbase, 2.21% on 4 DEXes (Balancer, Uniswap, Curve, and PancakeSwap, in descending order), and 0.1% is distributed across 16 CEXes.
Source: Nansen | Date: 6/27/2023
cbETH, as a Coinbase product, has almost all of its circulating supply on the Coinbase exchange. As ETH staking continues to grow, the platform intends to integrate cbETH more deeply into the Defi sector.
Source: Nansen data | Date: 6/27/2023
3.2.2 LSD Token Total On-chain Liquidity
To get cbETH total on-chain liquidity in $ denomination we will sum the top 5 cbETH liquidity pools. We also sum the quantity of cbETH in the five liquidity venues. The data is from July 4, 2023.
In addition to Ethereum, cbETH LSD has limited liquidity on bridges:
Polygon (AlgebraPool - ETH/cbETH pool with $54,648 liquidity TVL).
3.2.3 Liquidity Utilization Rate
The 30-day average utilization rate is 14.90%, but the difference between the days with the highest (113.67%) and lowest (0.85%) rate is highly variable. In the chart below, it's apparent there are two days with a significantly higher liquidity utilization rate - 5/31/2023 (113.67%) and 6/10/2023 (66.85%):
Source: Dune Analytics and DexGuru
On 31 May 2023, over $10m was liquidated on Aave v3 via Paraswap Liquidity Adapter (Aave v3 integration).
On 10 June 2023, over $5.25m was liquidated on Aave.
cbETH generally has a very low utilization in the Defi sector with around ~36,000 cbETH over various Defi protocols (see section 2.1.8). The five largest liquidity pools (on 3 DEXes) have about 2.21% share of the total amount of cbETH on exchanges (CEX + DEX, but over 97% is on Coinbase).
3.2.4 LSD Leverage Ratio
cbETH is supported on 3 lending protocols: Aave v3, Silo finance, and Compound v3. Although all three protocols have different underlying mechanisms and risk management approaches, the table below shows that the Loan-to-Value parameter is in the range between 80% (Silo) and 90% (Aave and Compound). This assumes that Aave users use the E-Mode feature and use cbETH collateral to borrow ETH (base for the over-leverage ratio). Compound v3 ETH-pool by default has ETH as the only option for borrowing, and Silo has an isolated market architecture that allows users to borrow one of the "bridge" assets - ETH and XAI (Silo stablecoin).
Lending ProtocolcbETHcbETH $ valueMax LTVLTUtilization RateAave v3 acbETH10,097$19,569,78667% (E-Mode 90%)74% (E-Mode 93%)5.51%Silo Finance1,084$2,101,86480%85%10.52% (avg - 7%, 10%, 20%)Compound v3 ETH pool850$1,645,49790%93%2.12% cbETH (46.61% eth-pool)
Source: Etherscan, Aave, Silo finance and Compound
All three lending protocols currently have a low utilization rate (Aave 5.51%, Silo avg 10.52%, and Compound 2.12%). One noteworthy point is that the utilization rate on the Compound pool level (cbETH + wstETH) is 46.61%. This does not represent a significant risk because the ETH borrowing rate is 3.4% (close to the level at which equilibrium is reached between ETH borrowing APY and the wstETH staking APY of 3.8%). The low utilization rate may be related to the negative interest rate of using cbETH as collateral.
3.2.5 Slippage
The DefiLlama token liquidity tool shows that when swapping from cbETH to ETH, ~9000 cbETH swap size will produce a 1% slippage. This is around $18.1m at current prices.
Source: DeFiLlama Token Liquidity Tool | Date: 7/4/23
Section 4: Technological Risk
This section addresses the persistence of collateral properties from a technological perspective. It aims to convey, (1) where technological risk arises that can change the fundamental properties of the collateral (e.g. unresolved audit issues), and (2) do any composability/dependency requirements present potential issues (e.g. is a reliable pricefeed oracle available?).
This section is divided into 3 sub-sections:
4.1: Smart Contract Risk
4.2: Product and Layer Composability
4.3: Oracle Pricefeed Availability
4.1 Smart Contract Risk
4.1.1 Protocol Audits
cbETH has had one audit from OpenZeppelin, released on August 24, 2022. Open Zeppelin gave Coinbase Wrapped Staked ETH (cbETH) a favorable review stating satisfaction with contract designs and health of the code base. Overall remarks commend cbETH's clean, well-documented, and tested code base.
4.1.2 Concerning Audit Signs
Overall, the OpenZeppelin audit found nothing to warrant particular concern. This is unsurprising since cbETH has a straightforward system architecture largely inheriting from Centre's FiatTokenV2_1.
No critical or high-severity issues were found.
1 Medium Severity issue: Acknowledged
This note states that in a rare scenario,
callers
of theRateLimit
contract may deplete their allotment of token mints and exchange rate updates. Failure to call these functions could affect the operation of cbETH. OpenZeppelin recommends there is a sufficient number of callers with enough allowance to maintain the health of the system.
5 Low Severity issues:
Allowance of a removed caller can be replenished.
Fixed as of commit
3ed1be6
in PR #5.
Duplicate getters.
Fixed as of commit
7f2d6f0
in PR #4.
Lack of input validation.
Partially Fixed as of commit
274a2b8
in PR #3.
Missing, incomplete, or incorrect docstrings.
Fixed as of commit
be71b75
in PR #2.
Possible truncation.
Acknowledged
4.1.3 Bug Bounty
Coinbase has a platform-wide bug bounty program with HackerOne that has been active since March 2014. Since inception, it has paid over $1m, of which $44.6k has been paid in the past 90 days.
