Chaos Labs monitors all restaking protocols utilized by ether.fi and helps identify risks to ensure a safer, more resilient restaking ecosystem for all stakeholders. Following a risk analysis of EigenLayer and Symbiotic, we are now extending our analysis to Karak. Please note that each protocol uses a different term for the services running on them. Eigenlayer refers to Actively Validated Service (AVS), Symbiotic to Networks and Karak to Distributed Secure Service (DSS).
Introduction
The Karak protocol aims to provide a standardized restaking platform and toolkit specifically designed for developers to build new decentralized services, called Distributed Secure Service (DSS), on top of its protocol. Its core design aims to be both asset- and chain-agnostic, allowing restaking of various assets, including those from different blockchains. Karak’s infrastructure includes its own Layer 2 solution called K2, which serves as a cost-efficient testing environment for Distributed Secure Services across chains. Additionally, it offers KUDA, an aggregator of data availability solutions, simplifying the process for rollups to integrate with various DA layers.
Karak in the Restaking Landscape
The first restaking protocol, Eigenlayer currently holds $10B in TVL, mostly comprised of natively staked ETH (over 70%), with the rest being LSTs led by stETH and mETH. In August, the protocol announced that any ERC-20 token could be permissionlessly added as a restakable asset. So far, the only other ERC-20 token restaked is EIGEN.
The second biggest restaking protocol, Symbiotic launched with a different approach, accepting not just LSTs and ERC-20 tokens, but also stablecoins and wBTC. It currently has $1.56B in TVL, mainly comprised of LSTs.
Karak expands its list of accepted assets to include both LRTs and Pendle PT Tokens. Since launch, it has accumulated a TVL of $461 million, with LRTs comprising the largest portion at 61.5%, followed by LSTs and stablecoins. The protocol is also advancing toward a cross-chain compatible model, allowing services to natively access its restaking infrastructure across various blockchains.
Deposits and Stake Delegation
In Karak, stakers deposit assets into vaults, each dedicated to a single asset type and managed by a specific operator. Karak allows stakers to deposit into multiple vaults managed by different operators, unlike EigenLayer, where a staker can delegate their stake to only one operator at a time.
Karak’s vault structure resembles that of Symbiotic. The key difference is that, with Karak, each vault is owned and managed by an operator. In contrast, Symbiotic’s vaults are not tied to individual node operators or specific asset types and can be set up by operators, services, or entities like LST protocols or DAOs. On Karak, vaults can either utilize the default ERC-4626 implementation or a customized version, managing basic restaking functions such as tracking deposits and withdrawals of underlying assets. With Karak, core restaking operations—such as reward calculations and the enforcement of slashing conditions—are managed by the service rather than the vault. In contrast, Symbiotic networks define slashing conditions and initiate the slashing process, while each vault implements customized configurations for stake delegation and slashing execution. This approach enables vault-specific restaking arrangements, allowing operators and entities to tailor vaults to their unique preferences and risk tolerances.
In Karak, delegation to services occurs through the operator. The operator registers their vault with a specific DSS, granting the DSS rights to the vault and the assets delegated within it. The entire vault is committed to that DSS as a single unit of stake and cannot be divided. The DSS then sets limits on the amount of assets that can be delegated from within a specific vault. The core idea is that DSSs, by controlling the assets they manage, can develop more sustainable economic models aligned with their security needs. While Operators can register the same vault with multiple services, leveraging their assets across various services, the protocol grants services final authority to manage risks associated with operators by allowing them to jail operators if needed. Jailing can occur for various reasons—one example is if an operator has overextended their stake across too many services, beyond what the DSS considers acceptable. Consequences of jailing can range from withholding rewards to suspending the operator’s activities and enforcing the removal of their stake from the DSS.
Eigenlayer has similarly aimed to enhance control and security for AVSs with its newly introduced Security Model. Under this model, AVSs create defined Operator Sets, which operators must request to join. Each Operator Set specifies particular tasks, reward structures, and slashing conditions, allowing AVSs granular control over their security requirements. While this model doesn’t allow AVSs to suspend operators as on Karak, it introduces the concept of Unique Stake, which is assets exclusively staked to a particular AVS. This minimizes the risk of cascading slashing effects across the protocol, thereby bolstering individual AVS security. On Symbiotic, on the other hand, delegation to services and reuse of stake are governed by each vault’s configuration.
