Asset Risk Assessment: Silo Finance
A look into Silo Finance and the XAI stablecoin
This research was spearheaded by @Lavi_54 and @dabar_90.
Useful links:
Protocol Wiki (Silopedia)
Formal Verification of Silo V1 (Certora)
ABDK audit report (Silo core contracts - 6 Major, 1 Moderate, and 65 Minor issues)
Quantstamp audit report (Silo core contracts - 14 issues- 0 high,5 medium, 3 low, and 6 info risks)
Oracle - price providers (Chainlink as default price provider, UniswapV3 TWAP and BalancerV2 TWAP)
Vesting Contracts (Contributors, Advisors, and Investors)
File list of 57 New Silos for deploying - for community review
Abstract
Silo is a permissionless and non-custodial lending protocol that allows the borrowing of any asset using any other asset as collateral. This is enabled through the creation of isolated (siloed) lending markets, whereby a pool consists of only three assets: The unique token plus ETH and XAI. Both ETH and the new stablecoin XAI function as bridge assets to connect individual silos.
A quick TL;DR of our findings:
Silo Finance introduces a new money market design with isolated markets (silos) for every unique token. These isolated markets are paired with the same counterpart asset called a bridge asset (ETH or XAI). Bridge assets represent concentrated liquidity bridged across all isolated markets, which facilitates the onboarding of any token, especially long-tail assets. The isolation of high-risk assets greatly reduces protocol systemic risk, while bridge assets prevent fractured liquidity and keep the protocol liquid and fluid.
Silo allows permissionless listing and parameter customization for each silo through governance. Every newly created silo needs to have a reliable price feed source and starts with default collateral factors for Loan-to-Value (LTV), Liquidation Threshold, and Liquidation Penalty.
The core smart contracts were fully audited by Quantstamp and ABDK and tested by the core team through a formal verification process using Certora Prover.
Silo recently introduced a new stablecoin named XAI, which will serve as the second bridge asset alongside ETH. XAI can be minted and burnt by the SiloDAO via governance (using Tally).
Silo has notably high levels of governance decentralization compared to most early stage protocols. All core protocol functions are managed by SILO token holders via on-chain governance.
Silo Finance - An Introduction
Siloed Lending Markets
Silo is a permissionless and non-custodial lending protocol that allows the creation of isolated (siloed) lending markets. The protocol is designed to support two types of asset categories, Unique Tokens and Bridge Assets. Unique tokens have their liquidity isolated in dedicated silos (1 silo for each token), while the bridge assets (currently ETH and XAI) are paired with every unique token across all isolated silos.
Inside an isolated market, the three assets can be used interchangeably as collateral and loan. In other words, when lending token A, one can only borrow the bridge assets against it (ETH, XAI, or both). The bridge assets can then be used as collateral in another silo, to borrow token B. Thus, one can borrow any token with any collateral, while isolating the risks related to the collateral token within one pool.
In comparison, 1st generation lending markets like Compound or Aave have all collateral in one pool (shared pool), hence the impact of exploits - e.g. through price manipulation - can be much higher. This weakness was exploited by hackers multiple times: the lending platform Cream serves as an unholy example. Other drawbacks of the original shared-pool design include limitations in listing new assets, high parameter maintenance cost, cumbersome collateral listing process, and low capital efficiency. Silo aims to improve these systemic risks and drawbacks, and unlock long-tail assets to be lent and borrowed.
(source: Twitter)
Another distinguishing factor is the permissionless listing of new collateral. According to the Silo docs (here and here), anyone can propose the addition of new asset silos to the protocol, as long as a price feed (oracle) exists. Currently, the core team offers to configure and create the on-chain votes to deploy new silos. However, there is a guide describing the process, so anyone with the right technical skills can deploy a new silo for a vote.
Shares Tokens (sTokens)
sTokens are ERC-20 tokens that represent a claim on the deposited asset. For instance, in return for depositing LINK into Silo, the lender receives sLINK. sTokens also accrue interest, depending on the interest rate per token.
When depositing tokens, Silo provides an innovative feature that allows lenders to choose whether their deposits can be borrowed by others, or whether they want to “protect” their deposits, which disables others from borrowing said assets. However, in return for protecting the token, the lender forgoes earning an interest rate. sTokens represent borrowable assets, and spTokens represent protected deposits. It’s also possible to do both for the same asset (e.g. 40% of the token is borrowable and 60% is protected). spTokens can still be used as collateral to borrow other tokens.