Staking loss is explicitly stated as one of the categories within the scope of the bounty program. Although not mentioned explicitly, cbETH's security falls under the scope of this program, as it states "The Bug Bounty Program scope covers all software vulnerabilities in services provided by Coinbase."
4.1.4 Immutability
cbETH (StakedTokenV1.sol) is an ERC-20 compatible token that inherits from the Centre FiatTokenV2_1 contract (i.e., USDC). The Fiat Token uses Zeppelin's Unstructured Storage Proxy pattern which is a fundamental building block of OpenZeppelin Upgrades.
Coinbase Wrapped Staked ETH (cbETH) token design states FiatTokenV1.sol
is the implementation, while the actual cbETH token is a Proxy contract (FiatTokenProxy.sol).
Coinbase can forward calls to FiatToken
via delegatecall to upgrade the logic of deployed tokens. Coinbase can upgrade via upgradeTo
or upgradeToAndCall
, which only the admin
role may call.
4.1.5 Developer Activity
The GitHub repo for Coinbase wrapped tokens (including cbETH) has not had much developer activity. One person accounts for the commits on the repo. There has been no activity over the past month.
The last commit in this repository is merely a README.md
update along with pushing cbETH logos and assets. All the code was open-sourced in the initial commit on October 28, 2022
4.1.6 SC Maturity
Although the cbETH contract has a relatively short history on mainnet, it is a fork of a more battle-tested contract (Centre's Fiat Token) with the addition of rate-limited exchange rate updater and mint forwarder contracts.
The Coinbase Wrapped Staked ETH: Deployer first deployed the contract for the cbETH token on February 3, 2022. A test transaction was done on June 3, 2022. The conversion rate was initialized on June 16, 2022. cbETH was officially launched on August 23, 2022.
4.1.7 Previous Incidents
There have been no incidents regarding cbETH specifically.
Coinbase discloses incidents involving issues with their exchange platform that affect users in post mortem reports on their blog. The most recent report was posted in January 2022. Typically the reports offer explanations for temporary system outages.
4.2 Product and Layer Composability
4.2.1 Dependencies
Since smart contracts cannot natively access the actual amount of underlying ETH staked (division of execution and consensus layer), the architecture requires external exchange rate updating functionality. Hence, the on-chain part of cbETH consists of these contracts:
A Proxy contract (
FiatTokenProxy.sol
)
Based on Centre's proxy contractcbETH contract (
StakedTokenV1.sol
)
The cbETH smart contract is inherited from USDC with two extra features: storage of exchange rate and an oracle role which has the special privilege to update the rate every 24 hours at 4 PM UTC. Meanwhile, cbETH is minted to the designated receiver wallet and the supply is updated every 4 hours.Mint Forwarder (
MinterForwarder.sol
)
This smart contract allows designated callers to perform rate-limited minting.Exchange Rate Updater (
ExchangeRateUpdater.sol
)
This smart contract allows designated callers to update the rate-limited exchange rate of cbETH:ETH.
It should be noted that the following key roles of the wrapping contract are managed by Coinbase:
admin: can upgrade the wrapped token implementation contract
owner: can assign all roles except the admin
pauser: can pause all transfers, mints, and burns for the contract
blacklister: can blacklist an address from transferring, minting, and burning
masterMinter: can assign minters and their mint limit
minter: can mint and burn tokens
pauser: can pause all transfers, mints, and burns for the contract
All the rate-limited contracts have a preset allowance. For minting, it's the maximum amount that can be minted per period, and for exchange rate updating, it is the maximum change in rate that can be made per period. The allowance is calculated in this manner: $$\frac{(time\ since\ last\ update)\ *\ {max\ allowance}}{interval}$$
With this mechanism, the MinterForwarder contract allows Coinbase to continuously mint up to a max allowance of tokens over a predefined time interval, with the mint allowance replenishing programmatically over time.
Since all the custodial keys are in the hands of Coinbase, there could be a point of failure where the keys can be compromised. Privileged addresses are EOA accounts with unknown security precautions.
4.2.2 Withdrawals Processing
Coinbase lists the unstaking time for each supported asset (including ETH) on its website. ETH unstaking time is advertised as "Minimum 27 hours, longer in periods of high demand" with a potential additional processing time of 48 hours. Withdrawal times are dependent on how much withdrawal demand is being experienced network-wide.
One of the most significant advantages centralized exchanges offer regarding ETH staking services and LSD issuance is capital efficiency. According to their business and operational model (CEX transparency), CEXs should have enough funds for immediate claims processing if there are much larger "validators exiting" orders.
As a product of Coinbase (centralized exchange), cbETH does not depend on the difference between activating and exiting validators, in other words, if there is a positive or negative balance.
4.3 Oracles Pricefeed Availability
4.3.1 Understanding the Oracle
There is a cbETH/ETH Chainlink price feed, often using an adapter to pull the price of cbETH/ETH and convert it to a USD figure within one contract. This method acquires the ratio between cbETH and ETH, subsequently leveraging a separate Chainlink price feed to fetch the ETH/USD price.
Chainlink's price feed pulls data from 16 distinct Oracle providers. These data sources include a mix of decentralized and centralized exchanges. To enhance resilience against potential manipulation, the pricefeed relies on the consensus of at least 11 Oracle providers. The price feed triggers on either a 24-hour heartbeat or when a price deviation of 1% or more is detected.
