Source: DeFiLlama

This growth is intricately tied to the anticipation of EigenLayer, especially given that it has reached its capacity for LSD deposits. Consequently, this places Renzo in a pivotal position, as it is one of the few to offer an avenue for native restaking. By acting as a bridge to EigenLayer's native restaking functionalities, Renzo not only democratizes access to restaking by accommodating fractional ETH deposits but also enriches the user experience by integrating rewards in the form of EigenLayer loyalty points.

2.1.2 Transaction Volume

The daily transaction volume and transfer count for ezETH at the contract level are depicted in the following graph:

Source: Etherscan | Date: March 31, 2024

2.1.3 Average Deposit Size

The average deposit size in ETH is captured below:

source: Dune - March 31, 2024

2.1.4 Active Addresses/Users

The following chart tracks activity by showing the daily unique depositing addresses into Renzo along with returning depositors.

Source: Dune Analytics

The following chart tracks the cumulative growth of depositing addresses over the past 90 days.

Source: Dune Analytics

2.1.5 User Growth

Renzo's daily depositors day-over-day growth percentage is shown in the chart below.

source: Dune

2.2 Competitive Analysis Metrics

2.2.1 Market Share

Renzo has the second largest TVL for Liquid Restaking Tokens, with an approximate market share of 26% at the time of writing.

Source: DefiLlama | Date: March 31, 2024

Source: Dune | Date: March 31, 2024

Renzo rose from the 4th largest LRT provider by TVL at the start of January, to the 2nd largest today.

Source: Dune | Date: April 1, 2024

2.2.2 Trading Volume Share in Total LRT Trading Volume

ezETH makes up a significant portion of overall LRT trading volume as of the last month.

LRT Provider 1M Average Volume ezETH Renzo protocol $49,169,881 weETH EtherFi $30,681,106 eETH EtherFi $364,562 rswETH Swell protocol $1,710,255 rsETH Kelp DAO $5,231,328 pufETH Puffer Finance $1,419,076

2.2.3 Protocol Staking Yield

Renzo advertises a 14-day moving average staking yield of 1.95% APR for ezETH holders on its dApp as of April 17, 2024. By comparison, the Compass Staking Yield Reference Index Ethereum (STYETH Index), which measures the annualized daily staking yield obtained when staking on the Ethereum blockchain, expresses 3.288% at the same time.

2.2.4 Slashing Rate

As of the current date, Validators that underpin the value of ezETH, Figment, P2P.org, Luganodes, HashKey Cloud, and Pier Two, have not experienced any slashing incidents, according to rated.network.

2.3 Subsidization of Economic Activity

2.3.1 Existence of an Incentive Program

Renzo actively engages in incentivizing participation within its ecosystem through various means:

• EigenLayer Loyalty Points: Renzo commits to passing on 100% of the EigenLayer loyalty points accrued by stakers. Thus, participants shall directly benefit from their contributions to the network's security and growth.

• Loyalty Point System: Beyond EigenLayer points, Renzo has developed its own loyalty point system. Despite neither type of loyalty point currently holding economic value, they represent a potential future benefit for participants.

• Referral System: Users can earn extra Renzo points by inviting other users who deposit ETH. The system is cumulative, meaning the more people one invites and who actively use or deposit ETH on Renzo, the greater the number of Renzo Points the referrer can earn.

• Incentive Alignment: Renzo is aligned both with LSD protocols, by staking their tokens in EigenLayer without selling them for native ETH, and supported chains, by keeping TVL on their chains when users are restaking their tokens.

DeFi Integrations

Renzo is incentivising DEX liquidity across multiple DeFi protocols by boosting up to 2x the received Renzo Points - LPs receive 2x the value in the pool per hour. The pool will accumulate 2 points per ezETH or WETH per hour held in the pool. This will get redistributed pro-rata to the LPs. For EigenLayer Restaking points, the pool can only accumulate 1 point per hour per ezETH in the pool. This will get redistributed pro-rata to the LPs. A full breakdown of the details can be found in Renzo's documentation.

Renzo also partnered with Pendle Finance - a DeFi yield market, to support ezETH. The main rationale was to address unpredictable ezETH yield that consists of 4 potential APY streams:

1. ETH staking

2. Restaking rewards

3. EigenLayer points

4. Renzo points

From the four APR sources above, currently the only active (and least likely to be considered "speculative") stream is ETH staking APR. By splitting ezETH between the principal and yield token, Renzo stakers can realize airdrop profits early and speculators can buy exposure to future events.

By looking at the Pendle token prices of different LRTs, we can see which LRT yield the market thinks is the most valuable.

Source: Pendle dApp

Since AVS validation is still disabled on EigenLayer at the time of writing, and all LRTs have a similar staking yield, the differences in the Pendle rates mostly reflect how the market values the points program of each LRT.

Section 3: Market Risk

This section addresses the ease of liquidation based on historical market conditions. It seeks to clarify (1) the Liquid Staking Basis & Volatility of ezETH, and (2) the liquidity profile of the collateral. Market risk refers to the potential for financial losses resulting from adverse changes in market conditions.

This section is divided into 2 sub-sections:

• 3.1: Volatility Analysis

• 3.2: Liquidity Analysis

3.1 Volatility Analysis

3.1.1 Liquid Staking Basis (LSB)

Liquid Staking Basis compares the ezETH market price to the fair value of underlying ETH in the system. The fair value is characterized by an increase in the internal ezETH rate oracle over time. The internal exchange rate is queried from the BalancerRateProvider contract and the daily open market price is provided by Coingecko.

The chart below calculates the LSB at each timestep as:

Source: CoinGecko

The absolute LSB shows the overall magnitude of the deviation without respect to positive or negative deviations.

