EigenLayer Restaking Risks and Best Practices
TechFlow Selected TechFlow Selected
EigenLayer Restaking Risks and Best Practices
This article helps everyone better manage the corresponding risks while enjoying the returns.
Navigating Web3 tides with focused insightsWith the rising popularity of restaking, numerous restaking projects based on EigenLayer have emerged in the market. Restaking aims to share users' staked positions with other protocols by leveraging Ethereum Beacon chain's shared trust layer, enabling users to earn additional yields while allowing these protocols to benefit from consensus security equivalent to that of the ETH Beacon layer.
To help users better understand the interaction risks among different restaking projects, the Cobo Security Team conducted research on mainstream restaking protocols and leading LST (Liquid Staking Token) assets in the market, analyzing their associated risks so that users can enjoy potential returns while effectively managing corresponding risks.
-
Note: Conclusions listed by the Cobo Security Team are based on information available up to 00:00 UTC, February 5, 2024.
Risk Overview
Currently, most restaking protocols in the market are built upon EigenLayer. For users, participating in restaking exposes them to the following risks:
Smart Contract Risk
-
Participating in restaking requires interaction with project-specific smart contracts, exposing users to potential contract exploits;
-
Funds from projects built on EigenLayer ultimately reside within EigenLayer’s protocol contracts; if EigenLayer’s contracts are compromised, funds across dependent projects may also be at risk;
-
EigenLayer supports two types of restaking: native ETH restaking and LST restaking. In LST restaking, funds are directly held in EigenLayer contracts. However, for native ETH restaking, funds remain secured within the ETH Beacon Chain. This means users engaging in LST restaking face higher exposure to potential losses should EigenLayer’s contracts be exploited;
-
Project teams often hold high-risk privileges—such as admin controls—that could potentially allow misuse or unauthorized movement of user funds under certain conditions.
LST Risk
-
LST tokens carry the risk of de-pegging, or losing value due to contract upgrades or exploits, which may lead to valuation discrepancies and financial loss.
Withdrawal Risk
-
Currently, apart from EigenLayer, most mainstream restaking protocols do not support withdrawals. If a project fails to implement withdrawal functionality via future contract upgrades, users may permanently lose access to their principal and must rely solely on secondary markets for liquidity exit.
Based on the above risk points, the Cobo Security Team systematically reviewed several major restaking protocols currently available in the market. Key findings include:
-
Low project maturity: Most projects have not yet implemented full withdrawal logic;
-
Centralization risk: User assets are ultimately controlled by multi-signature wallets, giving project teams potential Rug Pull capabilities;
-
Given point two, internal malice or loss of multi-sig private keys could result in irreversible asset loss.
To present the results more clearly, the Cobo Security Team has categorized and summarized its findings for easy reference, as shown below:
Since EigenLayer serves as the foundation for all projects, beyond what is listed in the table, users should also note the following:
-
The version of EigenLayer currently deployed on mainnet does not fully implement all features outlined in its whitepaper (e.g., AVS, slashing). The slashing mechanism only includes interface implementation without complete underlying logic. According to the codebase, slashing is currently triggered via the owner of the StrategyManager contract (i.e., project admin), indicating a highly centralized execution model;
-
During native ETH restaking with EigenLayer, users must deploy an EigenPod contract for fund management and independently run a Beacon Chain node, thereby assuming responsibility for potential Beacon Chain slashing penalties. Users are advised to choose reliable node service providers when performing native ETH restaking. Additionally, since ETH remains locked in the Beacon Chain, withdrawing funds requires not only user initiation but also cooperation from the node operator to initiate the withdrawal process—meaning both parties must agree to complete the exit;
-
Given that EigenLayer has not yet fully implemented AVS and slashing mechanisms, the Cobo Security Team advises users against enabling the delegate function within EigenLayer unless they fully understand the associated risks, as doing so may lead to potential financial loss.
In addition, through code review, the team identified certain code-level vulnerabilities in some projects that could impact user fund security. Upon discovery, Cobo promptly communicated with the respective project teams. Below are some identified issues and responses:
EigenPie
-
All current protocol contracts are upgradeable, with upgrade authority managed via a 3/6 Gnosis Safe. However, the upgrade permissions for MLRT token contracts tied to cbETH, ethX, and ankrETH are held by EOA addresses.
Cobo had contacted the Eigenpie team before publication; the project responded that it would transfer upgrade rights for all MLRT token contracts to a multi-sig wallet within 24 hours.
KelpDAO
-
During deposit processing, calculating user shares requires determining rsETH price, which relies on manually updated oracle feeds. Except for stETH, each token uses its own share price as the pricing source. stETH is assumed to maintain a fixed 1:1 ratio. When stETH trades at a discount on secondary markets, this creates arbitrage opportunities during deposits.
KelpDAO responded on February 5th stating that the Lido contract defines 1 stETH = 1 ETH. Since KelpDAO currently does not support withdrawals, arbitrageurs cannot exploit this discrepancy. The team plans to introduce a circuit breaker mechanism upon launching withdrawals, comparing stETH’s market price against its contract price and applying safeguards when significant deviations occur.
Renzo
-
The OperatorDelegator module routes protocol funds into EigenLayer according to specified allocation ratios. However, during configuration, the protocol does not validate whether the sum of OperatorDelegator allocations exceeds 100%, potentially resulting in configurations like OperatorDelegator-1 (70%) and OperatorDelegator-2 (70%). This primarily affects withdrawal operations. As withdrawal logic is incomplete, the exact impact on principal cannot yet be assessed.
The Renzo team stated that in such cases, funds might be incorrectly routed to or withdrawn from unintended OperatorDelegator contracts. While this technical issue may cause mismatches in expected operator allocations, it does not affect total value locked (TVL) calculations or overall fund security. The team plans to resolve this issue in a future contract upgrade.
Beyond protocol-level risks, LST-related risks in restaking cannot be overlooked. The Cobo Security Team also evaluated major LST tokens in the market and summarizes the findings below:
How to Effectively Reduce Risks When Participating in Restaking?
Restaking is an emerging concept that has not yet undergone sufficient real-world testing at either the contract or protocol level. Beyond the known risks outlined above, unknown risks may still exist. Is there a relatively safe best-practice guide to minimize risks during interactions?
Based on current research findings, the Cobo Security Team has compiled a relatively secure interaction pathway for users.
Fund Allocation
For users deploying large capital into restaking, direct participation in EigenLayer’s native ETH restaking is a solid choice. With native ETH restaking, deposited ETH is not held in EigenLayer contracts but rather secured within the Beacon Chain. Even in the worst-case scenario of a contract exploit, attackers cannot immediately access user funds.
For users who wish to commit large amounts but prefer shorter redemption times, using stETH as the participation asset to enter EigenLayer directly offers a more balanced approach.
Users seeking additional yield can allocate a portion of their funds—based on individual risk tolerance—to projects built on EigenLayer such as Puffer, KelpDAO, Eigenpie, and Renzo. However, it should be noted that none of these projects currently support withdrawal functionality. Participants must carefully consider exit strategies and evaluate the secondary market liquidity of relevant LRTs before investing.
Monitoring Configuration
All projects listed in this report possess contract upgrade and pause capabilities, and project-controlled multisigs can execute high-risk operations. Advanced users are encouraged to set up monitoring systems to track contract upgrades and sensitive administrative actions.
Additionally, teams and users planning to stake ETH may leverage Cobo Argus—an automated bot for Safe multisig wallets—to configure conditional triggers and single-signer authorizations. These can automate deposits into EigenLayer and various restaking protocols based on metrics such as pool TVL changes, ETH price volatility, and whale activity.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
Cobo