4.3.2 Token Liquidity and Distribution
Uniswap V3 holds a significant portion of cbETH's liquidity (cbETH/ETH pool), boasting a Total Value Locked (TVL) of $11.26m and contributing to almost half (48%) of the total trading volume. Furthermore, Coinbase Exchange adds substantial liquidity through its two key pools: the cbETH/USD pool, accounting for 26% of total volume, and the cbETH/ETH pool, making up 23%. Despite these sources, the liquidity pool of cbETH is relatively small when compared to other liquid staking derivatives. This situation could heighten the susceptibility of the cbETH price to potential manipulation within Decentralized Exchanges (DEXs).
4.3.3 Attack Vectors
Uniswap V3 Dependency: cbETH's liquidity is significantly reliant on Uniswap V3, particularly the cbETH/ETH pair, opening the system to potential vulnerabilities. An attacker gaining control over a substantial share of this pool could potentially manipulate the cbETH/ETH market, influencing the chainlink pricefeed.
Centralized Exchange Influence: A substantial portion of liquidity is held on a centralized exchange, specifically Coinbase. In theory, this centralization could provide an additional, though unlikely, opportunity for price manipulation.
Limited Total Value Locked (TVL): The TVL for cbETH is relatively low, which could lower the cost of market manipulation, thereby increasing its feasibility.
Data Refresh Frequency: Dependence on Chainlink's 24-hour heartbeat and 1% price deviation trigger for price updates may pose potential risks. Especially during periods of intense market volatility, price updates might not be as prompt as required.
4.3.4 Associated Vulnerabilities
Creation of Bad Debt: Price feed manipulation, if successful, could result in bad debt within the protocol. Lending protocols rely on accurate price feeds for maintaining appropriate collateralization ratios. Any manipulation could lead to the generation of bad debt.
Faulty Liquidation: An oracle manipulated to lower the price of the collateral asset drastically could trigger unfair liquidations, causing significant financial losses for users and disturbing the normal operations of the lending protocol.
Section 5: Counterparty Risk
This section addresses the persistence of cbETH's properties from an ownership rights perspective (i.e. possession, use, transfer, exclusion, profiteering, control, legal claim). The reader should get a clear idea of (1) who can legitimately change properties of the collateral (e.g. minting additional units) and what their reputation is, (2) the extent that changes can be implemented and the effect on the collateral.
This section is divided into 4 subsections:
5.1: Governance
5.2: Decentralization of the LSD
5.3: Economic Performance
5.4: Legal
5.1 Governance
5.1.1 Governance Scope
Coinbase has unilateral control of the product offering with terms of service described in section 1.7 of the User Agreement. In the absence of DAO-like governance mechanisms, information on traditional management structure and corporate governance for Coinbase Inc, the public company is provided.
5.1.2 Access Control
cbETH has a number of roles (addresses) that control functionality:
The admin, owner, blacklister, pauser, and masterMinter are all EOAs controlled by Coinbase. The minter is a MintForward contract whose owner (EOA) configures callers with mint privileges. The oracle is a contract that updates the cbETH exchange rate daily. The owner can whitelist callers to call updateExchangeRate().
User staked ETH is not handled by any cbETH system contracts, only the mint, burn, and exchange rate of cbETH.
5.1.3 Distribution of Governance Tokens
Coinbase does not offer governance tokens.
Coinbase issued a Class A common stock ("COIN") that began trading on the Nasdaq Global Select Market on April 14, 2021. Class B common stock is not listed or traded on any stock exchange.
As of July 3, 2023, 693 institutional holders collectively own 64.84% of outstanding shares. Top institutional shareholders are Vanguard (7.26%), Ark Investments (6.3%), AH Equity Partners (5.81%), Sumitomo Mitsui Holdings (4.6%), and Blackrock (4.04%).
5.2 Decentralization of the LSD
The Data below pertains to the Coinbase Pool Node Operator. The Operator Summary endpoint was queried for Coinbase for the past 30 days.
There is no way to discern the distribution of node operators from the query, but it does show a distribution across software clients.
The below data was queried from Rated Network API on June 29, 2023:
Source: Rated Network | Date: 6/29/2023
5.2.1 Number of Node Operators
Coinbase attests in their whitepaper to using a variety of node operators, but public information is not available about the distribution of node operators. All nodes are likely operated by Coinbase or its subsidiaries.
5.2.2 Validators per Node Operator
Total Validators for Coinbase: 69,103 Total Validators for Coinbase Cloud: 23
Additionally, we have a list of Coinbase addresses that deposited into the Beacon Chain that went live in December 2020. We can infer that these addresses are part of eth2 stakers behind Coinbase validators.
We have also provided each Validator's pubkey
that can be cross-checked with Beaconcha.in to see which pool a specific validator belongs to and whether they have exited or are still validating.
5.2.3 Validator Enter/Exit (Churn)
According to rated.network, in the past 30 days, 2,950 validators have entered and 6,759 have exited.
Coinbase Validator Enter (activation) and Exit:
Source: Rated.Network | Date: 6/29/2023
5.2.4 Stake Distribution Across Geographic Jurisdictions
The white paper describes geographic and hosting diversification with node operator(s) collectively running validators in multiple hosting environments (e.g., bare metal, AWS, GCP) and in multiple regions to reduce the risk of correlated slashing.
We are unable to corroborate Coinbase's claim.
5.2.5 Node Software Diversity
We can see from this post from May 2022 that Coinbase values and intends to pursue greater client diversity. They state a goal of having no more than 33% of nodes running on any single client.
