The below document is a high level assessment of eBTC’s risk profile, and is intended to give integrators and end users a deeper understanding of relevant mechanisms and risk factors.
Summary
eBTC is a decentralized, overcollateralized, Ethereum based synthetic asset tracking the price of BTC. eBTC allows Ethereum users to have trustless, permissionless exposure to Bitcoin price by holding eBTC, or alternatively the ability to access Bitcoin liquidity or get short exposure to BTC by minting eBTC through a collateralized debt position (CDP).
Due to its unique mechanics, eBTC has a risk profile that is significantly different from centralized alternatives such as WBTC. Below, we outline how the protocol works in detail and evaluate key risk factors that impact eBTC holders and users.
Protocol Overview
At its core, the eBTC protocol is a debt based synthetic stablecoin, similar to Liquity’s LUSD stablecoin but tying its peg to BTC instead of USD. eBTC is generated by users who supply stETH collateral in order to mint eBTC through collateralized debt positions (CDPs). Protocol solvency and eBTC fundamental backing are ensured by overcollateralization, where CDP users must supply a greater value of collateral than the value of eBTC minted. If a user’s CDP falls below the minimum required collateral ratio, it can be liquidated permissionlessly to repay outstanding debt in exchange for collateral, ensuring the system as a whole remains overcollateralized.
Unlike centralized wrapped BTC tokens, eBTC is not directly exchangeable or redeemable for Bitcoin through the protocol. Instead, it relies on key mechanisms and monetary policy levers to support the peg and ensure price tracks BTC faithfully.
In cases where the price of eBTC falls below BTC, token holders can make use of a redemption mechanism (similar to the mechanism in place for LUSD) where they can exchange eBTC tokens for an equivalent value of stETH collateral from the lowest collateralized CDP, less a fee to prevent abuse of the mechanism. This has the effect of putting a floor under the price of eBTC and helping contract supply to match reductions in demand.
If eBTC price rises above BTC, there is no direct arbitrage mechanism available as is the case with redemptions while price is below peg. Instead, eBTC protocol minimized governance can make adjustments to the protocol yield share, which is a percentage of stETH collateral yield that is retained by the protocol as a fee, to help balance supply and demand. If there is an excess of demand vs supply causing the price of eBTC to rise above the peg, reducing the protocol yield share (PYS) can help incentivize additional users to open CDPs and mint eBTC to increase supply. This same mechanism can work in reverse in cases where there is an excess of eBTC supply.
BadgerDAO plays a key role in the eBTC ecosystem, as the administrator of the protocol’s limited governance mechanisms, coordination and funding body behind eBTC’s continuing development, and an anchor liquidity provider for the eBTC token. eBTC protocol admin functions are managed either by the Badger Treasury Council, or by a smaller and more agile execution multisig, depending on their level of authority. The Badger treasury provides a significant amount of liquidity for the eBTC token and operates a large CDP minting eBTC. Additionally, Badger has a significant reserve of capital on hand that can be used to conduct open market operations and support eBTC stability if needed. And key contributors to the eBTC protocol including the Badger Association are funded by BadgerDAO pursuant to approved Badger Improvement Proposals (BIPs).
While presently the eBTC protocol functions similarly to a BTC denominated version of Liquity’s LUSD, the protocol is still being actively developed. The protocol features an extensible minting framework, which allows new eBTC minting modules to be added alongside the core CDP protocol in the future. This would allow for additional mechanisms such as Bitcoin stability modules (BSMs) which can help strengthen the peg by allowing eBTC to be minted or burned in exchange for other tokenized BTC assets. The protocol may also use the revenue generated from the PYS or other future minters to incentivize holding eBTC through a staking product, which can drive growth and integrations while also serving as an additional monetary policy lever to support the peg.
Risk Evaluation
Market and Liquidations Risk
The core eBTC CDP protocol is exposed to price fluctuations in the ETHBTC ratio, as well as depegs and price divergence for stETH as well as eBTC itself.