For bridge assets (ETH or XAI), the naming convention is slightly different, i.e. sBridge-ABC, whereby ABC represents the name of the silo that ETH or XAI is deposited into. For instance, when depositing the bridge asset ETH into the LINK silo, the lender in return receives sETH-LINK or spETH-LINK.
Debt Tokens (dTokens)
Conversely, dTokens are ERC-20 tokens representing a borrowed asset. They are minted when an asset is borrowed and burned when the loan is paid back. Unlike sTokens, dTokens cannot be transferred out of a wallet. For bridge assets, the borrowed token is represented again as dBridge-ABC (e.g. dETH-UNI).
Conclusion
In summary, Silo introduces a few innovations and a new money market primitive aiming to make lending markets less risky, while simultaneously improving market access for long-tail assets. The ability to protect tokens from borrowers can be a very interesting feature for other DAOs to deploy their tokens and borrow tokens against them.
The risk reduction, however, has one trade-off with the current design, that is borrowing at Silo can initially result in up to six transactions. A typical transaction sequence might be:
allow depositof collateral (only required the first time)depositcollateralborrowthe bridge assetallow depositof bridged asset (only required the first time)depositbridged assetborrowtarget asset
Reversing it will incur another four transactions. The image below displays an example of the Silo dashboard for depositing APE, borrowing ETH, then depositing ETH to borrow CVX.
(source: Blog)
This splits the risk for the user into two. For instance, if CVX moons to the point that the user might get liquidated, the originally deposited APE is still safe. On the other hand, this can be rather costly (especially on Ethereum mainnet), and might be a blocker for smaller accounts to use Silo as intended.
There are plans to introduce new features to improve this, but this will take more time. The introduction of XAI as a bridge asset might improve this too, as most users are typically looking to borrow stable assets. They can now do that where XAI is enabled as a bridge asset, but more on that in the next section.
The XAI Stablecoin
The Silo team has issued a new over-collateralized stablecoin with a soft peg to the US Dollar called XAI. The main use case for XAI is to serve as a second bridge token alongside ETH. Thus, enabling users to borrow XAI to bridge from token A to token B.
SiloDAO is the only entity that controls XAI. The DAO can choose to mint unlimited XAI and deposit it into any number of silos via executive proposals. The DAO can also burn XAI that is extended to any silos via governance proposals. Hence, when minting XAI into a silo, the SiloDAO effectively determines XAI’s backing, which can also be reversed by burning XAI from a silo. In the beginning, Silo will only enable XAI as a bridge asset for USDC and ETH. This strongly reduces the collateral risk of XAI.
Minting XAI
XAI is an ERC-20 token contract owned by the Silo Timelock Controller contract.
(source: Etherscan)
The Timelock Controller is controlled by SiloDAO (i.e. SILO token holders voting via Tally), who control the XAI in circulation through the mint and burn function. Timelock duration is two days (after a voting period of three days).
(source: ContractRveader XAI )
To create XAI, Silo used a set of standard smart contracts provided by OpenZeppelin (they used OZ standards for all their contracts).
Essentially, XAI works quite similarly to other decentralized stablecoins such as DAI or FRAX, which are CDPs (Collateralized Debt Positions), whereby a user mints new stablecoins when depositing collateral. As mentioned above, XAI can only be minted by the DAO. Once in a silo, XAI becomes a CDP, as users can deposit collateral and borrow XAI in return (starting at an interest rate of 0.1%). This is a new method of creating stablecoins but is quite similar to MakerDAO’s debt ceiling, whereby MKR holders decide how much DAI can be minted per collateral vault. This design helps to control risk exposure to certain collateral types.
Silo Components
Silo Protocol smart contracts have a modular design and the protocol consists of multiple components that are not upgradeable, but replaceable. Only the SiloRepository component is not upgradeable nor replaceable. Components (registries) and description of each:
SiloRepository handles the creation and configuration of silos and stores the configuration of every asset in each silo. All assets have the same default configuration that later can be customized by the contract owner. As mentioned above, the SiloRepository contract is immutable:
(source: SiloLens.sol)
Silo is the main component of the protocol that acts as a vault for assets, implementing the lending logic, managing and isolating the risk, and performing liquidations.