The current Coinbase client software distribution according to rated.network:
Lighthouse: 41.74%
Nimbus: 5.84%
Prysm: 29.20%
Teku: 23.21%
5.3 Economic Performance
5.3.1 Revenue Source
Coinbase caters to three primary target markets. There are several product offerings for each market:
Consumers: Coinbase App, Web3 Wallet, Coinbase Wallet
Institutions: Coinbase Prime, Coinbase Spot market, Coinbase Derivatives Exchange
Developers: Coinbase Cloud (crypto payment, trading APIs, data access, and staking infrastructure), Coinbase Pay & Coinbase Commerce
Coinbase divides its revenue sources into two categories: transaction revenue and subscription and services revenue.
Transaction revenue is subdivided into retail and institutional trading. Subscription and services revenue is broken down into blockchain rewards, custodial fees, interest income, and misc subscription and services.
5.3.2 Revenue
As of the most recent quarterly report from Q1'23, Coinbase has earned $736.4m in the most recent quarter and $2.72b in the past four quarters. Revenues are still down from the previous year, but Coinbase has experienced two quarters of Q/Q net revenue growth with 22% growth from the previous quarter.
Roughly half of Coinbase's revenue comes from subscriptions and services, and 10% from blockchain rewards. Blockchain rewards as a percent of net revenue is up from 7% in Q1'22. Blockchain rewards are recognized on a gross basis, so when accounting for 75% of rewards passed on to users (Coinbase takes a 25% fee), blockchain rewards make up 3% of net revenue ($18.43m). Staked ETH makes up the largest share of Coinbase's blockchain reward revenue.
Source: Coinbase Shareholder Letter, Q1 2023
5.3.3 Net Profit
Coinbase experienced significant growth from 2020 - 2021, as well as a precipitous decline, consistent with the crypto market, in 2022. The high correlation between Coinbase's revenue and crypto market performance presents a challenge to its sustainability.
There was a net loss of roughly $2.6 billion in 2022. This has contributed to the decision to lay off 20% of staff earlier this year.
Source: Annual Meeting of Stockholders 2023 report
The expense tightening is apparent in the Q/Q operating expenses. Q1'23 saw a 24% decline in total operating expenses. Expenses were reduced in nearly all categories with the notable exception of a $144m restructuring expense (a non-recurring expense).
Source: Coinbase Shareholder Letter, Q1 2023
One bright spot for Coinbase's performance is the increase in subscription and services revenue from $517 million to $792 million, primarily due to the revenue-sharing agreement they have with Circle (interest-bearing customer custodial funds in USDC driven by an increase in interest rates). Subscription and services revenue has increased 53% YoY while transaction revenue dropped 66%.
Source: Annual Meeting of Stockholders 2023 report
Coinbase's consolidated PnL showing results of operation is below:
Source: Annual Meeting of Stockholders 2023 report
5.3.4 Risk Factors
Coinbase total revenue is substantially dependent on the prices of crypto assets and the volume of transactions conducted on their platforms
Revenue from transactions, subscriptions, and services is dependent on transactions in Bitcoin, Ethereum, and interest income in connection with USDC. Declining revenues in these areas could adversely affect the company.
Interest rate fluctuations could negatively impact the company.
Adverse economic conditions may adversely affect the business.
Cyberattacks and security breaches of the platform.
Uncertain regulatory landscape.
Coinbase growing international expansion could put them at odds with US and non-US regulators related to sanctions, export control, and anti-money laundering.
Coinbase's consolidated balance sheet may not contain sufficient amounts/types of 'regulatory capital' to meet changing requirements of regulators worldwide.
Certain crypto assets being deemed a "security".
Loss of banking or insurance relationships (ref. Operation Chokepoint 2.0)
Theft, loss, or destruction of private keys under Coinbase Custody.
Coinbase depends on major mobile operating systems and third-party platforms for distribution of their products (i.e., Google Play, Apple App Store)
Coinbase is a remote-first company subjecting them to increased operational risk.
5.4 Legal
See also our general LSD Legal Framework Considerations
5.4.1 Legal Structure
Coinbase has several Coinbase User Agreements (legal structures) due to the nature of their growing international expansion that could put them at odds with US and non-US regulators related to sanctions, export control and anti-money laundering. The different user agreements pertain to:
Customers who reside outside Australia, Canada, the United States of America, United Kingdom, European Economic Area, Andorra, Faroe Islands, Gibraltar, Guernsey, Isle of Man, Japan, Jersey, Monaco, New Zealand, San Marino, Singapore and Switzerland (Coinbase Ascending Markets Kenya Limited ('Coinbase Kenya'))
Customers who reside in the UK and select countries outside the European Economic Area (Switzerland, Andorra, Faroe Islands, Gibraltar, Guernsey, Isle of Man, Jersey, Monaco, San Marino, and New Zealand). (CB Payments, Ltd ('Coinbase Payments'), Coinbase Europe Limited ('Coinbase Europe'))
Updated User Agreement effective from July 12, 2023 onwards. For customers who reside in the UK and select countries outside the European Economic Area (Switzerland, Andorra, Gibraltar, Guernsey, Isle of Man, Jersey, Monaco, San Marino, and New Zealand). (CB Payments, Ltd ('Coinbase Payments'), Coinbase Europe Limited ('Coinbase Europe'))
Coinbase Cloud Terms of Service require users to disclose private keys associated with blockchain addresses for end users' digital assets as may be required by the relevant protocol in connection with Coinbase's staking services. (This appears to be especially relevant for users who have chosen to have Coinbase setup dedicated staking services on their behalf.)
Coinbase User Agreement pertaining to Ethereum Staking and Wrapping (US) key details:
Staking services are voluntary and can be stopped at any time. The staking does not affect the ownership of digital assets.