Source: CoinGecko

The previous LSB charts do not display a mentionable depeg event that occurred on April 23 when the Renzo Protocol team revealed its controversial governance token allocation that disappointed expectations of ezETH holders, resulting in a sharp sell-off event.

Source: @RenzoProtocol X account. Post was deleted.

This led to a state of panic, during which ezETH depegged significantly, as much as 78% on some trading venues:

Source: @DeFi_Made_Here X account.

Several lending markets were exposed to ezETH, causing liquidations to users and in some cases bad debt. Morpho users faced substantial losses, with liquidations for 6-7 figures. Gearbox lost 50% of the ezETH TVL and paused users' Credit Accounts, accruing bad debt that will be covered by reserves.

Liquidated users are furthermore not eligible for any airdrop since users must hold ezETH until April 26th, as per Renzo's airdrop eligibility announcement.

3.1.2 LRT Volatility

Over the course of the past several months, the volatility of daily returns has mostly been contained within an expected range for volatile assets, oscillating between -5% and +5% until a severe market event occurred on April 23. The behavior over an extended time period is shown below.

Source: CoinGecko

However, the usual price action was severely disrupted on April 23, 2024, when ezETH sharply depegged before somewhat normalizing, continuing to trade at a discount. Shown below is the ezETH/WETH UniV3 pool price action from the 23rd - 24th.

Source: CoinGecko Terminal

The Chainlink price feed, which aggregates from all major liquidity venues, also reported the market-wide depeg.

Source: ezETH/ETH Chainlink Data Feed | Date: 4/24/2024

This extreme volatility is likely attributable to no withdrawals from the protocol at this time, requiring users to exit their position through secondary venues. In recent days, there has been a large outflow from Pendle, likely precipitating the abrupt market pressure.

Source: Nansen | Date: 4/24/2024

3.2 Liquidity Analysis

3.2.1 Supported DEXs and CEXs

ezETH is included in a number of DEX pools with the highest concentration on Balancer, and it is not listed on any CEXs. The presence of ezETH across various decentralized exchanges highlights its integration and liquidity within the DeFi ecosystem (data taken on April 2, 2024):

Notably, a significant amount of liquidity is in pools paired with other LSD/LRT assets, as opposed to ETH, creating a greater dependence on other LSD/LRT assets to exit ezETH exposure on secondary markets.

3.2.2 DEX Volume

The DEX volume for ezETH is captured in the following charts.

Balancer: Source: Dune | Date: March 31, 2024

Uniswap: Source: Dune | Date: March 31, 2024

Curve: Source: Dune | Date: March 31, 2024

3.2.3 Trading Volume to Market Capitalization Ratio

As given in section 2.2.2, the 1 month average trading volume for ezETH is $49,169,881. Divided by its average market cap for the same month, $~1.5B, we get a ratio of roughly 3.3%.

Source: CoinGecko

3.2.4 LRT Leverage Ratio

ezETH has been integrated as a collateral option across several lending and stablecoin platforms, illustrating its growing utility within the DeFi ecosystem:

• Morpho Blue features an isolated ezETH/WETH market with a Loan-to-Value (LTV) ratio set at 86%, managed via the MetaMorpho aggregator under Re7's supervision.

• PrismaLRT offers an ezETH/ULTRA market, that recently was paused following the Prisma exploit (the protocol has since been unpaused).

• Silo Finance recently introduced an ezETH/ETH market, marking its fresh expansion into utilizing ezETH as collateral.

Morpho Blue

The Liquidation Loan-to-Value (LLTV) ratio for ezETH on Morpho Blue is distinctively set lower than that for wstETH (94.50%), reflecting a cautious stance towards ezETH's volatility and risk profile. Despite this, ezETH's utilization rate is notably high at 89.85%, with borrowers facing a steep interest rate of 35% for leveraging ezETH as collateral.

The Morpho lending pool experienced bad debt in the aftermath of the ezETH depeg on April 23. Note that Morpho is designed with siloed pools, so the bad debt was limited to the affected pool.

Prisma Finance

Although operations at Prisma Finance had been temporarily suspended in March, prior data indicated a borrow interest rate of 19.99% against ezETH, with a Minimum Collateral Ratio (MCR) fixed at 130% or ~77% LTV. The utilization of ezETH in minting ULTRA tokens was comparatively modest, especially when juxtaposed with other LRT markets, suggesting a cautious engagement from the lending community.

Silo Finance

Silo Finance's recent integration of ezETH does not yet offer extensive data on its utilization. However, the platform’s decision to set a higher liquidation threshold for ezETH at 90% - compared to the 85% for other Liquid Staking Derivatives - implies a greater confidence in ezETH's peg and/or confidence in the platform's ability to prevent bad debt from occurring.

These dynamics across various platforms reveal a complex picture of ezETH’s adoption as collateral, where platforms exhibit a spectrum of risk appetites and policy adjustments to accommodate ezETH's unique risk-reward profile. This evolving landscape necessitates close monitoring and potentially, adaptive strategies to optimize ezETH's utility and performance as a collateral asset.

Section 4: Technological Risk

This section addresses the persistence of collateral properties from a technological perspective. It aims to convey (1) where technological risk arises that can change the fundamental properties of the collateral (e.g., unresolved audit issues) and (2) do any composability/dependency requirements present potential issues (e.g., is a reliable price feed oracle available?).

This section is divided into three sub-sections:

• 4.1: Smart Contract Risk

• 4.2: Product and Layer Composability

• 4.3: Oracle Pricefeed Availability

4.1 Smart Contract Risk

4.1.1 Protocol Audits

Renzo's Ethereum mainnet contracts has one public audit:

• Halborn (2023-11-29): 14 findings including 2 critical and 1 medium. All findings were resolved.