Rewards and Staking
In Karak, each DSS fully defines its reward structure and distribution, independent of the core protocol. This flexibility allows each DSS to implement custom reward schemes to promote desired operator behaviors, such as paying rewards per specific task or asset type. Similarly, each DSS sets its own slashing conditions and maximum slashable percentage for delegated vaults, which the core protocol enforces based on these parameters. When a DSS requests slashing, the Karak core protocol validates the request via a veto committee, which currently is not defined in great detail. Once validated, the slashing is handled asset-specific. This could include actions like unwinding LP tokens to their underlying assets and then burn those or introduce additional insurance mechanism. Additionally, DSSs have extended control over penalizing operators through a jailing mechanism, beyond slashing alone.
With its new security module, EigenLayer aims to introduce a more nuanced approach to slashing mechanisms. In this model, it is the operators not the services, who designate a portion of their stake that can be exclusively slashed by an AVS. Slashing is intended to occur within a single Operator Set at a time. Similar to Karak, AVSs in EigenLayer set their own slashing criteria and enforce them through smart contracts that interact directly with EigenLayer’s core, adjusting operator and staker balances as needed. This new model also proposes eliminating the veto committee.
In contrast, Symbiotic allows networks to submit slashing requests for individual operators, but enforcement occurs within the vault that originally received the stake. The vault’s configuration determines whether slashing happens immediately or follows a veto-based process, and it may designate a resolver to intervene when necessary.
Withdrawals
At the core protocol level, Karak allows stakers to redeem their stake through a protocol-wide, 9-day withdrawal queue designed to prevent front-running a slashing event. This period includes a 7-day withdrawal window, during which the stake remains slashable, followed by a veto window in which a committee can confirm or challenge any slashing action. Each DSS, however, can implement its own unstaking logic, potentially incorporating internal validations or additional queuing mechanisms. Karak also supports partial stake withdrawals.
In comparison, Karak’s 9-day withdrawal queue is slightly longer than Eigenlayer’s, which has a 7-day withdrawal period. In contrast, Symbiotic does not enforce a protocol-wide withdrawal period; instead, withdrawals are managed individually by each vault.
Risk Considerations
We now consult the risk considerations from our previous analysis and extend them to include Karak and recent developments in EigenLayer.
| Factor | Karak | Eigenlayer | Symbiotic |
|---|---|---|---|
| Multl-Asset Restaking | Allowing multiple asset types in restaking adds complexity to collateral risk management. ERC-20 tokens carry risks such as volatility, depegging, governance issues, and oracle vulnerabilities. Accepting assets like LP tokens, LRTs, and Pendle tokens further expands Karak’s attack surface, as any failure in an asset, yield mechanism, or associated protocol could impact the broader system. For example, incorporating LRTs introduces dependencies on external restaking protocols, linking Karak’s stability and security to their performance and the slashing events in those services. Karak’s vault setups allow DSSs to mitigate risk by carefully managing exposure to various asset types. However, stakers rely on each DSS to make diligent choices about which restaking assets to accept and diversify across different asset types. | Permissionless ERC-20 token support increases collateral asset risks, exposing the protocol and its stakeholders to vulnerabilities like oracle risk, stablecoin depegging, and governance attacks. Additionally, permissionless support may include long-tail tokens, which are more susceptible to manipulation. However, the introduction of Operator Sets helps contain and isolate risks specific to each asset. | Symbiotic faces similar risks with its multi-asset approach, currently maintaining high exposure to LST protocols and their derivatives. This increases vulnerability to liquidity risks, potential depegging of these assets, and dependencies on other DeFi protocols where these LSTs are utilized. However, stakers have greater control, as they can select vaults with different collateral compositions, allowing them to choose the asset types they co-stake with |
| Deposits and Stake Delegation | Stakers can deposit assets into multiple vaults managed by operators registered with different DSSs. This diversification spreads risk across various services, reducing the likelihood that a single DSS failure or malicious actor will significantly impact a staker’s overall returns. Once assets are deposited into a vault, stakers have limited control over them and must rely on the operator’s management. Leaving an operator requires a withdrawal period, which comes at the cost of potential revenue. DSSs can tailor capital management by setting asset limits and applying reward structures that align with their specific service needs, supporting the service’s long-term viability. Sustainable DSS models are likely to offer higher rewards for operators and stakers. However, varying and potentially fluctuating reward structures may lead to unpredictable returns for vaults, making it challenging for stakers to accurately forecast expected rewards. The jailing mechanism allows DSSs to manage leveraged stake and maintain network security and