Users can earn rewards if Coinbase successfully validates a transaction. Rewards are distributed after being received by Coinbase, minus a commission.
staked ETH held by Coinbase on behalf of cbETH holders are subject to risk of slashing.
Depending on when you began staking ETH with Coinbase, users may lose certain slashing protection by wrapping their staked ETH (cbETH).
Only certain Coinbase customers in certain jurisdictions have access to wrapping or cbETH.
Holders of cbETH can instruct Coinbase to unwrap their cbETH, redeeming it for ETH plus any rewards and minus any Coinbase fees and slashing penalties. Certain eligibility and geographic restrictions apply, and requests to unwrap may not be processed immediately.
Risks associated with electing to wrap into cbETH include:
Coinbase does not guarantee the value of staked ETH principal or associated rewards.
Coinbase is not responsible for decrease in values
There is no guarantee of successful exchange or sale of cbETH. Coinbase will not guarantee liquidity.
Coinbase User Agreement pertaining to Ethereum Staking and Wrapping (EEA) key details:
Users who want to stake ETH on Coinbase Europe must meet certain eligibility requirements.
No guarantees provided regarding the success of the Ethereum network upgrade.
Rewards earned from staking ETH will remain locked on the Ethereum blockchain until the completion of Phase 1.5 of the Ethereum network upgrade.
Once wrapped staked ETH cannot be redeemed or awards claimed. Wrapping staked ETH as cbETH keeps the economic value, risk, and rewards of staked ETH intact.
cbETH in user's Coinbase Europe Digital Currency Wallet represents ownership of the staked ETH (including rewards and minus any fees and penalties).
With the sale or transfer of cbETH, one transfers ownership of the staked ETH and the right to redeem it. The recipient is entitled to the economic value, risk, and rewards of the staked ETH.
The Coinbase Group holds staked ETH and associated rewards that have been wrapped as cbETH on behalf of cbETH holders, but the ownership doesn't transfer to any entity in the Coinbase Group.
Relations with customers residing in Europe are subject to EEA User Agreement according to which the contract is concluded between the user and each of Coinbase entities:
Coinbase Ireland Limited ("Coinbase Ireland"), a private limited company incorporated in Ireland with company number 630350, regulated by the Central Bank of Ireland; and
Coinbase Europe Limited ("Coinbase Europe"), a private limited company incorporated in Ireland with company number 675475.
User Agreement provides a disclaimer that Coinbase Europe does not operate under the regulatory oversight of financial services and is not registered, regulated, or accredited by the Central Bank of Ireland or any other regulatory authority in Ireland. Consequently, users won't have access to the regulatory safeguards typically associated with regulated entities, including investor or deposit protection schemes and recourse to the Financial Services and Pensions Ombudsman ("FSPO") concerning Digital Currency Services.
Beyond the primary services, which are the E-Money Services and Digital Currency Services, Coinbase Europe, Coinbase Ireland, or another entity within the Coinbase Group may offer a range of supplementary services to users who meet certain qualifying conditions. Staking services (as outlined in Appendix 7) are among the enlisted offerings.
Coinbase Group consists of Coinbase Europe and its corporate affiliates, including Coinbase, Inc., a Delaware corporation, which provides Digital Currency storage and wallet services. This is the entity that contracts users based in the United States as per current US User Agreement.
Since the use of services offered by Coinbase on US territory is governed by this agreement we should mention an important provision of the preamble stating that “Coinbase is not registered with the U.S. Securities and Exchange Commission and does not offer securities services in the United States or to U.S. persons”. By signing up to use a Coinbase account or service through coinbase.com, the User acknowledges Digital Assets are excluded from the protective coverages or insurances offered by the Federal Deposit Insurance Corporation or the Securities Investor Protection Corporation.
5.4.2 Licenses
Coinbase, Inc. has a Money Transmitter license across a number of US jurisdictions.
For their institutional clients, they've set up Coinbase Custody Trust Company, LLC, chartered by the New York Department of Financial Services.
They have LMX Labs as a designated contract market with the U.S. Commodity Futures Trading Commission.
They also have international licenses for Canada, the United Kingdom, Germany, Ireland, Australia and Singapore.
The different entities of Coinbase are duly registered and authorized by various financial authorities in different European jurisdictions such as Germany, Ireland, Netherlands, and Italy. This suggests that Coinbase operates under the strict guidance and regulation of these authorities, with ability to offer various virtual asset services.
Certain limitations exist in certain EU jurisdictions with respect to monitoring financial operational risks and providing specific financial consumer protection.
Coinbase expressly notifies that Coinbase Europe Limited and Coinbase Custody International Limited are listed in the Dutch National Bank (DNB)’s public register as crypto service providers. While they are supervised by DNB for compliance with the AML/CTF Act and the Sanctions Act, these entities are not under DNB's prudential supervision or conduct supervision by the Dutch Authority for the Financial Markets.
5.4.3 Enforcement Actions
On June 6, 2023 the SEC Charged Coinbase with operating as an Unregistered Securities Exchange, Broker and Clearing Agency.
Some charges that could be particularly harmful to Coinbase with implications for the wider industry (see SEC Complaint for reference):
Coinbase operating as an unregistered broker through Coinbase Prime ("Prime") and Coinbase Wallet ("Wallet"), which routes orders through third-party crypto asset trading platforms to access liquidity outside the Coinbase Platform. (p. 2)
Could potentially set a precedent that hot wallets (e.g. Metamask) and hardware wallets (e.g. Ledger) are "unregistered brokers" and validators are broker dealers by routing on-chain orders. The latter having more direct consequences for cbETH.
