Puffer
Puffer pufETH
Puffer pufETH is a liquid restaking token on Ethereum representing staked and restaked ETH via EigenLayer. Yield is generated from Ethereum consensus and execution layer staking rewards plus EigenLayer restaking rewards, distributed across diversified PufferModules.
AUM
$67.11m+9.6%
APY
2.32%+33.9%
BB-Rated Protocol
Updated Apr 23, 2026Risk Rating
BB-
AAAAAABBBBBBCCCCCCD
This rating is based solely on publicly available information. The range from BB- to AA+ reflects the gap between the current assessment and the potential rating achievable if all identified improvement areas are addressed.
SCS: Smart Contract Security
KMP: Key Management Permissions
M: Market
L: Liquidity
C: Collateral
PM: Protocol Mechanics
ICE: Infra Counterparty Exposures
PCE: Protocol Counterparty Exposures
G: Governance
FR: Financial Resilience
TLC: Team Legal Compliance
DT: Documentation Transparency
Potential Score
Provider risk assessed across Business, Operations, Reliability, and Security.
View the detailed scoring breakdown
Challenge this ratingLearn about our ratingsContract Addresses
TokenContract
0xD9A4...6a72
Timelock
0x3C28...26eA
PufferOracle
0x0BE2...994f
AccessManager
0x8c16...EE11
Pauser Multisig
0x1ba8...0Df4
Community Multisig
0x446d...Cb2a
Operations Multisig
0xC089...580d
Key Strengths
- Extensive audit coverage from 8 independent firms including top-tier auditors, with every major upgrade from V1 through V5 audited before deployment
- BlockSec Phalcon integrated as a Safe module on the Pauser Multisig, enabling fully autonomous 24/7 pause execution with on-chain proof of operation
- Hardcoded 7-day minimum timelock delay that cannot be reduced, with all multisig thresholds verified on-chain via Safe API
- Battle-tested exit liquidity: processed large-scale withdrawals during a major TVL drawdown with the pufETH/ETH exchange rate monotonically increasing and no withdrawal delays
- Validator bond mechanism automatically burns operator bonds on slashing before affecting pufETH holders, with diversification across many PufferModules
- Publicly identified team of 26 employees with perfect Documentation score covering comprehensive docs, canonical deployment registry, and all contracts verified on Etherscan
Key Risks
- No active bug bounty program; the Immunefi Boost was a one-time competitive audit event and the ongoing bounty page is no longer available
- Community Multisig signer identities are fully undisclosed, preventing independent verification of signer independence
- Significant TVL decline from peak levels raises revenue sustainability concerns with operational runway unverifiable
- No disclosed treasury or dedicated reserve beyond the narrow-scope validator bond mechanism; operational runway cannot be estimated from public information
- PufferOracle relies on trusted guardian signatures for validator-locked ETH valuation without independent fallback oracle
- Community Multisig can bypass the 7-day timelock entirely with zero-delay emergency execution capability
Market Overview
ChainEthereum
Treasury$0.00
Oracles Used
Stated Withdrawal TimeInstant or 14d
Get the full picture today
Request the full rating report and gain access to unparalleled rating data & information.
Request a full report