Search

Search for projects by name

dYdX v3 logodYdX v3

This project is archived.
dYdX v3 shut down on October 28th and is currently processing withdrawals in escape-hatch mode. Read more or use the escape-hatch.

Badges

About

dYdX v3 aims to build a powerful and professional exchange for trading crypto assets where users can truly own their trades and, eventually, the exchange itself.


Value secured
$34.75 M0.06%
Canonically Bridged
$34.75 M
Externally Bridged
$0.00
Natively Minted
$0.00

  • Tokens
  • Daily UOPS
    No data
  • 30D ops count
    No data

  • Stage
    Stage 1
  • Type
    ZK Rollup
  • Purpose
    Exchange
  • Sequencer failureState validationData availabilityExit windowProposer failure

    Badges

    About

    dYdX v3 aims to build a powerful and professional exchange for trading crypto assets where users can truly own their trades and, eventually, the exchange itself.

    Value Secured
    Canonical
    External
    Native
    Activity
    dYdX v3
    Ethereum
    Onchain costs
    Calldata
    Blobs
    Compute
    Overhead
    Milestones & Incidents

    dYdX v4 announcement

    2022 Jun 22nd

    dYdX V4 will be developed as a standalone blockchain based on the Cosmos SDK.

    Learn more

    dYdX Foundation

    2021 Aug 3rd

    Independent foundation was created to participate in the Protocol governance.

    Learn more
    Risk summary
    This page describes dYdX v3, which is an L2 built on Ethereum. Recently deployed dYdX v4 is a separate blockchain based on Cosmos SDK, unrelated to Ethereum and is using different technology. No information on this page applies to dYdX v4.
    Risk analysis
    This page describes dYdX v3, which is an L2 built on Ethereum. Recently deployed dYdX v4 is a separate blockchain based on Cosmos SDK, unrelated to Ethereum and is using different technology. No information on this page applies to dYdX v4.
    Sequencer failureState validationData availabilityExit windowProposer failure

    Sequencer failure

    Force via L1

    Users can force the sequencer to include a trade or a withdrawal transaction by submitting a request through L1. If the sequencer censors or is down for 14d, users can use the exit hatch to withdraw their funds. Users are required to find a counterparty for the trade by out of system means.

    State validation

    ZK proofs (ST)

    STARKs are zero knowledge proofs that ensure state correctness.

    Data availability

    Onchain

    All of the data needed for proof construction is published on Ethereum L1.

    Exit window

    9d

    There is a 9d exit window (or 2d if shortened by the Priority Controller).

    Proposer failure

    Use escape hatch

    Users are able to trustlessly exit by submitting a Merkle proof of funds. Positions will be closed using the average price from the last batch state update.

    Rollup stage
    dYdX v3dYdX v3 is a
    Stage 1
    ZK Rollup.

    Learn more about Rollup stages
    Please keep in mind that these stages do not reflect rollup security, this is an opinionated assessment of rollup maturity based on subjective criteria, created with a goal of incentivizing projects to push toward better decentralization. Each team may have taken different paths to achieve this goal.
    Technology

    Validity proofs ensure state correctness

    Each update to the system state must be accompanied by a ZK proof that ensures that the new state was derived by correctly applying a series of valid user transactions to the previous state. These proofs are then verified on Ethereum by a smart contract. The system state is represented using Merkle roots.

    1. Enforcing Consistency on the On-Chain State - StarkEx documentation
    2. UpdatePerpetualState.sol#L125 - Etherscan source code, verifyFact function call

    Zero knowledge STARK cryptography is used

    Despite their production use zkSTARKs proof systems are still relatively new, complex and they rely on the proper implementation of the polynomial constraints used to check validity of the Execution Trace.

    • Funds can be lost if the proof system is implemented incorrectly.

    1. STARK Core Engine Deep Dive

    All data required for proofs is published on chain

    All the relevant data that is used to recover the balances Merkle Tree is published onchain as calldata. This includes, in addition to the proven new state, the complete list of differences of the users’ balances from the previous state.

    1. Data Availability Modes - StarkEx documentation
    2. ZK Rollup - StarkEx documentation
    3. UpdatePerpetualState.sol#L82 - Etherscan source code, updateState function
    State derivation
    Node software

    State can be independently derived from data (state updates) published on Ethereum by running an open-source StarkEx Explorer. The explorer, once fully synced, provides UI interface to perform forced actions, trigger rollup freeze and withdraw funds using escape hatch.

    Compression scheme

    No compression is used, state updates and other metadata are simply serialized for L1

    Genesis state

    There is no genesis file for dYdX. By default, all accounts were empty at the beginning.

    Data format

    dYdX doesn’t publish transactions. Balances of user positions are stored in a Merkle Tree and updates to that tree are published on Ethereum, together with Merkle Root and a ZK proof. Deserialization of that data is implemented here. Generating Merkle Proof is implemented here.

    Operator

    The system has a centralized operator

    The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system. Typically, the Operator is the hot wallet of the StarkEx service submitting state updates for which proofs have been already submitted and verified.

    • MEV can be extracted if the operator exploits their centralized position and frontruns user transactions.

    1. Operator - StarkEx documentation
    2. Operator.sol#L42 - Etherscan source code, onlyOperator modifier

    Users can force exit the system

    Force exit allows the users to escape censorship by withdrawing their funds. The system allows users to force the withdrawal of funds by submitting a request directly to the contract onchain. The request must be served within 14d. If this does not happen, the system will halt regular operation and permit trustless withdrawal of funds. Perpetual positions can also be force closed before withdrawing, however this requires the user to find the counterparty for the trade themselves.