The Coinbase user agreement (“User Agreement”), which applies to some of Coinbase’s services (including the Coinbase Platform and Staking Program), states that crypto assets and fiat currency transferred by a customer to Coinbase are “custodial assets held by Coinbase for [the customer’s] benefit. (p. 22)
SEC argues that Coinbase acts as a securities custodian which implies maintaining a different level of regulatory compliance.
...blockchain requires users to stake a minimum of 32 ETH (currently approximately $60,000) to run a validator node. But the Coinbase Staking Program allows investors to participate in staking without having to meet such thresholds (p. 84)
The particular allegations of deliberately lowering the validators' staking threshold may be harmful to the entire business model of delegated staking.
The Staking Program includes five stakable crypto assets, and the Staking Program as it applies to each of these given assets is an investment contract, and therefore a security (p. 4)
While Coinbase intends to fight, pinpointing the staking program brings uncertainty to cbETH for the foreseeable future.
Investors understand that Coinbase will expend efforts and leverage its experience and expertise to generate returns (note: referencing the "Staking Program") (p. 3-4)
The SEC is making the case that customers use Coinbase staking product, including wrapping to cbETH, with "expectation of profit...from the efforts of others" (Howey Test).
Persons have offered and sold crypto assets in capital-raising events in exchange for consideration, including but not limited to, through so-called "initial coin offering" or "ICOs", "crowdsales", or public "token sales" (p. 13-14)
Here the SEC is referencing historical ICOs as evidence of investment contracts, suggesting the things sold are intrinsically securities.
Coinbase regularly solicits customers by advertising on its website and social media the features of the Coinbase Platform, Prime and Wallet - especially those that allow customers to trade in crypto assets. (p. 19-20)
As of approximately March 2023, Coinbase’s website encouraged investors to stake their ETH with the Coinbase Staking Program and “get” or “earn 4.07% APY on all [their] staked ETH” in addition to a 10% bonus for staking at least $100 in ETH. (p. 86)
Marketing the staking program with abbreviations typical for tradfi provides a premise to support the SEC thesis or makes the reasoned defense challenging.
Through its Staking Program, Coinbase has engaged in the unregistered offer and sale of securities in violation of Section 5 of the Securities Act. (p. 81)
Even a remote chance that Coinbase acquiesce and shuts down their staking product would jeopardize cbETH.
While the lawsuit is likely to have significant implications for Coinbase's products and operations, the specific outcome concerning Ethereum (ETH) as a result of the court proceedings is not clear from the sources reviewed. As it stands, the lawsuit is ongoing, and a definitive resolution cannot be predicted at this point.
As of the date of writing, Coinbase answered the SEC's complaint with multiple defense strategies including, that SEC actions violate due process and constitute an abuse of discretion. The exchange informed the Judge that it would seek a “motion for judgment on the pleadings”. Thus, Coinbase is aiming to present documents useful for its argument to the Judge through the response - a frankly innovative move endorsed by legal commentators.
Coinbase's legal team noted in a recent letter to the court that there's a more basic issue with the SEC's case, which the Chair acknowledged two years prior and currently entitles Coinbase to an immediate judgment based on the court filings: the issue in question is beyond the SEC's purview.
We should not miss the arguments regarding staking services in the Preliminary Statement of Coinbase's Answer.
Coinbase makes available to its users “staking” services by which it facilitates their participation as validators for certain proof-of-stake networks. 39 As noted, proof-of-stake blockchain networks depend for their functionality on token holders’ validation through staking, which involves running public open-source software on a computer to validate transactions. Holders who stake their assets receive compensation, paid out by applicable blockchain protocols, in the form of the network’s digital asset. This system of staking and attendant rewards has existed since at least 2012, and Ethereum has since emerged as the world’s largest proof-of-stake network. Coinbase runs software and provides certain administrative services to allow customers to stake Ether and other select digital assets that operate on a proof of-stake network. As a fee for this service, Coinbase receives a fixed percentage of participating customers’ staking rewards. 40 Three of the five assets available for staking mentioned in the Complaint were offered by Coinbase or discussed with the SEC prior to the DPO.
5.4.4 Sanctions
Coinbase has proprietary software e.g., Interdiction Solution that helps them intercept and freeze assets to and from crypto addresses that are subject to US sanctions laws. The Interdict Solution allows Coinbase to do real-time screening of all transactions and proactively block and tag all sanctioned addresses.
Some specialized tools include:
use of
commonspend
for UTXO blockchains (Bitcoin, Litecoin and their forks)demixing transactions that use
coinjoin
to get aroundcommonspend
The consent order issued on January 4, 2023 by the New York Department of Financial Services (NYDFS) to Coinbase involved several key components:
Failures in Compliance Program: The NYDFS found significant failings in Coinbase's compliance program, including in its Anti-Money Laundering Program, Know Your Customer/Customer Due Diligence, Transaction Monitoring, and Suspicious Activity Reporting Systems.
Know Your Customer and Due Diligence: The NYDFS disclosed that Coinbase had a pending list of 14,000 users awaiting background checks. The agreement noted that Coinbase approached KYC requirements, which necessitate firms to gather and retain specific user information, as a mere formality. It further stated that Coinbase should have solicited additional information from users, allocated risk ratings for determining the suitable level of continuous transaction scrutiny, conducted comprehensive diligence (EDD) for high-risk users, and performed extra checks for politically exposed individuals or those from sanctioned jurisdictions.
Transaction Monitoring: Suspicious transactions frequently marked in Coinbase’s system were reportedly not reviewed promptly, leading to a backlog of over 100,000 unchecked transactions by the end of 2021. When third-party reviewers were employed by Coinbase to expedite the process, the NYDFS alleges that these reviews were sometimes incorrectly carried out.