No public audits are available for the cross-chain system. However, in their recent Twitter post, the team mentions that @HalbornSecurity has been on retainer, reviewing all contract upgrades, and is finalizing a full re-audit of the protocol. Additionally, the post mentions that @sigp_io was hired in April to complete an independent re-audit of the Renzo Protocol. It is still unclear whether the cross-chain system will be included in this report.

There was also a public audit competition was conducted via @code4rena that ended on May 8, with over 50 Wardens reviewing the code. The cross-chain system was a part of the competition's scope. The audit competition details can be found here.

4.1.2 Concerning Audit Signs

Renzo's core contracts underwent a singular formal audit, which concluded with several issues, and the team reportedly rectified all identified findings. The public-facing code is presented as accessible and straightforward in its complexity, suggesting an initial layer of transparency and diligence. As described in section 4.1.1 (Protocol Audits), in their recent Twitter post, the Renzo team mentions that HalbornSecurity has been finalizing a full re-audit of the protocol, and Sigma Prime was hired in April to complete an independent audit of the Renzo Protocol. It is still unclear whether the cross-chain system will be included in HalbornSecurity's re-audit or in Sigma Prime's independent audit. The Twitter post also mentions that a public audit competition was conducted recently, with the cross-chain system in the competition's scope.

However, a glaring oversight in the singular public formal audit of HalbornSecurity is its omission of critical centralization vulnerabilities, notably the permissions allowing for arbitrary recipient specification during withdrawals from operators, the restaking of ETH accumulated in the DepositQueue, or the unchecked minting of ezETH (see section 5.1.2 Access Controls for a PoC of ezETH infinite mint via the owner multisig). These mechanisms could, in effect, empower the Renzo team — or worse, an adversary who gains control over the multisig wallet — with the capacity to misappropriate user funds.

The audit's Slither analysis revealed more findings than typically deemed acceptable, encompassing issues of high and medium severity. These were summarily dismissed as non-consequential or false positives by the auditing team. Notably, an approve call in the DepositQueue's sweepERC20 function, which facilitates the transfer of any accumulated ERC20 tokens to the RestakeManager, was flagged for not checking return values. This oversight could obstruct the claimability of ERC20 reward tokens by Renzo, particularly with tokens like USDT that do not implement a return call in their approve() function. A solution, such as employing OpenZeppelin's forceApprove function, could preempt such predicaments.

A conspicuous absence of a public formal audit for the cross-chain system further compound these concerns, leaving significant aspects of Renzo's security posture unvetted - at least within the public domain (Note that the Code4rena audit competition did include the cross-chain system, although these findings are not yet public).

4.1.3 Bug Bounty

The Renzo Protocol is running a bug bounty with Immunefi, since December the 14th 2023, with a maximum bounty of $250,000. There is a notable omission of the cross-chain system from inclusion in the bounty program. More details can be found at Immunefi.

4.1.4 Immutability

The majority of Renzo's smart contracts possess pausability and upgradeability features, managed by a ProxyAdmin contract that is owned by a timelock contract. Transactions can be proposed to the timelock contract by the addresses that are whitelisted under the PROPOSER_ROLE, and executed by addresses that are whitelisted under the EXECUTOR_ROLE.

Currently, two addresses are whitelisted for proposing transactions - 0xAdef586efB3287Da4d7d1cbe15F12E0Be69e0DF0, an EOA, and 0xD1e6626310fD54Eceb5b9a51dA2eC329D6D4B68A, a 3/5 multisig. The 3/5 multisig is also whitelisted for executing transactions. The 3/5 multisig also has the TIMELOCK_ADMIN_ROLE, which has the ability to add or remove addresses from the aforementioned whitelists.

The presence of the OpenZeppelin TimeLockController contract, with a 3 day time lock, is set to protect all protocol upgrades, and give users a chance to exit the system in case of an upgrade they do not like. It is worth noting that since withdrawals are still not enabled, users may be required to exit the system at a loss.

Upgradeability is facilitated through the Transparent Upgradeable Proxy pattern, noted to be less gas efficient relative to the UUPS proxy pattern, but more commonly used. Unlike the UUPS proxy pattern, where upgrade logic is housed in the implementation contracts, the transparent pattern integrates this logic within the proxy contracts, and checks if the caller is the owner on every call, which increases gas usage.

A list of deployed contracts is accessible here: Deployed Contracts.

4.1.5 Developer Activity

In December 2023, Renzo made some of its smart contracts publicly available, not providing any deployment instructions within its public repository, nor sharing its test suite. Since this repository is merely a superficial clone of the private repository, detailed developer activity remains undisclosed. The claim of open-sourcing its smart contracts is subject to scrutiny as external contributions are not facilitated. The transparency regarding the deployed code's alignment with the provided repository remains ambiguous, inviting users to verify code deployment independently through bytecode comparison on the blockchain.

4.1.6 SC Maturity

Renzo deployed its smart contracts on December 5, 2023. Despite this significant step, the project has yet to embrace a formal versioning protocol for its smart contracts publicly, leading to challenges in distinguishing between the various iterations and updates of its codebase over time. While it's conceivable that Renzo adheres to versioning practices internally, the external visibility into the protocol's codebase evolution and documentation revisions is significantly hampered due to restricted repository access. This opacity is compounded by the absence of publicly available test suites or deployment guidelines.

The protocol's audit history, comprising solely one private audit and devoid of public audit contests, leaves a gap in the visible trajectory of enhancements or rectifications made in response to audit findings. This scenario underscores a crucial aspect of smart contract development and maintenance that Renzo could further optimize to underscore its commitment to security and reliability.