The protocol uses a minimum collateral ratio (MCR) of 110%, meaning any CDP where the value of collateral vs debt falls below 110% can be liquidated. If the average total collateralization ratio (TCR) of all CDPs as a whole falls below the critical collateral ratio of 125%, then the system enters recovery mode, and any positions below 125% collateral ratio become eligible for liquidation. In exchange for repaying all of a CDP’s debt, liquidators receive a gas stipend of 0.2 stETH (which is required to be posted as a bond by each CDP when opening a position), as well as an equivalent value of CDP’s collateral plus a liquidator bonus of between 3% and 10% depending on the CDP’s collateralization ratio. If there is not enough collateral present to fully repay debt plus the minimum 3% bonus, the remaining bad debt for the CDP is redistributed to other accounts proportional to their debt size.
Historically, ETHBTC has seen limited volatility and very few severe drawdowns. Given the assets’ strong correlation, using an aggressive 110% minimum collateral ratio still offers an acceptable risk profile and protection against market crashes. Most user CDPs have significant excess collateralization which helps further reduce risk. This excess collateralization is shown in the figure below.
Block Analitica eBTC Dashboard
We also note that bad debt is in the first instance redistributed to other CDPs rather than by eBTC holders, so eBTC users are highly insulated from any failed liquidations or insolvent accounts that occur.
Technical Risk
Prior to launch, eBTC underwent several audits and security reviews, which are listed in the Github readme here. This includes an economic analysis by Risk DAO, audits by Trust and Spearbit, and security contests via Cantina and Code4rena. Any findings are listed in the reports. eBTC is also covered by a bug bounty of up to $100,000 on Immunefi, which represents roughly 1.8% of current protocol TVL. The protocol has been live for nearly 6 months without being exploited despite having multi million dollar TVL and value at risk throughout this period, which also serves as an indication of safety. Many core mechanisms of the eBTC protocol are loosely based on Liquity, which has operated since 2021 with 9 figures of TVL and no exploits; there are many material code changes with eBTC but this still offers some indication of technical robustness.
Oracle Risk
eBTC relies on price oracle feeds to determine the health of CDP positions as well as manage the redemption mechanism. The primary oracle mechanism is based on a combination of Chainlink’s stETH/ETH and ETH/BTC price feeds. Considering each feed has a sensitivity threshold of 0.5%, this implies a maximum divergence of up to 1% from live market price in normal conditions.
If the primary oracle is offline or gives bad data (based on lack of recent data updates, invalid timestamp, failing to return data, returning a zero value, or returning a value that is too far from the previous update), the protocol fails over to using a secondary oracle, which is currently set up based on the Chronicle stETHBTC feed, which features a 2% sensitivity threshold.
Chainlink and Chronicle have a long history of reliability, with no significant oracle failures or faults within the past year. The feeds are aggregated from many independent operators which limits the risk of malicious price updates or individual operator faults. There have been some instances of delayed price updates during periods of extreme market volatility and high gas prices, so it may be possible that oracle feeds could lag vs actual market prices in some circumstances, and generally this class of fault would not result in the oracle failing over from primary to secondary feed unless the primary feed had been delayed for several hours.
The type and severity of impacts from bad oracle prices depends on the direction and magnitude of the oracle vs market price divergence. If stETHBTC price is reported too high, this will allow CDP owners to take on excessive leverage. Divergences of between 7% to 10% above accurate price may lead to accumulation of bad debt when the oracle returns to normal pricing and triggers liquidations, but have less likelihood of being maliciously exploited as there is no direct profit opportunity for the minters. Premiums above 10% are likely to be exploited maliciously, as users can mint/borrow greater value of eBTC than the collateral they are forced to provide. This would continue until the protocol’s TCR reaches the critical collateral ratio of 125%, or until the price of eBTC falls enough to make CDP minting no longer instantaneously profitable (users must sell eBTC for alternative assets like stETH to realize a profit from this oracle attack).