Suspicious Activity Reporting: According to allegations, Coinbase was often late in filing Suspicious Activity Reports (SARs), sometimes several months after the identification of the suspicious activity, and at times provided insufficient data, due to its inefficient transaction monitoring practices.
Independent Monitor: In the course of the investigation, the NYDFS installed an Independent Monitor to immediately evaluate the situation and begin working with Coinbase to fix the outstanding issues. Under the terms of the Consent Order, the Independent Monitor will continue to work with Coinbase for an additional year, extendable at the Department’s sole discretion.
5.4.5 Liability Risk
Coinbase has gone to great lengths in its various User Agreement(s) to uphold Limitation of Liability:
Release of Coinbase; Indemnification. If you have a dispute with one or more users of the Coinbase Services, you release Coinbase, its affiliates and service providers, and each of their respective officers, directors, agents, joint venturers, employees and representatives from any and all claims, demands and damages (actual and consequential) of every kind and nature arising out of or in any way connected with such disputes. You agree to indemnify and hold Coinbase, its affiliates and service providers, and each of its or their respective officers, directors, agents, joint venturers, employees and representatives, harmless from any claim or demand (including attorneys' fees and any fines, fees or penalties imposed by any regulatory authority) arising out of or related to your breach of this Agreement or your violation of any law, rule or regulation, or the rights of any third party.
Users agree to be bound by the Arbitration Agreement provided in Appendix 5 of the User Agreement (US)
Dispute Resolution: PLEASE BE AWARE THAT SECTION 7 (CUSTOMER FEEDBACK, QUERIES, COMPLAINTS, AND DISPUTE RESOLUTION) AND APPENDIX 5 OF THIS AGREEMENT,CONTAIN PROVISIONS GOVERNING HOW TO RESOLVE DISPUTES BETWEEN YOU AND COINBASE. AMONG OTHER THINGS, APPENDIX 5 INCLUDES AN AGREEMENT TO ARBITRATE WHICH REQUIRES, WITH LIMITED EXCEPTIONS, THAT ALL DISPUTES BETWEEN YOU AND US SHALL BE RESOLVED BY BINDING AND FINAL ARBITRATION. APPENDIX 5 ALSO CONTAINS A CLASS ACTION AND JURY TRIAL WAIVER. PLEASE READ SECTION 7 AND APPENDIX 5 CAREFULLY.
The Appendix stipulates that both the user and Coinbase willingly relinquish any constitutional and statutory rights to pursue legal action in court and have a trial overseen by a judge or a jury. It's important to note that arbitration doesn't involve a judge or jury, and any arbitration court review is subject to very limited scrutiny.
5.4.6 Adverse Media Check
Coinbase makes great efforts to be regulatorily compliant where possible and to ask for rule making where appropriate regulations are absent. Nevertheless, the enforcement actions brought against Coinbase may have adverse consequences on user trading activities on their platform.
One piece of adverse news is related to a class action lawsuit against Coinbase for its alleged misleading business practices. In a ruling on June 23, the United States Supreme Court gave a verdict in favor of Coinbase putting a stop to legal proceedings against the company in two Californian cases. The complainants in the class-action lawsuits contended that Coinbase did not adequately address users' losses and supposedly participated in misleading advertising. Coinbase appealed to the district courts supervising the cases to nullify them, asserting that users had agreed at the time of account creation to resolve any disputes through arbitration, rather than lawsuits.
The following cases illustrate Coinbase's vulnerabilities to malicious actions of third parties not having an official affiliation with Coinbase group of entities:
A sophisticated phishing scam was reported in which a prominent crypto trader almost fell victim. The scam involved social engineering techniques, appearing to originate from a legitimate Coinbase account. The scam aimed to gain access to and drain the trader's Coinbase account.
In a similar case, a Coinbase user lost $11.6 million in an alleged scam after receiving a fraudulent notification, which appeared to be from Coinbase, stating that their account had been locked.
Section 6: Risk Management
This section will summarize the findings of the report by highlighting the most significant risk factors in each of the three risk categories: Market Risk, Technology Risk, and Counterparty Risk.
6.1.1 Market Risk
LIQUIDITY: Does the LSD have a liquid market that can facilitate liquidations in all foreseeable market events?
cbETH ranks second in LSD marketshare after Lido stETH, but it is by a large margin. cbETH commands around 11% of the market compared to Lido's 74.4%. While stETH has ~$600m liquidity across DEXs, cbETH has $44.16m pool TVL in DeFi with 9,501.45 cbETH. Over 97% of cbETH is on Coinbase.
The DefilLlama Liquidity Tool estimates a cbETH>ETH swap size of 9000 cbETH (worth ~$18.1m) would produce a 1% slippage. By comparison, a $300m stETH swap would produce a comparable figure. This ranks cbETH at around 6% of the on-chain liquidity depth of stETH.
cbETH may face greater liquidity challenges in the future. Its fees are the highest of the primary LSD competitors, resulting in consistently lower yields for users. Regulatory scrutiny has caused Coinbase to cease promotional activites or incentive programs to help drive cbETH adoption in DeFi.
VOLATILITY: Has the LSD had any significant depeg event (post merge)?
Following the Shapella upgrade along with some withdrawal demand, cbETH did experience some increased volatility that caused it to trade slightly below its fair value for a brief period. Overall, it has stabilized relative to ETH following the upgrade.