4.1.7 Previous Incidents

To date, there have been no publicly reported incidents associated with Renzo smart contracts.

4.2 Product and Layer Composability

4.2.1 Dependencies

EigenLayer Integration

ezETH distinguishes itself as a Liquid Restaking Token (LRT) through integration with EigenLayer. This platform extends Ethereum's decentralized security infrastructure to additional applications such as Data Availability (DA) layers, oracle networks, and sidechains, offering validators enhanced yield in exchange for assuming greater responsibilities and risks. The collaboration between Renzo and EigenLayer's contracts enables this restaking functionality. However, two primary risks are associated with EigenLayer: the potential for crypto-economic security breaches if the cost of corruption is lower than the profit from corruption and the possibility of wrongful slashing due to inaccurately defined slashing conditions or unexpected behavior of node operators. EigenLayer addresses these concerns by developing automated monitoring systems and establishing a security council to oversee slashing decisions.

Connext & CCIP Integration

In collaboration with Connext Network and Chainlink's Cross-Chain Interoperability Protocol (CCIP), Renzo Protocol is bringing native cross-chain restaking to supported layer 2 and alternative L1 networks. ETH holders can restake from those networks without migrating funds back to the L1, aligning incentives between Renzo and the supported networks, and enhancing user experience.

Connext is a modular interoperability protocol for passing funds and data between chains. Developers can use Connext to build cross-chain apps that interact with multiple blockchains or rollups simultaneously.

Since the xezETH that is minted on the non-Ethereum chains are not redeemable, and ezETH will be minted only following admin action, limited risks are introduced to the core L1 system. However, xezETH minters are potentially vulnerable to slippage caused by the reported ezETH price, which is provided by the RateProvider and transmitted using CCIP, and various bridge-related inflation attackes which can lead to significant value lost of those xezETH holding on the respective chain. Moreover, a quick look at the xRenzoDeposit implementation contract, shows that not only CCIP can update the ezETH price, but also the contract's owner, using the updatePriceByOwner function.

Price Oracles

When deposits are made into the Renzo protocol, price oracles are used to determine the ETH-denominated value of the TVL and the deposited asset. A malfunctioning price oracle might cause a disproportionate minting of ezETH, unjustly inflating it's supply.

As of today, the only LSDs supported by the protocol are Wrapped Binance Beacon ETH (wBETH) and Lido's stETH. The price for wBETH is fetched using this contract, titled WBETHShim, from a price oracle operated by Binance, which is completely centralized. The WBETHShim contract does not check for the liveness of the Binance oracle, nor for any anomalies in its reported price, but blindly trusts it. On-chain analysis indicates regular updates of the Binance oracle's exchange rate, which occur every 24 hours or so.

Note that the price of stETH is obtained directly from a Chainlink oracle, again, without checking for liveness or price anomalies. We focus attention on the Binance oracle, as it presents a more palpable centralization vector.

We have tested the potential for manipulability of the ezETH supply in case the Binance price oracle misreports the wBETH price in a forked mainnet. ezETH can theoretically be inflated up to the wBETH TVL limit imposed by the protocol (currently set to 50k wBETH). With a 13.6k wBETH TVL as of April 25, 2024, up to 36.4k ETH worth of ezETH can potentially be erroneously minted.

See below that the Binance oracle report can be inflated and that a lack of sanity checks in the Renzo contract allows 3x the amount of ezETH to be minted from wBETH when the oracle is manipulated. The manipulation is possible up to the collateralTokenTvlLimit previously described.

4.2.2 Withdrawals Processing

While Renzo's documentation allocates a section to the process of withdrawals, it's crucial to underscore that, as of the current moment, the functionality for ezETH withdrawals remains conspicuously inactive. This limitation is not merely an oversight but a significant functional gap in the deployed implementation contracts. The protocol's stance, as delineated in its documentation, suggests an alternative route for users looking to exit their ezETH positions - namely, by engaging in liquidity provision or selling their ezETH on Balancer.

This guidance, while providing a temporary workaround, raises substantial concerns regarding the liquidity and market stability of ezETH, especially under conditions of heightened market volatility or in scenarios where Balancer’s liquidity might not suffice to accommodate large or numerous withdrawal intents. The absence of a direct withdrawal mechanism fundamentally restricts arbitragers in fixing its market price, and potentially placing users at a disadvantage by compelling them to navigate secondary markets or liquidity pools, which may not always offer favorable conditions or prices.

4.3 Oracles Pricefeed Availability

4.3.1 Understanding the Oracle

ezETH has a robust Chainlink oracle, that is available on Ethereum, Arbitrum, and Linea networks. A new answer is written when the offchain data moves more than the 0.5% deviation threshold or 24 hours have passed since the last answer was written on-chain. The smart contract is connected to 16 oracles, while each price aggregation requires an answer from at least 11 of them.

Chainlink uses a "Volume Weighted Average Price" (VWAP) price aggregation methodology. VWAP is a mechanism used to calculate the price of an asset by taking price data from multiple trading environments and weighting each price by the amount of volume on each liquid market an asset is trading on. More information about the advantages of the VWAP mechanism can be found in Chainlink's documentation.

4.3.2 Token Liquidity and Distribution

Total Token Distribution

As of April 2, 2024, analysis of ezETH's total supply distribution highlights that the top five holders account for nearly 80% of the tokens. It's important to contextualize this figure, especially considering that a significant portion of ezETH is engaged in DeFi platforms like Pendle, Zircuit, and within Balancer pools, which could represent a multitude of individual user holdings rather than a few centralized entities.

