dYdX v3 logodYdX v3

About

dYdX v3 aims to build a powerful and professional exchange for trading crypto assets where users can truly own their trades and, eventually, the exchange itself.

Value Locked

$292.38 M

1.46%

Canonically Bridged
$292.38 M
Externally Bridged
$0.00
Natively Minted
$0.00
  • Tokens
  • Daily TPS
    0.7826.10%
  • 30D tx count
    2.15 M
  • Stage
    Stage 1
  • Type
    ZK Rollup
  • Purpose
    Exchange
  • ...

    Tokens

    Choose token

    Canonically Bridged Tokens (Top 15)

    USD Coin (USDC)

    ...

    ...

    Milestones

    dYdX v4 announcement

    2022 Jun 22nd

    dYdX V4 will be developed as a standalone blockchain based on the Cosmos SDK.

    Learn more

    dYdX Foundation

    2021 Aug 3rd

    Independent foundation was created to participate in the Protocol governance.

    Learn more

    Public launch

    2021 Apr 6th

    Layer 2 cross-margined Perpetuals are now live in production for all traders.

    Learn more
    Risk summary
    This page describes dYdX v3, which is an L2 built on Ethereum. Recently deployed dYdX v4 is a separate blockchain based on Cosmos SDK, unrelated to Ethereum and is using different technology. No information on this page applies to dYdX v4.
    Risk analysis
    This page describes dYdX v3, which is an L2 built on Ethereum. Recently deployed dYdX v4 is a separate blockchain based on Cosmos SDK, unrelated to Ethereum and is using different technology. No information on this page applies to dYdX v4.
    Sequencer failureState validationData availabilityExit windowProposer failure

    State validation

    ZK proofs (ST)

    zkSTARKS are zero knowledge proofs that ensure state correctness.

    Data availability

    On chain

    All of the data needed for proof construction is published on Ethereum L1.

    Exit window

    None

    There is no exit window. Upgrades have a 9d delay, (or 2d if shortened by the Priority Controller), but withdrawals can be censored for up to 14d.

    Sequencer failure

    Force via L1

    Users can force the sequencer to include a trade or a withdrawal transaction by submitting a request through L1. If the sequencer censors or is down for 14d, users can use the exit hatch to withdraw their funds. Users are required to find a counterparty for the trade by out of system means.

    Proposer failure

    Use escape hatch

    Users are able to trustlessly exit by submitting a Merkle proof of funds. Positions will be closed using the average price from the last batch state update.

    Rollup stage
    dYdX v3dYdX v3 is a
    Stage 1
    ZK Rollup.
    Stage 0
    4 requirements met
    Stage 1
    3 requirements met
    Stage 2
    1 issue needs fixing
    Learn more about Rollup stages
    Please keep in mind that these stages do not reflect rollup security, this is an opinionated assessment of rollup maturity based on subjective criteria, created with a goal of incentivizing projects to push toward better decentralization. Each team may have taken different paths to achieve this goal.
    Technology

    Validity proofs ensure state correctness

    Each update to the system state must be accompanied by a ZK proof that ensures that the new state was derived by correctly applying a series of valid user transactions to the previous state. These proofs are then verified on Ethereum by a smart contract. The system state is represented using Merkle roots.

    1. Enforcing Consistency on the On-Chain State - StarkEx documentation
    2. UpdatePerpetualState.sol#L125 - Etherscan source code, verifyFact function call

    Zero knowledge STARK cryptography is used

    Despite their production use zkSTARKs proof systems are still relatively new, complex and they rely on the proper implementation of the polynomial constraints used to check validity of the Execution Trace.

    • Funds can be lost if the proof system is implemented incorrectly.

    1. STARK Core Engine Deep Dive

    All data required for proofs is published on chain

    All the relevant data that is used to recover the balances Merkle Tree is published on-chain as calldata. This includes, in addition to the proven new state, the complete list of differences of the users’ balances from the previous state.

    1. Data Availability Modes - StarkEx documentation
    2. ZK Rollup - StarkEx documentation
    3. UpdatePerpetualState.sol#L82 - Etherscan source code, updateState function
    State derivation
    Node software

    State can be independently derived from data (state updates) published on Ethereum by running an open-source StarkEx Explorer. The explorer, once fully synced, provides UI interface to perform forced actions, trigger rollup freeze and withdraw funds using escape hatch.

    Compression scheme

    No compression is used, state updates and other metadata are simply serialized for L1

    Genesis state

    There is no genesis file for dYdX. By default, all accounts were empty at the beginning.

    Data format

    dYdX doesn’t publish transactions. Balances of user positions are stored in a Merkle Tree and updates to that tree are published on Ethereum, together with Merkle Root and a ZK proof. Deserialization of that data is implemented here. Generating Merkle Proof is implemented here.

    Operator

    The system has a centralized operator

    The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system. Typically, the Operator is the hot wallet of the StarkEx service submitting state updates for which proofs have been already submitted and verified.

    • MEV can be extracted if the operator exploits their centralized position and frontruns user transactions.

    1. Operator - StarkEx documentation
    2. Operator.sol#L42 - Etherscan source code, onlyOperator modifier

    Users can force exit the system

    Force exit allows the users to escape censorship by withdrawing their funds. The system allows users to force the withdrawal of funds by submitting a request directly to the contract on-chain. The request must be served within 14d. If this does not happen, the system will halt regular operation and permit trustless withdrawal of funds. Perpetual positions can also be force closed before withdrawing, however this requires the user to find the counterparty for the trade themselves.

    • Users can be censored if the operator refuses to include their transactions. However, there exists a mechanism to independently exit the system.