Arriving to the upgrade, Coinbase had warned customers that they "anticipate the Ethereum protocol will take weeks to months to process unstaking requests immediately following the upgrade." Although withdrawal demand is quite low currently, falling yields or network issues may precipitate large withdrawal demand that cannot be immediately arbitraged.
One advantage of a centralized LSD service is the possibility Coinbase can expedite user withdrawals from the business's cash flow, potentially averting a withdrawal bottleneck. However, section 1.7(j) of the User Agreement states "Coinbase will not backstop or otherwise intervene to guarantee cbETH liquidity".
6.1.2 Technology Risk
SMART CONTRACTS: Does the analysis of the audits and development activity suggest any cause for concern?
Custody of the underlying ETH is managed by Coinbase internally, and therefore the smart contract security is significant only for accounting purposes.
The system Coinbase deployed was forked from Centre's FiatTokenV2_1, which is used with USDC and has significant SC maturity, having been on mainnet for multiple years. The additional contracts introduced with cbETH (ExchangeRateUpdater and MintForwarder) have been audited and have access controls centralized to Coinbase.
DEPENDENCIES: Does the analysis of dependencies (e.g. oracles) suggest any cause for concern?
Because cbETH operations are entirely centralized to Coinbase, the most significant risk to users is counterparty risk involving failure of the node operator, lost or stolen private keys, etc.
Withdrawal times are advertised as a minimum of 27 hours and Coinbase has warned users that in times of high network-wide withdrawal demand, processing times can be in the weeks to months.
Coinbase does have a reliable Chainlink pricefeed available for the cbETH/ETH pair.
6.1.3 Counterparty Risk
CENTRALIZATION: Are there any significant centralization vectors that could rug users?
Coinbase has complete centralized control over the cbETH system and user funds. While ownership of staked ETH remains with the user (as per the User Agreement), Coinbase discloses risks that could cause losses for users.
Staking involves the risk of slashing. In some cases, Coinbase will reimburse users, but not "if slashing was the result of a hack, your own actions, or a bug in the protocol itself" (source)
Cyberattacks and security breaches of the platform.
Theft, loss or destruction of private keys under Coinbase Custody.
Various economic and regulatory uncertainties could threaten Coinbase as a business, and therefore the continued operation of cbETH.
LEGAL: Does the legal analysis of the protocol suggest any cause for concern?
On June 6, 2023, the SEC Charged Coinbase with operating as an Unregistered Securities Exchange, Broker and Clearing Agency. A complete list of allegations is in the SEC Complaint. Coinbase responded on June 28th with an Answer to the Plaintiff's Complaint that outlines various defense strategies.
The enforcement actions and regulatory scrutiny generally have apparently caused Coinbase to exercise caution with promoting cbETH for fear it could be considered a securities offering. It is too early to know for sure how the enforcement action will play out, but in the short term it has dampened the growth of cbETH relative to competitors and there is some uncertainty about the future of the product offering.
6.1.4 Risk Rating
Based on the risks identified for each category, the following chart summarizes a risk rating for cbETH as collateral. The rating for each category is ranked from excellent, good, ok, and poor.
We rank cbETH ok on liquidity because although it ranks 2nd by LSD marketshare after stETH, >97% of liquidity is on Coinbase and an $18.1m on-chain swap produces a similar slippage as a $300m stETH swap.
We rank cbETH good in volatility because a centralized service provider should be capable of expedited withdrawal processing during times of high demand than a decentralized protocol. This would strengthen the LSB in certain circumstances. However, Coinbase does not claim to expedite withdrawal requests.
We rank cbETH excellent in smart contracts because the contract architecture is straightforward, managed by permissioned Coinbase addresses, based on battle-tested contracts, is audited, and the contracts themselves do not handle user funds.
We rank cbETH good in dependencies for having a reliable pricefeed available. A centralized service can be an advantage when managing system accounting, withdrawal processing, and unforeseen network issues (high withdrawal demand, Ethereum network issues, etc.)
We rank cbETH poor in decentralization because it is a centralized service operated by Coinbase and users are thus exposed to counterparty risk. The User Agreement does offer assurances that users retain legal ownership of their staked ETH. Coinbase does make an effort to reduce centralization of its validators by diversifying across several software clients.
We rank wstETH ok in legal for recently receiving an enforcement action from the SEC alleging that Coinbase's staking program constitutes a securities offering. See section 5.4.3 for details. Despite regulatory scrutiny, Coinbase has a long history striving for regulatory compliance and appears prepared with a solid legal basis to defend itself.
Compared with Lido stETH, we assess that cbETH is stronger in the categories Smart Contract and Volatility. It is weaker in the categories Liquidity, Centralization, and Legal.
There are potential advantages of a centralized LSD product within a diversified collateral basket, namely that the service provider can react more quickly during adverse circumstances, leading to less volatility and possibly greater user trust in the product.
Care should be taken to limit exposure to cbETH for the primary reasons: 1) liquidity is quite low despite cbETH having the second highest LSD marketshare and is highly concentrated on Coinbase. 2) A recent SEC enforcement action demonstrates a level of regulatory scrutiny that creates some uncertainty about the future of the cbETH product or, at the very least, Coinbase's ability to remain competitive against competing LSD products.
Our assessment overall is that cbETH is a suitable collateral asset within a diverse basket of LSDs, but DAO voters are recommended to limit protocol exposure to cbETH by targeting a basket allocation composed primarily of wstETH. wstETH has a much stronger liquidity profile and achieves a level of decentralization that offers stronger user assurances. cbETH is a good contender with risk attributes making it quite complementary to wstETH, but due to weaknesses in its liquidity profile and legal situation, it should remain a minority member of the collateral basket at this time.