Over 30% of ezETH is allocated within Pendle, indicating widespread user participation rather than centralized control. Similarly, more than 20% is engaged on Zircuit, a Layer 2 solution facilitating LRT staking, potentially aggregating numerous individual stakes. Furthermore, Balancer pools, holding nearly 3% of ezETH's supply, also serve as a collective investment medium for a broad user base.

Source: Etherscan | Date: 4/2/2024

The 0xC81...059 address, identified as Renzo's Lockbox contract, indicates that close to 20% of the total supply is utilized across non-Ethereum-mainnet networks, illustrating ezETH's cross-chain functionality. The presence of a giant whale (0x221...a7c) does raise questions about individual large-scale holdings.

Liquidity Venue Distribution Taking a look only at liquidity pools, the vast majority of ezETH is concentrated in Balancer pools, followed by a small portion in Uniswap and Curve.

Source: Nansen | Date: 4/25/2024

Cross-Chain

An on-chain analysis of the ~20% of ezETH situated on non-Ethereum-mainnet networks shows a diversified presence across Arbitrum, Blast, Mode network, Linea, and BSC, further underscoring the token's broad adoption. Within Arbitrum, despite the concentration among the top three holders, the largest portion is held by Pendle, potentially pointing to DeFi participation rather than necessarily centralized hoarding. BlackWing Finance and a bridge by Matter Labs follow, contributing to the ecosystem's liquidity and accessibility.

Source: Arbiscan

This nuanced view of ezETH's distribution paints a picture of a token with substantial engagement in DeFi platforms. It underscores the importance of distinguishing between tokens held in DeFi protocols, which can represent pooled investments from numerous users, and those held by individual addresses, which might indicate more centralized control.

Section 5: Counterparty Risk

This section addresses the persistence of ezETH's properties from an ownership rights perspective (i.e., possession, use, transfer, exclusion, profiteering, control, legal claim). The reader should get a clear idea of (1) who can legitimately change properties of the collateral (e.g., minting additional units) and what their reputation is, (2) the extent to which changes can be implemented, and the effect on the collateral.

This section is divided into four subsections:

• 5.1: Governance

• 5.2: Decentralization of the LSD

• 5.3: Legal

5.1 Governance

5.1.1 Governance Scope

As of the current phase, Renzo operates without a Decentralized Autonomous Organization (DAO), with governance centralized within the Renzo team. According to the Renzo documentation, a transition towards DAO governance is planned, although any specific details remain unspecified.

5.1.2 Access Control

The access control mechanisms of Renzo's smart contracts pivot around the RoleManager contract, with its source code available here. This contract involves a role-based access control scheme that divides privileged roles, and has a DEFAULT_ADMIN_ROLE responsible for assigning all other roles in the system, currently assigned to the 3/5 Renzo multisig wallet.

See below the various roles and their address assignments, current as of 5/24/2024. Certain roles, such as the RX_ETH_MINTER_BURNER, are assigned to a contract to limit risk of malicious minting. Other roles, such as the DEPOSIT_WITHDRAW_PAUSER, have EOAs assigned that may increase the efficieny in responding to emergencies. Note however, that extensive power is granted to the Renzo 3/5 multisig through its ability to assign all other roles.

We have further produced a PoC that demonstrates a potential attack vector whereby the DEFAULT_ADMIN_ROLE assigns the RX_ETH_MINTER_BURNER to a malicious address, and infinite mints ezETH. This demonstrates the critical trust assumption in the Renzo 3/5 multisig for overall system stability.

The requirement for merely three out of five signatures to greenlight new deployments or modifications introduces a relatively lenient security posture. This threshold, considerably lower than what might be observed in more conservatively designed systems, introduces palpable risks concerning the security and integrity of governance actions. Moreover, the lack of a timelock mechanism compounds these risks, permitting the enactment of changes with immediate effect, bypassing the opportunity for community scrutiny or preventive review.

This governance structure, while facilitating agility in decision-making, potentially compromises the protocol's resilience against unauthorized or hasty modifications. Enhancing the governance framework with more stringent control mechanisms, such as on-chain voting or the incorporation of a timelock to allow for discontent participants to exit, could significantly reinforce the protocol's governance structure and stakeholder confidence.

The current signers of the Renzo multisig are:

• 0xC66476C083812eF4AF9567EC4B0b737230b5754d

• 0x9D359DA6cA68ddBfB148d07b74Aa3aFD1F65039F

• 0xA724796812276dDDF1dC65dF91E11c1933A72371

• 0xfAFf23C643c89f6C8F2AbE3D08e207591Af93d1c

• 0x565E8E4771C0Ef8a64C8C7de224816eC1121E671

The identity of the signers is not publicly known.

5.1.3 Distribution of Governance

Renzo still needs to introduce a governance token. Details about the distribution process are yet to be disclosed, though it is anticipated that Renzo points might play a significant role in this event.

5.1.4 Proposals Frequency

Without governance tokens, there is no formal mechanism for community proposals or voting within the Renzo ecosystem. However, users can engage with the Renzo team and discuss matters on their Discord server, facilitating some level of community interaction.

5.1.5 Participation

A critical consideration for LRTs like those offered by Renzo involves the selection process for EigenLayer's AVSs, each with distinct risk and reward profiles. The Renzo team has expressed interest in conducting that process using its governance. The documentation states that initially this process will be done via snapshot votes, and after processes are defined, tested, and proven, it will move to full on-chain governance.