stability. However, its implementation details will require close monitoring to ensure fairness and effectiveness. | EigenLayer’s all-or-nothing model for delegating to node operators is less flexible, as it limits the ability to balance restake allocations across operators. This may reduce competition among operators, potentially leading to lower rewards for stakers and higher fees for AVSs. Within an Operator Set, rewards and slashing are tied to specific assets and tasks, providing stakers with transparency into the portion of their staked funds each Operator Set can slash. This setup offers stakers greater insight and predictability regarding potential risk and risk-adjusted returns. | Allowing stakers, node operators, and networks to opt into multiple vaults enables more effective risk management. Stakers, in particular, gain greater control over their restaking setup, reducing reliance on individual operators. Each vault can support multiple operators, reducing stakers’ dependency on a single operator and mitigating the risk of stake concentration around specific node operators. |
| Rewards and Staking | Each DSS can customize its slashing rules based on specific asset types and operators, providing flexibility in risk management and more granular control over slashing within the service. Since slashing is confined to the assets within a particular vault, this tailored risk management approach can ultimately enhance the protocol’s overall performance DSSs offering low-risk tasks with minimal slashing potential typically provide lower rewards, appealing to low-risk-tolerant stakers. Conversely, stakers seeking higher returns might opt for higher-risk DSSs. This flexibility allows users to tailor reward schemes and select their risk-adjusted returns. Karak implements a Veto Committee, though little information is currently available about its structure. This committee requires monitoring, as it may introduce a centralized element into the protocol. The DSS’s ability to ‘jail’ an operator provides more options for penalizing operators beyond slashing, which could ultimately enhance staker returns. However, it also introduces potential risks of abuse. Without clear, transparent, and auditable criteria, DSSs could target operators based on ambiguous or unverifiable factors, potentially undermining protocol stability. Slashed assets with complex token structures may require unwinding before liquidation. Unwinding different asset types can be complex and costly and include market price element. During time taken for the unwinding process could lead to price decrease, impermanent loss, or other. This can for once, delay the withdrawal process for stakers but also make the ultimate return for a staker after a slash highly unpredictable. | Unique Stake would enable operators to actively manage their risk exposure by allocating different percentages of their stake to various AVSs based on each service’s risk profile. This indirectly benefits stakers, though they remain tied to choice of the operator they support. Additionally, Unique Stake isolates slashing risk to a specific AVS and its Operator Set, reducing the chance of extensive losses from isolated incidents of operator misconduct. The new model also removes the veto committee, decentralizing the slashing process and reducing delays and potential conflicts associated with centralized slashing governance. | Symbiotic vaults control their own slashing mechanisms, allowing stakers to manage their slashing-related risk preferences by switching vaults rather than switching operators, as in other protocols. If a network encounters a critical security issue, the impact is limited to the collateral delegated to that specific network within the vault. This structure minimizes cross-slashing risk, keeping the vault’s overall operations largely unaffected. |
| Withdrawals | Stakers can partially withdraw their stake, allowing them to manage risk exposure more effectively. The asynchronous nature of the withdrawal actions and the possible need for a queue within a DSS mean that there is not a simple and clear response to determine how long a staker will need to wait. This risk should be carefully managed within the LRT AVS allocation strategy. | During the withdrawal delay, funds are locked and unavailable for other uses, creating opportunity costs for stakers. T Assets remain vulnerable to slashing if the operator misbehaves during the withdrawal queue, even after a withdrawal has been initiated. Additionally, stake value is subject to price fluctuations while in the withdrawal queue. EigenLayer governance oversees parameters related to withdrawal periods, which may introduce governance risk. | Each vault sets its own withdrawal period, enabling stakers to select the setup that best suits their needs, improving fund accessibility and reducing illiquidity. However, during the withdrawal period, access to funds is delayed, resulting in opportunity costs. Assets are also exposed to slashing risks and potential price fluctuations during this time. Stakers can withdraw a portion of their stake without fully exiting the vault, allowing for more flexible liquidity and risk management |
Disclaimer
This analysis is based on a best-effort review of publicly available information as of 11/20/2024. Given the rapidly evolving nature of the sector, the relevance and accuracy of the analysis may change over time. We are not responsible or liable for any inaccuracies, omissions, or outdated information that may result from changes in the industry or new developments. Readers are advised to conduct their own research and seek professional advice as necessary.