Rocket Pool
Tier 2rocket-pool
Liquid StakingRocket Pool is the first truly decentralised Ethereum staking pool. Liquid Staking, Audited SC, and Minimised Penalty Risk. Unlike solo stakers, who are required to put 32 ETH up for deposit to create a new validator, Rocket Pool nodes only need to deposit 16 ETH per validator. This will be coupled with 16 ETH from the staking pool (which stakers deposited in exchange for rETH) to create a new ETH2 validator.
Audits
2
reports collected
Findings
8
across all audits
Last Updated
5/20/2026
Analyzed
Analysis Overview
Protocol Overview
Code Security
Economic Security
Team & Transparency
Governance
Cross-Analysis
Executive Summary
Executive Summary: Rocket Pool
Safety Rating: YELLOW_GREEN
Overall Score: 6.8/10 | Confidence: 0.65 | Data Completeness: 0.70 "Cross-domain analysis suggests an effective security posture of approximately 6.0–6.5/10"
Scores by Dimension
| Dimension | Score | Key Finding |
|---|---|---|
| Code Security | 7.5/10 | Protocol addressed critical storage vulnerabilities (50% fix rate on high-severity findings) but 2 high-severity issues (TOB-ROCKET-004, TOB-ROCKET-006) remain unfixed "2 unfixed high-severity issues (upgradeability risks that could block withdrawals, and tx.origin authentication concerns)" |
| Economic Security | 7.5/10 | Strong fundamentals with $531.5M TVL, minimal oracle dependencies, and aligned incentives via RPL collateral; constrained by inflationary tokenomics and lack of distribution transparency "Moderate tokenomics risk due to inflationary emission model without documented distribution transparency" |
| Team Transparency | 6.0/10 | Doxxed team with registered legal entity and improving audit record (0 findings in 2026 vs 8 in 2021), but limited team backgrounds and no community metrics documented "Limited team information beyond two named contacts, absence of documented community metrics" |
| Governance | 5.5/10 | Guardian-to-DAO transition design present but DAO state unverified; no documented timelock; critical TOB-ROCKET-004 withdrawal-blocking finding acknowledged but not fixed "The critical TOB-ROCKET-004 finding about upgradeable contracts potentially blocking minipool withdrawals was acknowledged but not fixed" |
| Track Record | 6.5/10 | 5-year operational history with dramatic audit improvement (8 findings in 2021 → 0 in 2026); no documented major exploits; 4 unfixed findings acknowledged transparently "No major exploits documented" |
What This Protocol Does
Rocket Pool is a decentralised Ethereum liquid staking protocol that allows ETH holders to stake their ETH without running a full validator, and enables node operators to participate in Ethereum staking with reduced capital requirements by depositing only 16 ETH per validator instead of the standard 32 ETH "Rocket Pool nodes only need to deposit 16 ETH per validator". The protocol operates a minipool system where each minipool holds 32 ETH as a bridge between Rocket Pool and the Eth2 deposit contract, with node operators providing RPL token collateral to back their validators "Each of these contracts represents a minipool—that is, a pool holding 32 ether that serves as a bridge between the Rocket Pool network and the Eth2 deposit contract".
Key Strengths
- Tier-1 audit (Trail of Bits) with 50% fix rate on high-severity findings demonstrates active security investment "4 of 8 findings were fixed by the Rocket Pool team"
- Dramatic security improvement: Sigma Prime audit (May 2026) reported 0 findings vs. 8 findings in the 2021 Trail of Bits audit "Zero findings in May 2026 audit vs. 5 high-severity findings in 2021 indicates serious commitment to security"
- Doxxed team (Darren Langley, David Rugendyke) with registered legal entity (Rocket Pool Pty Ltd) provides legal accountability "Named team members (Darren Langley, David Rugendyke) are publicly associated with the company (Rocket Pool Pty Ltd)"
- No external oracle dependencies — rETH/ETH exchange rate is derived from beacon chain validator rewards "the protocol does not rely on external price oracles for its core staking mechanism"
- Strong economic alignment through RPL collateral requirements creates skin-in-the-game for node operators "Node operators must stake RPL tokens, increasing the protocol's confidence in the nodes"
Key Risks
- TOB-ROCKET-004 (unfixed): Governance upgrades can block minipool withdrawals with no documented timelock, potentially trapping node operator funds permanently "governance upgrades could prevent node operators from withdrawing funds"
- Incomplete DAO transition: Guardian role with tx.origin authentication may still be active if DAO deployment is unresolved, creating a single-point compromise vector "any call that originates from the guardian account will be trusted"
- Rocket DAO contracts unaudited: Full upgrade authority rests with an unaudited DAO, creating unknown risk surface in the critical upgrade path "Rocket DAO contracts were explicitly NOT reviewed in the Trail of Bits audit"
- No documented timelock on governance actions enables rapid execution of malicious upgrades without user exit window "No documented timelock delays governance upgrades"
- RPL governance token serves dual role as both collateral and voting power, creating circular dependency between token value and protocol security "The same token (RPL) serves both as economic collateral for node operators and as governance power"
Critical Findings
- HIGH: TOB-ROCKET-004 — Governance upgrade can block minipool withdrawals (Not fixed). The protocol acknowledged this but considers it acceptable as long as
distributeBalancecan always be called. With no timelock, a malicious governance action could trap node operator funds. "Upgradeable contracts can block minipool withdrawals" - HIGH: TOB-ROCKET-006 — tx.origin guardian authentication (Not fixed). During the initialization phase, any call originating from the guardian account is trusted via
tx.originauthentication. This creates an attack surface if the guardian calls external contracts. "tx.origin in RocketStorage authentication may be an attack vector" - No critical findings identified "No critical-severity findings documented in available audit data"
Recommendation
Rocket Pool presents a moderate security profile with sound core ETH staking mechanics, strong code security fundamentals from Tier-1 audits, and a transparent doxxed team with improving security track record. However, two unfixed high-severity governance findings (TOB-ROCKET-004 and TOB-ROCKET-006) combined with an unaudited DAO, no documented timelock, and unknown DAO deployment state create compound risks that are not fully reflected in individual dimension scores "three compound vectors elevate the overall risk above what any single domain report conveys".
Suitable for: Risk-tolerant ETH holders seeking liquid staking yield; node operators comfortable with governance risk and RPL collateral requirements.
Caution advised for: Users with low risk tolerance who prioritize governance safety features (timelocks, fully audited governance); those who require maximum decentralization assurances until DAO deployment is confirmed and TOB-ROCKET-004 is addressed.
Report Sections
- Protocol Overview
- Code Security
- Economic Security
- Social & Team
- Governance
- Cross-Risk Analysis