PriceProviderRepository manages the oracle modules and the price request routing for each silo. It can support many protocols and sources. Currently, it supports three oracle sources: Chainlink (default price provider), UniswapV3 TWAP, and BalancerV2 TWAP.
Interest Rate Model Silo Finance uses a dynamic interest rates model which is described in more detail in this Interest Rate Model paper.
Silo Router is a utility contract that can batch any number or combination of actions (Deposit, Withdraw, Borrow, Repay) and execute in a single transaction.
The permission system registry consists of three smart contracts: GuardedLaunch.sol, TwoStepOwnable.sol, and Manageable.sol
(source: Certora Formal Verification Document)
SILO Governance
The governance process follows a standard procedure of forum discussion, Snapshot vote, and finally on-chain vote. For more details visit the docs. In practice, Snapshot is mostly applied for decisions concerning expenditures of the DAO’s funds, whereas changes that affect the protocol itself are directly voted on via an on-chain proposal on Tally. The developer fund is controlled by a 2-of-3 multi-sig (owners: signer1, signer2, signer3). The owners are internally doxxed.
The screenshot below displays all governance parameters.
Notably, the voting period for proposals is three days. Plus a voting delay of two days for on-chain proposals. This is in line with best practices and seems to be a reasonable time frame. A quorum of 10M equals 5% of tokens in circulation (~180M SILO) or 1% of the max token supply (1B SILO).
The only thing that is required to participate in on-chain governance is to delegate SILO tokens to one's wallet or to a delegate. There is currently no vote-lock or staking solution in place. However, governance attacks via flash loans are prevented through the delegation mechanism, as new delegates cannot participate in votes that are already live at the time the delegate function is called. Moreover, the team expressed the intention to move to a vote-escrowed tokenomics system a while ago, however, the last update was from April 2022.
There is currently no emergency function or admin with the power to veto in case of an attack or issue. The recourse users have in the event of malicious governance action is to exit any positions within the 48 hour timelock.
Risk Vectors
Some of the risks are highlighted below.
Custody Risk
There is no direct custody risk because SiloDAO as the owner of the core contracts doesn't have the privileges to access any funds. However, two privileges can impact user funds in some ways:
setFees - The SiloDAO (as onlyOwner) can decide to set and adjust certain fees, such as borrow-entry-fees, protocol-share-fees, and liquidation-fees. These fees can affect borrowers and users when getting liquidated. Currently, those fees are not activated and are set to 0.
(source: siloRepository.sol)
setPriceProvidersRepository - The chosen oracle solution can also affect users' deposits. The DAO must ensure that to select the best oracle options for each silo.
(source: siloRepository.sol)
GuardedLaunch.sol - a contract which is part of Silo’s permission system - enables the SiloDAO (as Timelock Controller) to implement security and risk-averse functions. For instance, it allows the contract manager (onlyManager) to pause specific silos in case of an exploit. If that happens, users deposited in the paused silos are at risk of liquidation, if their collateral value decreases below the liquidation threshold, after a new start (remove pause).
(source: siloRepository.sol)
Governance Risk
As mentioned above, all changes that affect the Silo protocol and its parameters are implemented via an on-chain governance vote. These changes can include:
Deployment of new markets (silos)
Setting/adjusting silo parameters (LTV, LT, interest model, price feed)
Minting/redeeming XAI
Turning on/off fees
Deploying new bridge assets
and even increasing the supply of SILO tokens
In summary, governance has extensive and very far-reaching powers over Silo. Hence, the question arises “how likely is it that a malicious party can obtain a majority voting influence to instigate harmful changes to the protocol” (e.g. mint infinite XAI)?
For this to happen, the party would need to accrue a substantial amount of SILO tokens (or get voting power delegated). Presuming that the core team and SILO investors only vote in the best interest of the DAO, the answer is: The chances of success are rather low since the team has quite a strong token position (see chart below). However, in case a malicious governance proposal should pass successfully, the only recourse to users is the two-day timelock. There is currently no privileged actor that can veto a malicious proposal. The chart below shows the voting power of all delegators. It’s important to note that to participate in on-chain voting, one has to delegate SILO to one's wallet or to another delegate.