5.2 Decentralization of the LRT

Renzo's strategy for achieving decentralization within its Liquid Restaking Token (LRT) framework draws parallels to Lido's methodology, initially engaging exclusively with professional node operators. This decision is primarily aimed at reducing operational complexities early on, with a view to addressing broader network distribution challenges subsequently. However, the absence of publicly disclosed plans or strategies for enhancing network distribution poses a notable concern.

This approach, while pragmatic in its initial phase, raises questions regarding the long-term commitment to decentralization. The lack of transparency and detailed roadmap for expanding node operator diversity and distribution leaves stakeholders in the dark about Renzo's strategies for evolving beyond its current centralized operational model.

The importance of clear, actionable plans for achieving widespread network distribution cannot be overstated. Stakeholders would benefit from insight into Renzo's future steps towards decentralization, ensuring the protocol's alignment with the community's expectations for a truly decentralized and resilient LRT ecosystem.

5.2.1 Number of Node Operators

Renzo collaborates with 5 permissioned professional node operators, Figment, p2p.org, Luganodes, HashKey, and Pier Two

5.2.2 Validators per Node Operator

Renzo protocol has 28,102 active Validators and 5 Node Operator Delegators, so in average 5,620.4 Validators per Node Operator. NOs addresses are listed below:

Operator delegators (EigenPod manager)

1. OperatorDelegator1 | EigenPod1

2. OperatorDelegator2 | EigenPod2

3. OperatorDelegator3 | EigenPod3

4. OperatorDelegator4 | EigenPod4

5. OperatorDelegator5 | EigenPod5

5.2.3 Validator Enter/Exit (Churn)

Withdrawals are not activated for ezETH.

5.2.4 Distribution Across Geographical Locations

This data isn't provided for Renzo protocol.

5.2.5 Node Software Diversity

This data isn't provided for Renzo protocol.

5.3 Legal

5.3.1 Legal Structure

The website renzoprotocol.com by RestakeX Ventures Ltd serves as a conduit to Renzo Protocol. It is maintened by a collective of ecosystem participants alongside entities such as the RestakeX Foundation.

In terms of corporate transparency, RestakeX Ventures Ltd, shrouds itself in a veil of confidentiality. An exhaustive search has yet to illuminate the particulars of its incorporation. It might be a private company, and details on private companies are usually not publicly available.

On the other hand, Terms of Service points unequivocally to the British Virgin Islands (BVI):

These Terms and any action related thereto will be governed by the British Virgin Islands Arbitration Law and the laws of the British Virgin Islands, without regard to its conflict of laws provisions.

This subtly indicates that RestakeX Ventures Ltd might indeed be incorporated within the BVI’s shores.

However, RestakeX Foundation presents an enigma concerning its jurisdictional roots. Its establishment could very well parallel RestakeX Ventures Ltd, nestling within the BVI's legal framework. Alternatively, it may find its legal underpinnings in a disparate jurisdiction—a question that remains open in the absence of conclusive findings from open-source inquiries.

5.3.2 Licenses

Staking remains unregulated in the BVI. Consequently, the concept of restaking—redeploying staked ETH to secure additional services— also should not fall under the purview of existing BVI statutes.

For BVI-based entities that handle tokens and manage staking pools, including the distribution of rewards, compliance with the Virtual Asset Service Providers Act (VASP Act) may be obligatory. Under the VASP Act, a "virtual asset" is identified as any digital representation of value that can be digitally traded, transferred, and utilized either for payment or investment purposes. It notably excludes digital representations of fiat currencies. Entities providing services such as exchanges between virtual assets and fiat currencies, exchanges among different virtual assets, transfers, custodianship, or management of virtual assets—or those offering financial services linked to virtual assets—must register as Virtual Asset Service Providers (VASPs).

A notable exception purportedly used by RestakeX Ventures Ltd is the one for “the development, sale or offering of software or hardware”. The company is in charge of developing an open-source software portal, www.renzoprotocol.com, which is the entry point to the DeFi protocol. RestakeX Ventures Ltd makes no assertions regarding the custody of virtual assets, management of the staked tokens or rewards distribution; these functions are autonomously performed by smart contracts. Due to limited available data on the protocol’s legal structure, a comprehensive legal analysis remains constrained. However, the existing description of the system architecture suggests that the company operating the front-end interface does not directly engage in handling virtual assets on behalf of its clients.

Turning to securities regulation, the BVI’s primary legislative framework is encapsulated in the Securities Investment Business Act, 2010 (SIBA). SIBA regulates licensing and oversees entities involved in investment activities within or from the BVI, delineating an exhaustive list of instruments categorized as “investments.” Although crypto tokens are not explicitly listed, the classification of a token as an investment hinges on a detailed analysis of its characteristics and functionalities. If a token is deemed an investment, the issuer may be subject to regulations concerning the dealing in or arranging of securities. This, however, could also depend on whether the issuer’s activities qualify for any exclusions or safe harbors outlined in SIBA.

To date, there has been no indication that ezETH is classified as a security under SIBA, suggesting that it does not meet the specific criteria that would necessitate such classification.

5.3.3 Enforcement Actions

Renzo Protocol has, thus far, appeared to navigate the complex regulatory waters without falling foul of enforcement actions. This observation stems from a comprehensive search which, notably, did not yield any records of regulatory scrutiny, litigation, or sanctions directed against the protocol by regulators, national agencies, or other authoritative bodies.

5.3.4 Sanctions

Specific details on sanctions screening are not explicitly mentioned in Renzo documentation.

RestakeX Ventures Ltd stipulates specific conditions regarding the permissible use of its services, particularly emphasizing restrictions for U.S. persons and residents of other unspecified jurisdictions. The explicit prohibition for U.S. persons is detailed in the Notice on Prohibited Use, but the text lacks a comprehensive delineation of other international restrictions, only suggesting a broader, yet undefined, set of limitations.