    • Funds can be lost if the user is unable to find the counterparty for the force trade.

    1. Censorship Prevention - StarkEx documentation
    2. Forced Trade - StarkEx documentation
    3. ForcedTrades.sol#L46 - Etherscan source code, forcedTradeRequest function
    4. ForcedWithdrawals.sol#L32 - Etherscan source code, forcedWithdrawalRequest function
    Withdrawals

    Regular exit

    The user initiates the withdrawal by submitting a regular transaction on this chain. When the block containing that transaction is proven the funds become available for withdrawal on L1. Finally the user submits an L1 transaction to claim the funds. This transaction does not require a merkle proof.

    1. Withdrawal - StarkEx documentation

    Forced exit

    If the user experiences censorship from the operator with regular exit they can submit their withdrawal requests directly on L1. The system is then obliged to service this request. Once the force operation is submitted and if the request is serviced, the operation follows the flow of a regular exit.

    1. Forced Operations - StarkEx documentation
    2. Forced Withdrawal - StarkEx documentation
    3. Forced Trade - StarkEx documentation

    Emergency exit

    If the enough time deadline passes and the forced exit is still ignored the user can put the system into a frozen state, disallowing further state updates. In that case everybody can withdraw by submitting a merkle proof of their funds with their L1 transaction.

    1. Forced Operations - StarkEx documentation
    2. Forced Withdrawal - StarkEx documentation
    3. Forced Trade - StarkEx documentation
    Permissions

    The system uses the following set of permissioned addresses:

    Operators 0x8129…390a

    Allowed to update state of the rollup. When Operator is down the state cannot be updated.

    Data Availability Committee (2) 0xA7F2…Ae680x823A…eEa9

    Validity proof must be signed by at least 1 of these addresses to approve state update.

    Rollup Admin 0x7E9B…18D2

    Controlled by dYdX Governance. Defines rules of governance via the dYdX token. Can upgrade implementation of the rollup, potentially gaining access to all funds stored in the bridge. Currently there is 9d delay before the upgrade.

    1. Rollup Admin documentation
    Rollup Priority Controller 0xDC7e…B2c0

    Can decrease the delay required for the Rollup upgrade to 2d.

    1. dYdX governance documentation
    2. Priority Controller documentation
    Treasury Admin 0x7E9B…18D2

    Controlled by dYdX Governance. Owner of dYdX token. Can upgrade Treasury, Liquidity Module and Merkle Distributor. Currently there is 2d delay before the upgrade.

    1. Treasury Admin documentation
    Safety Module Admin 0x7E9B…18D2

    Controlled by dYdX Governance. Has the ability to update Governance Strategy resulting in different logic of votes counting. Can upgrade Safety Module. Currently there is 7d delay before the upgrade.

    1. Safety Module Admin
    Merkle Pauser 0x7E9B…18D2

    Controlled by dYdX Governance. The Merkle-pauser executor can freeze the Merkle root, which is updated periodically with each user cumulative reward balance, in case the proposed root is incorrect or malicious. It can also veto forced trade requests by any of the stark proxy contracts.Currently there is 0s delay before the upgrade.

    1. Merkle Pauser documentation
    Smart contracts
    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    The system consists of the following smart contracts on the host chain (Ethereum):

    Main contract of dYdX exchange. Updates dYdX state and verifies its integrity using STARK Verifier. Allows users to deposit and withdraw tokens via normal and emergency modes. This contract stores the following tokens: USDC.

    Can be upgraded by: Rollup Admin

    Upgrade delay: 9d or 2d if overridden by Priority Controller

    FinalizableGpsFactAdapter 0xF237…053C

    Contract serving as an adapter for STARK Verifier. It holds the address of the STARK Verifier and CAIRO program hash needed for verification.

    GpsStatementVerifier 0x894c…7FC3

    STARK Verifier. In contrast to other StarkWare systems which use common SHARP Prover, dYdX uses separate Prover/Verifier.

    MemoryPageFactRegistry 0xEfbC…Cef8

    Contract storing CAIRO Program Output, in case of dYdX, it stores state diffs of dYdX Exchange.

    FriStatementContract 0xf6b8…E1B1

    Part of STARK Verifier.

    MerkleStatementContract 0x0d62…a830

    Part of STARK Verifier.

    CairoBootloaderProgram 0x1dd8…2E2D

    Part of STARK Verifier.

    PerpetualEscapeVerifier 0x6262…F3DD

    Contract responsible for validating force withdrawal requests.

    The Merkle Distributor smart contract distributes DYDX token rewards according to a Merkle tree of balances.

    Can be upgraded by: Treasury Admin

    Upgrade delay: 2d

    The Liquidity Module is a collection of smart contracts for staking and borrowing, which incentivize the allocation of USDC funds for market making purposes on the dYdX layer 2 exchange.

    Can be upgraded by: Treasury Admin

    Upgrade delay: 2d

    The Safety Module is a staking pool that offers DYDX rewards to users who stake DYDX towards the security of the Protocol.

    Can be upgraded by: Safety Module Admin

    Upgrade delay: 7d

    DydxGovernor 0x7E9B…18D2

    Contract storing dYdX Governance logic.

    GovernanceStrategyV2 0xc2f5…6505

    Contract storing logic for votes counting in dYdX Governance.

    DydxToken 0x92D6…Eff5

    Token used by the dYdX Governance for voting.

    Value Locked is calculated based on these smart contracts and tokens:

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is a 9d delay on code upgrades.The delay can be decreased by the Priority Controller to 2d.

    Knowledge nuggets