(source: Boardroom - Delegates Voting Power Distribution)
As seen in the chart, the top three delegates control 51.2% of the overall voting power that is currently eligible to vote. This is quite a high concentration of power (basically a Nakamoto coefficient of 3). With a bit of forensics on etherscan, using the vested token overview, it becomes clear that the address with the most delegated voting power is controlled by the founding team. The same is true for ranks 4 (6.3%), 7 (4.6%), and 10 (2.9%), adding up to at least 40% of the voting power that is currently controlled by the core team. The second and third largest delegates seem to be whales and the rest are investors and community members.
This does not come as a surprise, given that the founding team will receive 27% of all tokens in circulation (vested over 3 years) according to the vesting schedule [side note: the team allocation as stated in their docs is only 21.75%, that’s 5.25% lower than the actual allocation. Those 52.5M tokens are currently sitting in a vesting contract untouched].
In summary, the team has by far the largest allocation. All other stakeholder groups don’t even come close, even all investors combined only achieve 6.3% voting power. Two whales currently also hold significant voting power, however, it still leads to the conclusion that SiloDAO is highly influenced by the core team. There are plans to dilute the team share via a veSILO tokenomics issuance scheme. However, until this becomes a reality, there is a large trust factor put onto the Silo core team - who is partially doxxed. In addition, they managed to attract well-known investors and advisors, which adds to the credibility of the team.
Smart Contract Risk
Useful links:
Silo has undergone two audits by ABDK and Quantstamp, and has tested the smart contracts against formal verification rules with Certora. This process revealed a few critical vulnerabilities that the team was able to resolve. There is also a $100k bug bounty program live on Immunefi. Overall, Silo appears to take security seriously and has taken the necessary measures to circumvent vulnerabilities. However, both audits were limited to Silo’s lending platform before XAI was introduced. It can be argued that XAI is a standard mint/burn contract controlled by the DAO that doesn’t need an audit, however, it must be highlighted nonetheless as a potential risk.
Depeg Risk
XAI is a new stablecoin. There is no historic data about its price stability or behavior during highly volatile market conditions. We can, however, presume that Silo has and will implement all the right measures to ensure XAI’s stability.
As with other stablecoins, keeping the peg depends on a few key factors:
The underlying collateral needs to be fit for purpose (i.e. highly volatile collateral increases the risk of default and the risk of liquidations)
For the market to absorb liquidations, as well as arbitrage to keep the peg, both the stablecoin and the collateral asset need to have deep enough liquidity
The protocol can support price stability via parameter adjustments
Ideally, the protocol has some fallback solution in case of a black swan event
We’ll discuss the collateral risk (1) in more detail in the next section. The other stabilization mechanisms highlighted above are mostly covered:
XAI is an over-collateralized stablecoin. At first only USDC and ETH will serve as collateral for XAI. As the usage of XAI expands to other pools, this will change and XAI can be backed by more volatile assets too
Arbitrage possibilities are given and liquidity in the open market will be seeded by the DAO and incentivized through CVX gauges (see proposal)
The DAO influences XAI via parameter adjustments, such as borrow rate, adding/removing collateral, increasing/decreasing XAI availability
The only measure that is missing is a concrete fallback solution that the DAO can execute in case things go south (e.g. use SILO as a backup to stabilize the stablecoin). However, this can also come at a later stage, once XAI has achieved some product market fit.
The last thing to highlight related to stability is that Silo’s TVL is currently around ~$2.6M (as of November 14, 2022). However, most of that TVL was seeded by the DAO itself. There needs to be significant growth in TVL to enable sufficient backing of a stablecoin that aims to facilitate bridging between 60+ assets (10 assets are already live and 57 assets will be added soon). While there are plans to incentivize liquidity for XAI, there is currently no plan presented that defines anything specific about how the DAO plans to attract more TVL for its long-tail asset silos (a potential veTokenomics discussion seems to be stuck).
Collateral Risk
In the beginning, the only collateral enabled to borrow XAI will be USDC and ETH. Thus, eliminating other risks that come with long tail assets (e.g., low asset liquidity, high price volatility, depeg of the collateral, etc.).
Both ETH and USDC are quality assets with more than enough liquidity to offset potential liquidations. Even when XAI will be enabled as a bridge asset for more silos, the collateral risk is limited only to those isolated markets.