If stETHBTC is reported too low, this can trigger unfair liquidations of CDPs and/or allow users to abuse the protocol redemption mechanism. If the discount is up to 7%, then losses will be limited to any CDPs that are directly liquidated as a result of the discrepancy, while discounts greater than 7% may push some CDPs below the 103% ICR threshold that begins to result in bad debt redistribution to other CDPs. Downward oracle divergences may also trigger the protocol’s recovery mode depending on how low the TCR falls, which can trigger additional liquidations of other CDPs.
We also note that the redemption mechanism uses the stETHBTC price to determine a fair exchange rate of eBTC for CDP collateral, so downward divergences greater than the redemption fee floor (currently 2.5%) may allow users to receive a greater value of stETH collateral than the eBTC they redeemed. We can expect that abusive redemptions would continue until redemption fee alpha (a variable fee based on recent redemption volumes) and/or eBTC market price had increased sufficiently to make the abusive redemption arbitrage no longer profitable. Losses from redemption abuses will be felt primarily on the lowest collateralized CDPs, who will effectively have their collateral sold off at an unreasonably low price.
The above figure shows the maximum percentage losses as a share of eBTC quantity minted or redeemed, based on the divergence of oracle price vs true spot price of stETH/BTC. Note that the quantity of eBTC at risk of experiencing these losses depends on the distribution of CDP collateralization ratios and liquidity depth for trading in and out of the eBTC token; generally higher initial CDP collateralization and lower eBTC liquidity will result in smaller volume of eBTC exploited.
Governance Risk
The eBTC protocol is governed by BadgerDAO. Many parts of the core protocol are immutable, but there are several key governable parameters and mechanisms. Parameters that can be adjusted by governance are identified in the eBTC whitepaper:
Most of the above parameters present very low risk even if governance was fully compromised resulting in malicious changes. Reduction in redemption fee related parameters may make the protocol more vulnerable to oracle related risks, while deactivation of redemptions could result in eBTC falling below the peg for a prolonged period. While these changes could be negative they would not result in a solvency risk for the protocol or severe risk of loss for CDP users. Excessive increases in PYS may result in eBTC trading above the peg by disincentivizing minters. But this impact is expected to be relatively minimal even in the worst case.
BadgerDAO has a greater degree of impact via control over governable system mechanisms including the oracles and extensible minting. The primary and secondary oracles can be updated by governance, with changing the primary oracle going through a longer timelock delay period due to higher risk profile. It would be possible for the protocol upgrade authority to set an arbitrary price feed that could take malicious actions against users, including liquidating or redeeming all CDPs at an unfair value.
Governance’s extensible minting permission could set an arbitrary mechanism to mint unbacked eBTC, which could allow for the theft of all liquidity paired with eBTC in DEX pools along with fully redeeming all CDPs (theft of collateral up to the face value of a CDP’s minted eBTC debt). Note that both secondary oracle and extensible minting changes go through a timelock.
Key high-risk admin controls including the secondary oracle and extensible minting are held in the Badger high security techops multisig, a Gnosis Safe multisig with 4 of 7 signing threshold.
The treasury multisig (5 of 9 threshold) controls Badger’s treasury funds, which include a key eBTC liquidity position on Uniswap v3 along with the current largest CDP. The multisig is composed of a range of members from the community and Badger Association (a core BadgerDAO service provider), with no entity or group having an outright majority of signers.
Multisigs operate pursuant to authority granted by BADGER token holders via BIPs, and have carried out their functions for several years without exploits or malicious actions. Therefore the core admin controls are deemed to be legitimate and highly reliable. However, the possibility of multisig hacks, exploits, or takeovers impacting eBTC cannot be ruled out entirely.
eBTC Price and Liquidity Risk
Currently, the protocol relies on a balance of supply from minters and demand from token holders to keep eBTC on peg. The price of eBTC is established via trading activity on secondary markets such as Uniswap and Curve. This means that currently, there is no firm guarantee that eBTC will closely track the price of Bitcoin, even if the protocol remains solvent.
eBTC has fairly robust price support on the downside via the redemption mechanism. But if there is a sudden spike in demand or contraction of supply, for example due to an ETHBTC price crash causing liquidations, this can push the price of eBTC above peg. eBTC trading above the peg can increase risk of bad debt, as liquidations become less profitable due to increasing cost of acquiring eBTC.
