dRdefRes
Rocket Pool logo

Rocket Pool

Tier 2

rocket-pool

Liquid Staking
Ethereum

Rocket Pool is the first truly decentralised Ethereum staking pool. Liquid Staking, Audited SC, and Minimised Penalty Risk. Unlike solo stakers, who are required to put 32 ETH up for deposit to create a new validator, Rocket Pool nodes only need to deposit 16 ETH per validator. This will be coupled with 16 ETH from the staking pool (which stakers deposited in exchange for rETH) to create a new ETH2 validator.

6.8Safety Score65% confidence

Latest TVL

$531.49M

DeFiLlama · updated 5/20/2026

Audits

2

reports collected

Findings

8

across all audits

Last Updated

5/20/2026

Analyzed

Analysis Overview

🏗️

Protocol Overview

Rocket Pool is an Ethereum liquid staking protocol with $531.5M TVL that enables ETH holders to earn staking yield without running validators. Node operators deposit 16 ETH per minipool matched by 16 ETH from the staking pool to create 32 ETH validators. The rETH token accrues value from beacon chain rewards while RPL serves as inflationary collateral and governance token. No external protocol integrations exist, reducing composability risk. Key risks include a guardian role (temporary until DAO deployment) using tx.origin authentication that was flagged as an attack vector, and upgrade authority that could block node operator withdrawals.
🔒

Code Security

7.5/10
Trail of Bits audited Rocket Pool in August 2021 (5 person-weeks) identifying 5 high-severity and 3 informational findings. Four have been fixed including critical storage access controls, type safety, and delegatecall checks. Two high-severity issues remain unfixed: the tx.origin guardian authentication (TOB-ROCKET-006) and the ability for upgrades to block minipool withdrawals (TOB-ROCKET-004). A subsequent Sigma Prime audit in May 2026 reportedly produced 0 findings. Access controls and upgradeability received "Moderate" code maturity ratings. The $531M+ TVL represents significant value at risk relative to 2 unfixed high-severity findings.
💰

Economic Security

7.5/10
Rocket Pool holds $531.5M TVL entirely on Ethereum, representing genuine ETH deposits with no leverage. The protocol uses no external price oracles; rETH/ETH exchange rates derive from on-chain beacon chain rewards, eliminating oracle manipulation vectors. RPL is inflationary and serves as both node operator collateral and governance token, creating strong economic alignment but unknown concentration risk due to undocumented token distribution. The $38.5M RPL market cap (~7% of TVL) creates moderate collateral sustainability concerns. No death spiral risk exists given externally sourced staking yield. Governance upgrades can theoretically block withdrawals.
👥

Team & Transparency

6.0/10
Rocket Pool has a doxxed team with named individuals (Darren Langley, David Rugendyke) at a registered Australian legal entity (Rocket Pool Pty Ltd), providing legal accountability. The protocol shows five years of continuous development with a strong audit improvement trend: 5 high-severity findings in 2021 reduced to 0 findings in the May 2026 Sigma Prime audit. Open-source code and DAO governance mechanisms are positive transparency indicators. However, limited data exists on team member backgrounds, community metrics, and financial disclosures. No bug bounty program was documented. Score: 6.0/10.
🗳️

Governance

5.5/10
Rocket Pool uses a hybrid guardian-to-DAO governance model intended to be temporary until the DAO is fully deployed. Network contracts including rocketMinipoolManager can be upgraded by governance. No documented timelock delays upgrade execution, creating risk that malicious upgrades could block node operator withdrawals. The critical TOB-ROCKET-004 finding (upgrades blocking withdrawals) was acknowledged but not fixed. Rocket DAO contracts were explicitly not reviewed in the available audit, leaving governance implementation maturity unassessed. The guardian role remains active during initialization with tx.origin-based authentication, creating unresolved attack surface. Current state suggests incomplete DAO transition rather than fully decentralized governance.
🔗

Cross-Analysis

Individual domain scores (Code Security 7.5, Economic Security 7.5, Governance 5.5, Social 6.0) mask compound risk vectors unique to Rocket Pool. The most likely failure mode: governance capture exploiting TOB-ROCKET-004 to block minipool withdrawals, trapping node operator ETH and RPL collateral. Worst case: guardian compromise during unresolved DAO initialization combined with unfixed tx.origin authentication, allowing direct fund theft. Five high-priority vectors identified: guardian tx.origin exploitation, withdrawal blocking via upgrades, storage collision lateral escalation, RPL governance token death spiral, and unaudited DAO contract risk surface. Minimal external integrations reduce composability risk but eliminate fallback mechanisms. Effective security posture: 6.0-6.5/10 when weighting for compound vectors.