    • Users can be censored if the operator refuses to include their transactions. However, there exists a mechanism to independently exit the system.

    • Funds can be lost if the user is unable to find the counterparty for the force trade.

    1. Censorship Prevention - StarkEx documentation
    2. Forced Trade - StarkEx documentation
    3. ForcedTrades.sol#L46 - Etherscan source code, forcedTradeRequest function
    4. ForcedWithdrawals.sol#L32 - Etherscan source code, forcedWithdrawalRequest function
    Withdrawals

    Regular exit

    The user initiates the withdrawal by submitting a regular transaction on this chain. When the block containing that transaction is proven the funds become available for withdrawal on L1. Finally the user submits an L1 transaction to claim the funds. This transaction does not require a merkle proof.

    1. Withdrawal - StarkEx documentation

    Forced exit

    If the user experiences censorship from the operator with regular exit they can submit their withdrawal requests directly on L1. The system is then obliged to service this request. Once the force operation is submitted and if the request is serviced, the operation follows the flow of a regular exit.

    1. Forced Operations - StarkEx documentation
    2. Forced Withdrawal - StarkEx documentation
    3. Forced Trade - StarkEx documentation

    Emergency exit

    If the enough time deadline passes and the forced exit is still ignored the user can put the system into a frozen state, disallowing further state updates. In that case everybody can withdraw by submitting a merkle proof of their funds with their L1 transaction.

    1. Forced Operations - StarkEx documentation
    2. Forced Withdrawal - StarkEx documentation
    3. Forced Trade - StarkEx documentation
    Permissions

    The system uses the following set of permissioned addresses:

    Operators 0x8129…390a

    Allowed to update state of the rollup. When Operator is down the state cannot be updated.

    Rollup Admin 0x7E9B…18D2

    Controlled by dYdX Governance. Defines rules of governance via the dYdX token. Can upgrade implementation of the rollup, potentially gaining access to all funds stored in the bridge. Currently there is 9d delay before the upgrade.

    1. Rollup Admin documentation
    Rollup Priority Controller 0xDC7e…B2c0

    Can decrease the delay required for the Rollup upgrade to 2d.

    1. dYdX governance documentation
    2. Priority Controller documentation
    Treasury Admin 0x7E9B…18D2

    Controlled by dYdX Governance. Owner of dYdX token. Can upgrade Treasury, Liquidity Module and Merkle Distributor. Currently there is 2d delay before the upgrade.

    1. Treasury Admin documentation
    Safety Module Admin 0x7E9B…18D2

    Controlled by dYdX Governance. Has the ability to update Governance Strategy resulting in different logic of votes counting. Can upgrade Safety Module. Currently there is 7d delay before the upgrade.

    1. Safety Module Admin
    Merkle Pauser 0x7E9B…18D2

    Controlled by dYdX Governance. The Merkle-pauser executor can freeze the Merkle root, which is updated periodically with each user cumulative reward balance, in case the proposed root is incorrect or malicious. It can also veto forced trade requests by any of the stark proxy contracts.Currently there is 0s delay before the upgrade.

    1. Merkle Pauser documentation
    Smart contracts
    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    The system consists of the following smart contracts on the host chain (Ethereum):

    Main contract of dYdX exchange. Updates dYdX state and verifies its integrity using STARK Verifier. Allows users to deposit and withdraw tokens via normal and emergency modes. This contract stores the following tokens: USDC.

    Can be upgraded by:

    Upgrade delay: 9d or 2d if overridden by Priority Controller

    FinalizableGpsFactAdapter 0xF237…053C

    Contract serving as an adapter for STARK Verifier. It holds the address of the STARK Verifier and CAIRO program hash needed for verification.

    GpsStatementVerifier 0x894c…7FC3

    STARK Verifier. In contrast to other StarkWare systems which use common SHARP Prover, dYdX uses separate Prover/Verifier.

    MemoryPageFactRegistry 0xEfbC…Cef8

    Contract storing CAIRO Program Output, in case of dYdX, it stores state diffs of dYdX Exchange.

    FriStatementContract 0xf6b8…E1B1

    Part of STARK Verifier.

    MerkleStatementContract 0x0d62…a830

    Part of STARK Verifier.

    CairoBootloaderProgram 0x1dd8…2E2D

    Part of STARK Verifier.

    PerpetualEscapeVerifier 0x6262…F3DD

    Contract responsible for validating force withdrawal requests.

    The Merkle Distributor smart contract distributes DYDX token rewards according to a Merkle tree of balances.

    Can be upgraded by:

    Upgrade delay: 2d

    The Liquidity Module is a collection of smart contracts for staking and borrowing, which incentivize the allocation of USDC funds for market making purposes on the dYdX layer 2 exchange.

    Can be upgraded by:

    Upgrade delay: 2d

    The Safety Module is a staking pool that offers DYDX rewards to users who stake DYDX towards the security of the Protocol.

    Can be upgraded by:

    Upgrade delay: 7d

    DydxGovernor 0x7E9B…18D2

    Contract storing dYdX Governance logic.

    GovernanceStrategyV2 0xc2f5…6505

    Contract storing logic for votes counting in dYdX Governance.

    DydxToken 0x92D6…Eff5

    Token used by the dYdX Governance for voting.

    Value Secured is calculated based on these smart contracts and tokens:

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is a 9d delay on code upgrades.The delay can be decreased by the Priority Controller to 2d.

    Knowledge nuggets