NOTICE ON PROHIBITED USE – US AND OTHER RESTRICTED PERSONS: THE SERVICES ARE NOT OFFERED TO AND MAY NOT BE USED BY: PERSONS OR ENTITIES WHO RESIDE IN, ARE CITIZENS OF, ARE LOCATED IN, ARE INCORPORATED IN, OR HAVE A REGISTERED OFFICE IN THE UNITED STATES OF AMERICA (COLLECTIVELY, “US PERSONS”) OR PERSONS OR ENTITIES WHO RESIDE IN, ARE CITIZENS OF, ARE LOCATED IN, ARE INCORPORATED IN, OR HAVE A REGISTERED OFFICE IN ANY RESTRICTED TERRITORY, AS DEFINED BELOW (EACH SUCH PERSON OR ENTITY FROM A RESTRICTED TERRITORY, A “RESTRICTED PERSON”). Terms of Service

The Services, that per our interpretation, consist of providing interface for access to Renzo Protocol are confined to users residing in countries where such interactions do not contravene applicable laws. The Services are explicitly unavailable in specific jurisdictions, notably the United States. The exclusion of U.S. users is made clear, yet the protocol stops short of listing other affected jurisdictions, which may lead to ambiguities for potential users.

In a move to enforce these geographical and regulatory boundaries, RestakeX Ventures Ltd reserves the unilateral right to obstruct access to the services at any point. This is enforceable by blocking IP addresses and device identifiers that attempt to access the services from restricted regions.

5.3.5 Liability Risk

The Services rendered by RestakeX Ventures Ltd provide information solely for informational purposes and should not be regarded as professional advice. The Terms of Use explicitly state that no fiduciary duties are owed by the Company to the users.

Renzo refrains from offering assurances or guarantees regarding both the underlying protocol and the user interface. There are no promises for profitability from staking or restaking of crypto assets. Renzo emphasizes in a stand-alone Disclaimer that all interactions with its services, including potential financial outcomes, are conducted solely at the user's own risk.

ezPoints, projected as a reward mechanism to incentivize users, are designed to accrue to the user's ezETH balance, with specific conditions outlined to prevent abusive practices such as "looping." Looping is described as the act of using the same ezETH repeatedly to generate additional rewards by converting ezETH back to ETH to restart the reward process. Such actions are explicitly prohibited, and Renzo has implemented monitoring systems to detect and penalize this behavior by disqualifying offending users from receiving ezPoints and any associated boosts.

However, the points program is not incorporated into the ToS. This means there is no formal documentation detailing the terms, definitions, or the rights and obligations associated with Renzo points. The lack of formal integration into the ToS could lead to legal and operational ambiguities, particularly in scenarios where disputes arise over the allocation or deduction of points, or when users are sanctioned for prohibited activities such as looping.

RestakeX Ventures Ltd is not required to actively monitor the use of its Services or the content posted by users, which suggests an initial hands-off approach favoring user autonomy, while keeping the discretionary right to monitor content and restrict access to ensure operational effectiveness and compliance with legal obligations.

The Services are provided "as is" with no warranties of any kind. Neither the Company, nor its service providers will be liable for indirect damages such as lost profits, revenue, savings, business opportunities, data, goodwill, or the costs of substitute services arising from the use or inability to use the Services. The total liability for all claims related to the Services is capped at the greater of the amount paid by the user for the Services or one hundred dollars ($100), provided that the user has not incurred any payment obligations.

Disputes arising from ToS or the Services are to be resolved exclusively through binding, individual arbitration, not in a class or representative basis. The Cayman Islands Arbitration Law will apply, indicating a choice for a neutral arbitration locale separate from the governing law of the website Terms. Arbitration will be administered by JAMS under its rules, which are designed to provide a comprehensive framework for resolving disputes efficiently. Parties must bring claims individually, not as part of any class or collective action, with arbitration not to consolidate multiple claims. This significantly reduces the risk of widespread litigation liabilities for RestakeX Ventures Ltd but limits the recourse options for individuals.

5.3.6 Adverse Media Check

The diligent exploration into Renzo Protocol, RestakeX Foundation, and RestakeX Ventures Ltd has culminated without unearthing any direct associations with adverse media. This scrutiny sought traces of money laundering, corruption, sanctions exposure, threat financing, or other illicit undertakings but found no concrete links to these entities.

Moreover, our inquiry extended into the realms of fraud, scam, phishing, impersonation, and akin malevolent activities within the social media landscape surrounding the DeFi sector. Yet, it failed to discern any direct connections implicating Renzo Protocol, RestakeX Foundation, or RestakeX Ventures Ltd in such nefarious activities.

Section 6: Risk Management

This section will summarize the findings of the report by highlighting the most significant risk factors in each of the three risk categories: Market Risk, Technology Risk, and Counterparty Risk.

6.1.1 Market Risk

LIQUIDITY: Does the LSD have a liquid market that can facilitate liquidations in all foreseeable market events?

A predominant share of ezETH is currently allocated within Pendle, earmarked for speculation on future yields, leaving a mere approximate 4% of the token supply in decentralized exchange pools. In this context, ezETH may face significant challenges particularly during market stress periods.

Fueled by the anticipation of an EigenLayer airdrop, ezETH's growth harbors the potential to precipitate market instability. External market factors of any kind may adversely impact ezETH's liquidity which is relatively centralized on Pendle venues.