Executive Summary

Executive Summary: Rocket Pool

Safety Rating: YELLOW_GREEN

Overall Score: 6.8/10 | Confidence: 0.65 | Data Completeness: 0.70 "Cross-domain analysis suggests an effective security posture of approximately 6.0–6.5/10"

Scores by Dimension

DimensionScoreKey Finding
Code Security7.5/10Protocol addressed critical storage vulnerabilities (50% fix rate on high-severity findings) but 2 high-severity issues (TOB-ROCKET-004, TOB-ROCKET-006) remain unfixed "2 unfixed high-severity issues (upgradeability risks that could block withdrawals, and tx.origin authentication concerns)"
Economic Security7.5/10Strong fundamentals with $531.5M TVL, minimal oracle dependencies, and aligned incentives via RPL collateral; constrained by inflationary tokenomics and lack of distribution transparency "Moderate tokenomics risk due to inflationary emission model without documented distribution transparency"
Team Transparency6.0/10Doxxed team with registered legal entity and improving audit record (0 findings in 2026 vs 8 in 2021), but limited team backgrounds and no community metrics documented "Limited team information beyond two named contacts, absence of documented community metrics"
Governance5.5/10Guardian-to-DAO transition design present but DAO state unverified; no documented timelock; critical TOB-ROCKET-004 withdrawal-blocking finding acknowledged but not fixed "The critical TOB-ROCKET-004 finding about upgradeable contracts potentially blocking minipool withdrawals was acknowledged but not fixed"
Track Record6.5/105-year operational history with dramatic audit improvement (8 findings in 2021 → 0 in 2026); no documented major exploits; 4 unfixed findings acknowledged transparently "No major exploits documented"

What This Protocol Does

Rocket Pool is a decentralised Ethereum liquid staking protocol that allows ETH holders to stake their ETH without running a full validator, and enables node operators to participate in Ethereum staking with reduced capital requirements by depositing only 16 ETH per validator instead of the standard 32 ETH "Rocket Pool nodes only need to deposit 16 ETH per validator". The protocol operates a minipool system where each minipool holds 32 ETH as a bridge between Rocket Pool and the Eth2 deposit contract, with node operators providing RPL token collateral to back their validators "Each of these contracts represents a minipool—that is, a pool holding 32 ether that serves as a bridge between the Rocket Pool network and the Eth2 deposit contract".

Key Strengths

  • Tier-1 audit (Trail of Bits) with 50% fix rate on high-severity findings demonstrates active security investment "4 of 8 findings were fixed by the Rocket Pool team"
  • Dramatic security improvement: Sigma Prime audit (May 2026) reported 0 findings vs. 8 findings in the 2021 Trail of Bits audit "Zero findings in May 2026 audit vs. 5 high-severity findings in 2021 indicates serious commitment to security"
  • Doxxed team (Darren Langley, David Rugendyke) with registered legal entity (Rocket Pool Pty Ltd) provides legal accountability "Named team members (Darren Langley, David Rugendyke) are publicly associated with the company (Rocket Pool Pty Ltd)"
  • No external oracle dependencies — rETH/ETH exchange rate is derived from beacon chain validator rewards "the protocol does not rely on external price oracles for its core staking mechanism"
  • Strong economic alignment through RPL collateral requirements creates skin-in-the-game for node operators "Node operators must stake RPL tokens, increasing the protocol's confidence in the nodes"

Key Risks

  • TOB-ROCKET-004 (unfixed): Governance upgrades can block minipool withdrawals with no documented timelock, potentially trapping node operator funds permanently "governance upgrades could prevent node operators from withdrawing funds"
  • Incomplete DAO transition: Guardian role with tx.origin authentication may still be active if DAO deployment is unresolved, creating a single-point compromise vector "any call that originates from the guardian account will be trusted"
  • Rocket DAO contracts unaudited: Full upgrade authority rests with an unaudited DAO, creating unknown risk surface in the critical upgrade path "Rocket DAO contracts were explicitly NOT reviewed in the Trail of Bits audit"
  • No documented timelock on governance actions enables rapid execution of malicious upgrades without user exit window "No documented timelock delays governance upgrades"
  • RPL governance token serves dual role as both collateral and voting power, creating circular dependency between token value and protocol security "The same token (RPL) serves both as economic collateral for node operators and as governance power"

Critical Findings

  • HIGH: TOB-ROCKET-004 — Governance upgrade can block minipool withdrawals (Not fixed). The protocol acknowledged this but considers it acceptable as long as distributeBalance can always be called. With no timelock, a malicious governance action could trap node operator funds. "Upgradeable contracts can block minipool withdrawals"
  • HIGH: TOB-ROCKET-006 — tx.origin guardian authentication (Not fixed). During the initialization phase, any call originating from the guardian account is trusted via tx.origin authentication. This creates an attack surface if the guardian calls external contracts. "tx.origin in RocketStorage authentication may be an attack vector"
  • No critical findings identified "No critical-severity findings documented in available audit data"

Recommendation

Rocket Pool presents a moderate security profile with sound core ETH staking mechanics, strong code security fundamentals from Tier-1 audits, and a transparent doxxed team with improving security track record. However, two unfixed high-severity governance findings (TOB-ROCKET-004 and TOB-ROCKET-006) combined with an unaudited DAO, no documented timelock, and unknown DAO deployment state create compound risks that are not fully reflected in individual dimension scores "three compound vectors elevate the overall risk above what any single domain report conveys".

Suitable for: Risk-tolerant ETH holders seeking liquid staking yield; node operators comfortable with governance risk and RPL collateral requirements.

Caution advised for: Users with low risk tolerance who prioritize governance safety features (timelocks, fully audited governance); those who require maximum decentralization assurances until DAO deployment is confirmed and TOB-ROCKET-004 is addressed.

Report Sections

  • Protocol Overview
  • Code Security
  • Economic Security
  • Social & Team
  • Governance
  • Cross-Risk Analysis

Vulnerability Findings

High5Info3

Audit Reports (2)

AuditorTierStatusDiscoveredLink
Sigma Primetier_2completed5/20/2026View ↗
Trail of Bitstier_1completed5/20/2026View ↗