Risk from New Minters
Introduction of new minters for eBTC will introduce new classes of risk for the protocol and eBTC holders. Technical risks will apply to any new contracts and modules integrated into the protocol, and should be thoroughly vetted via audits and coverage in a robust bug bounty program like the rest of the protocol. The economic risks of new minters will vary depending on the underlying mechanism.
Bitcoin Stability Modules (BSMs) effectively work as a swap facility, allowing users to mint or burn eBTC in exchange for another Bitcoin denominated token. BSMs expose eBTC to centralization, custody, technical, and general credit risk of the issuer of any supported alternative BTC tokens. The degree of risk can be partially mitigated via minting limits, rate limits, fees, or other mechanisms. Prospective BTC tokens should also be carefully vetted to ensure only high quality assets are onboarded. Introduction of BSMs also has a bearing on other key economic risks to eBTC, significantly reducing price and liquidity risk factors of upward depegs discussed above, but increasing the potential damage of oracle faults by removing liquidity constraints that previously limited losses.
The other primary class of minters that may be considered in the future are direct deposit modules (DDMs) into external protocols to generate yield. Potential integration targets include lending protocols (eg. Aave), Bitcoin staking/restaking products (eg. Lombard), or BTC denominated RWA opportunities such as structured products. DDMs can deposit funds directly in eBTC, or via an external Bitcoin denominated asset that is supported in a BSM (by swapping eBTC for the other asset before making the external deposit). Each DDM must be evaluated independently as they would be subject to unique economic and technical risks. With Bitcoin yields historically fairly low across the ecosystem, it would also be important to consider if the return justifies the risk.
Note that eBTC presently only supports minting via the core CDP protocol described in earlier sections. Any additional minters would only be onboarded following public discussion and BadgerDAO governance approval.
Conclusion
As a decentralized stablecoin, eBTC faces challenges and risks similar to other protocols such as Liquity and Maker. These key risk factors include market, technical, oracle, and governance risks. While currently the protocol relies on a single minting mechanism, governance has the ability to add additional minters over time which can introduce novel risk factors and alter protocol dynamics. Overall we find that risks are well managed via robust security posture, careful parameter selection, and redundancy across key oracle and admin touchpoints. eBTC also offers a unique risk profile with potential for diversification versus alternative tokenized BTC products.
References
- Whitepaper: ebtc-purple-paper/eBTC_Protocol_-_Purple_Paper.pdf at main · Badger-Finance/ebtc-purple-paper · GitHub
- Docs: Overview | eBTC
- Web App: https://www.ebtc.finance/
- Dashboard: https://ebtc.blockanalitica.com/
- Github: eBTC · GitHub
- Forum: https://forum.badger.finance/
- Risk DAO Analysis: Reports/eBTC.pdf at main · Risk-DAO/Reports · GitHub
- Bug Bounty: eBTC Bug Bounties | Immunefi
- ETHBTC Drawdowns Data: ETHBTC Drawdowns
Disclosures
BA Labs (doing business as Block Analitica) is a paid contributor to the Badger Association, offering risk management consulting services for the eBTC protocol. Content in this report is provided for informational purposes only, and is not intended or offered as financial, investment, tax, or legal advice. Mention of assets or protocols is not an offer to sell, solicitation of an offer to buy, or recommendation to engage with any asset or protocol. Content is provided on a best-efforts, as-is, and as-available basis, without warranty of any kind, express or implied, including any warranties of accuracy, non-infringement, merchantability, and fitness for a particular purpose.
This report is provided with no rights reserved and dedicated to the public domain via CC0.
Market data updated as of 10 October 2024.