We currently don’t see any risks related to collateral, however, anyone can propose to add new credit lines. Credit lines describe the process of allowing silos to use XAI as a bridge asset. While new credit lines need to be approved by governance first, this process can change the composition of XAI’s backing. Potential risks occur in cases where XAI supports illiquid and highly volatile assets. Hence, we recommend that each credit line and silo addition be carefully considered. Silo should also think about installing or incentivizing more detailed risk assessments for each collateral. A bad debt dashboard (as provided by RiskDAO for instance), is another option to better inform users about the health of individual silos.
XAI as Collateral Risk
Silo also aims to enable XAI as collateral within the protocol. As highlighted above, for XAI to become a low-risk collateral, there needs to be enough liquidity in the open market. This will help to facilitate potential liquidations and arbitrage, which is needed to support XAI’s stability.
The team is working on two initiatives that will ensure the initial provisions of adequate liquidity. First, seeding the initial USDC silo with $1.875M USDC to mint $1.5M XAI. Deposit the minted $1.5M XAI plus an additional $1.5M USDC into a Uniswap V3 pool. The Uni pool is only temporary to ensure smooth liquidations. Once Silo’s own liquidation engine is able to support Curve pools, they will migrate liquidity to the XAI/FRAXBP pool. However, this might take a few weeks to finalize. And secondly, Silo will use 130k of their own vlCVX to vote for incentivization of their pool. Hence, we believe there will be enough liquidity for the early stage of XAI.
Discussion and Conclusion
Is it possible for a single entity to rug its users?
No, SiloDAO does not have access to user funds and cannot touch users' collateral. It can, however, mint XAI to silos or redeem the minted XAI that is not borrowed. The DAO also controls the interest rates, LTV, and other parameters of XAI. Thus, playing a vital role in ensuring the price stability of XAI. It’s also worth reiterating that the core team has a strong influence over the DAO, given their large token allocation.
If the team vanishes, can the project continue?
Yes, Silo is managed via governance votes. Even if the team would disappear to the Bahamas, anyone with SILO tokens could still operate the protocol (i.e. adding/removing silos, minting/redeeming XAI, changing parameters, etc.).
The developer fund on the other hand - which contains most of the DAO’s funds - would probably not be accessible any longer, as it’s controlled by a 2-of-3 multisig belonging to the team.
Do audits reveal any concerning signs?
Yes, but the team was able to remove them. The issues were discovered in a formal verification process with Certora Proven, the team discovered 2 high and 3 medium severity issues The audit report of ABDK found 6 major, 1 moderate, and 65 minor issues, and the Quantstamp audit report recorded 14 issues: 0 high, 5 medium, 3 low and 6 info risks. Again all issues were resolved.
Summary
Silo Finance has introduced some innovative new primitives that are mostly targeted toward the more risk-aware DeFi users. In general, we gained the impression that Silo is very focused on reducing risks and increasing security where possible.
Silo is still in an early stage, the beta version of its siloed lending market only went live at the end of August 2022. And the stablecoin XAI is just about to be created as we write this report. Even though adoption is still low, Silo has a promising use case and a great setup to be successful. Another promising sign is that Silo has already implemented on-chain governance. Thus, SILO voters are already in control. Even though voting power is rather centralized around the team, it is great to see a protocol implementing decentralized governance early on.
Although the basics look promising, Silo still has to prove its use cases and grow significantly to achieve its goals. As of today, the lending platform has very little organic TVL or borrowing volume.
As already mentioned, we did not find any concerning signs related to Silo's security or anything that’d indicate the potential for a rug pull. The team is partially doxxed and they managed to bring on board some well-known advisors and investors, adding to Silo's credibility. One factor that would increase Silo’s credibility further, however, is a more decentralized distribution of governance influence.
Sources
Protocol Wiki (Silopedia)
Formal Verification of Silo V1 (Certora)
ABDK audit report (Silo core contracts - 6 Major, 1 Moderate, and 65 Minor issues)
Quantstamp audit report (Silo core contracts - 14 issues- 0 high,5 medium, 3 low, and 6 info risks)
Oracle - price providers (Chainlink as default price provider, UniswapV3 TWAP and BalancerV2 TWAP)
Development Fund Multisig (2-out-of-3)
Vesting Contracts (Contributors, Advisors, and Investors)
File list of 57 New Silos for deploying - for community review