VOLATILITY: Has the LRT had any significant depeg event?

ezETH has not enabled withdrawals from the protocol, requiring holders to exit through secondary venues. This restriction dramatically increases the probability of depeg events, as the protocol can not facilitate fluctuations in demand, requiring some amount of speculation about future withdrawal capability to maintain its peg. On April 23rd the resiliency of ezETH's soft peg was tested when it experienced a sharp depeg with a prolonged recovery time. This is likely to be a recurring event so long as withdrawals are not activated, and requires extreme caution when onboarding as collateral.

6.1.2 Technology Risk

SMART CONTRACTS: Does the analysis of the audits and development activity suggest any cause for concern?

A single publicly available audit was conducted over Renzo’s core contracts, uncovering multiple problems which were reportedly fixed. Critical centralization risks were overlooked, especially related to the control of funds. The audit's leniency with certain severe findings raises concerns about the thoroughness and efficacy of the process. The absence of wider public audit scrutiny particularly in cross-chain operations, even though covered in its public audit contest, highlights significant security exposure.

Smart contract deployment began in December 2023 without a public versioning protocol, obscuring the evolution of its codebase. Public repository activities suggest limited external engagement and transparency, with key documentation and testing protocols absent. There is a bug bounty program with ImmuneFi, which offered a relatively low maximum payout for critical reports compared to the protocol size. Additionally, the bug bounty program does not include the cross-chain system in its scope.

DEPENDENCIES: Does the analysis of dependencies (e.g., oracles) suggest any cause for concern?

The integration of Renzo's ezETH with EigenLayer introduces a series of potential risks, particularly around crypto-economic vulnerabilities and the potential for inaccurately defined slashing conditions, despite its allure of augmented Validator yields. Expanding native restaking across various L1/L2 networks via Connext and Chainlink's CCIP introduces no direct incremental risks to Renzo's core system on Mainnet. Nonetheless, there are substantial vulnerabilities for xezETH minters due to potential slippage from the ezETH price reports provided by the RateProvider and transmitted via CCIP. Moreover, ezETH price can be updated not only via CCIP but also by the contract's owner through the updatePriceByOwner function.

Renzo's reliance on the centralized oracle for wBETH, is a critical point of vulnerability. The absence of intermediary buffer contracts that could provide checks for operational continuity and anomalous price fluctuations represents a significant oversight. The price of stETH is derived directly from a Chainlink oracle, that notably lacks safeguards against potential liveness or price anomaly checks.

A critical functional deficiency is observed - ezETH withdrawals remain inoperative at present. The outlined alternative involves engaging in liquidity provision or swapping on Balancer, which presents its own set of risks and dependencies.

6.1.3 Counterparty Risk

CENTRALIZATION: Are there any significant centralization vectors that could rug users?

Renzo’s architecture exhibits pronounced centralization vectors that could potentially compromise user security and protocol integrity. The crux of the issue lies in the trifecta of centralized control aspects: the concentration of Validator operations, significant sway held by the development team, and reliance on a centralized wBETH price oracle. This amalgamation of centralization points forms a precarious foundation, where the protocol could be susceptible to manipulation or even user exploitation without necessitating changes to the existing contract implementations.

While the decentralisation approach mirroring that of Lido seems practical at the outset, the lack of a publicly available strategy raises concerns about the commitment to diversification. A governance token is not yet introduced and details on future distribution mechanisms remain undisclosed.

Renzo’s governance is controlled by a RoleManager contract managed by a 3/5 multisig wallet. The presence of timelock mechanisms alleviates some of the centralization concerns regarding contract upgrades. However, the RoleManager contract, through the 3/5 multisig wallet assigned as the DEFAULT_ADMIN_ROLE, has the capacity to inappropriately misuse users funds, as demonstrated in section 5.1.2 (Access Control).

LEGAL: Does the legal analysis of the Protocol suggest any cause for concern?

The legal structure analysis indicates that the front-end operator is presumed to be based in the BVI, where there are no current restrictions on staking or restaking activities. ezETH, on its own, is not classified under securities laws within this jurisdiction.

Any disputes that arise from interactions with Renzo's front-end are designated to be resolved through arbitration proceedings in the Cayman Islands. However, a significant concern arises with the Renzo points program, which currently lacks ToS integration. This omission results in an ambiguous framework regarding the allocation and management of points, particularly in cases of perceived unfair use or miscalculated point allocations.

6.1.4 Risk Rating

Based on the risks identified for each category, the following chart summarizes a risk rating for ezETH as collateral. The rating for each category is ranked from excellent, good, ok, and poor.

• We rank ezETH ok in liquidity due to high concentrations in DEX pools paired with other LSDs/LRTs, and the possibility of transient popularity driven by speculative interest in EigenLayer points.

• We rank ezETH poor in volatility due to the fact that withdrawals are disabled, inhibiting arbitrageurs from maintaining ezETH's peg.

• We rank ezETH ok in smart contracts due to a singular public formal audit on its core system, while its cross-chain functionalities having just recently been assessed in a public audit contest. Additionally, the bug bounty program excludes the cross-chain system, and both the code life cycle and the testing suite - if it exists - are not publicly disclosed.

• We rank ezETH ok in dependencies due to the centralization of its wBETH oracle and the lack of liveness or price anomalies checks. There is a Chainlink price feed available for ezETH.

• We rank ezETH poor in decentralization due to the absence of a clear strategy for decentralizing node operations, despite existing plans for governance and on-chain activity. Furthermore, the system's current structure is significantly centralized around the Renzo team, granting them unilateral control over user funds with the potential for malfeasance.

• We rank ezETH ok in legal due to its relatively clear legal structure and operation within jurisdictions that offer favorable conditions for staking services. While Renzo has implemented measures to restrict US users, it falls short in delineating restrictions for users from other countries (incl. these under international sanctions).