Stafi
Stafi (short for Staking Finance) is a DeFi (Decentralized Finance) protocol that aims to unlock liquidity of staked assets. STAFI Protocol solves the contradiction between the token liquidity and Mainnet security by issuing ABT tokens, which provides the liquidity of your Staking Assets. ABT token increases the staking rate to a higher level (100%, theoretically), and it could be tradable, its security is guided by STAFI Protocol which ensure ABT token is the only collateral that can apply to redeem staking asstes from original staking blockchain ( Tezos, Cosmos, Polkadot, etc,.)[1][3].
Overview
StaFi is a combined abbreviation of Staking+Finance. It is a decentralized protocol built with the Substrate. The contract layer is composed of multiple staking contracts, and the application layer is mainly trading platform of rTokens[4][5].
Stafi is a decentralized protocol that empowers liquidity. It encompasses 3 layers—bottom, contract and application layers. The bottom layer is mainly based on a blockchain system established by Substrate (which is a blockchain architecture developed by Parity, and the whole architecture integrates many development modules, including consensus module, P2P module, Staking module, etc.). The contract layer support creating a variety of Staking contracts, such as Staking contracts for XTZ, Atom and Dot respectively. The token holder can Stake through Staking Contract, which is consistent with the inflation incentives obtained by the ordinary Stake. But the difference is that The holder also can obtain rTokens. Last, the application layer supports third-party Stafi-based APIs or customized APIs to create a decentralized bondeds asset trading market for rTokens to circulate, transfer, and trade on the Stafi protocol.
The protocol runs in a purely decentralized manner. Stafi, which is built on Substrate, will be connected to Polkadot as a parallel chain, sharing the underlying consensus of Polkadot. The main security and performance are also guaranteed by Polkadot. The core layer is the contract level, and the ownership of the Stake token is fully guaranteed by the contract code. Stafi uses a distributed key storage protocol to ensure the security of the Stake address through multi-signatures. The holder can initiate Stake or redeem the Stake anytime and anywhere without the need for third party intervention. When the holder of the coin initiates the Stake token to the Stake contract, the system's inflation incentives can be obtained regularly. Meanwhile, any holder of rTokens can initiate a redemption to the corresponding Stake contract anytime, anywhere (The redemption operation interacts with the original chain through the Stafi protocol. After the redeeming transaction is written to the chain, Stake coins will be sent to the submitted coin account after unlocked.) The Stafi protocol guarantees that each and every alternative rToken is exclusively correspond to the token on the original chain. That is to say, only the holder of the rTokens can initiate the redemption of the original token to the Stake contract. When A trades rTokens to B, A no longer has the redemption right to those tokens, and B now can initiate redemption to the Staking contract. The whole process does not require third party intervention.
Any third party can establish a decentralized bonded assets exchange using the Stafi protocol to at the application layer. All rToken exchanges share the depth of the transaction. With the increasing number of public chains adopting PoS launching their mainnets, the number and variety of Stake's tokens will rocket. And rTokens will traded more frequently. As a result, developers will be hugely rewarded, in the form of transaction fee, from rToken transactions they initiated[6].
Implementation
Staking Contract
The contract that creates the interaction with the Stake original chain at the Stafi contract level is called Staking Contract (referred to as SC). For example, to create a XTZ-SC for connecting Tezos with Stafi. When user A holding XTZ initiates a Stake operation on XTZ-SC, the Staking Contract will first create a multi-signature address, and he will transfer XTZ through the Tezos original chain to that address.When the transfer succeeds, the contract will execute the Staking operation of the multi-sign address. If succeed, the tokens will be locked to the original chain. Then, the Stafi protocol will receive a proof of the Tezos original chain (Proofs), and then trigger the contract to generate rXTZs of equal quantities to XTZ and send them to the staker.
The update of the Staking Contract requires the original chain and the Stafi protocol to work together, for the contract status of each chain needs to be monitored, the implementation of the Staking contract shares many similarities with the cross-chain mechanism. When the holder initiates a Staking request at the Staking Contract, the generation of the multi-sign account occurs on the Stafi protocol. At the same time, the transfer of the personal asset to the multi-sign address is completed by the Stake user’_s signature. This transfer occurs on the original chain. When the Contract captures the transfer information, a Stake request is initiated from the multi-sign address to the original chain. After the Staking is completed on the original chain, Stafi captures the Stake state of the address on the original chain and verifies it,and the corresponding rTokens are issued on the Stafi protocol immediately after the validation succeeds. Throughout the process, the Stafi protocol interacts with the original chain multiple times. The monitoring and capturing of the state plays an important role in the security of the entire protocol. The Stafi protocol captures the original state by time delay and multi-pass validation to ensure the final authenticity of the original chain. Fortunately, better than pre-existing inter-chain protocols and PoW consensus, most PoS projects launched after later 2015 see the final authenticity of block transactions as a demand that must be met. That is, when the latest height is formed, the transactions included are deterministic.
Multi-signature Adresses
Stake models rely on the Account model—when the user initiates Staking, they need a private key of the original chain address to sign. In order to ensure the exclusive correspondence between the ownership of the Stake asset and rTokens, Stafi designed an intermediate address model. The ownership of assets in that address does not belong to anyone, meaning that no one can own the private key of this address. Stafi guarantees asset neutrality of intermediate addresses through secure multi-party computing technology and threshold multi-signing technology, ensuring that signatures are only performed when the holder of rTokens initiates a redemption. Secure multi-party computing involves privacy, which requires a group of certifiers with special functions in Stafi to participate. A certain number of validators, who are called Stafi Special Validator (SSV) are signed by their own private keys and transmitted through a secure channel to verify the validity of the signature, and, finally, realize the restoration of intermediate address signature. This intermediate address does not have a private key, nor is stored on the Stafi protocol. It is formed by the signature of the private certificate of the special authenticator only when the signature is required. The implementation of threshold multi-signing technology realizes that part, not all, of generators can generate the private key signature, which can greatly satisfy the need for the signature. For example, a multi-sign address establishes contact through a public key of multiple validators (say 21). When a person holding rTokens needs to initiate a redemption, only 16 signatures of 21 verifying servers are required to verify Staking and Unstake for Stake Assets.
Secure Multi-Party Computation
Secure multi-party computation mainly focuses on how to safely calculate a predefined function without the existence of untrusted third parties, addressing a problematic reality that a result reliant on multi-party data calculation where those parties are not willing to share the original data. With secure multi-party computation, the final result can be verified without revealing the initial input value to another third party. In Stafi's Staking contract, the user who stakes must generate a new multi-signal address. When the holder of the rToken initiates a redemption to the Stake Contract, the multi-signature address needs to create a private key signature with the involvement of special validators during calculation and generation. The validators transmit the calculation results through the encrypted channel, and they can mutually verify the results without the need to reveal their own private key. It is secured way of unlocking and redeeming the Staking Contract.
Ownership Transfer
When the Staking operation is completed, the redemption right of XTZ on the multi-sign address is in the hands of the holder of rXTZ. Only the holder of rXTZ has the right to redeem the XTZ-SC, other holders entitled no redemption rights. If user A traded XTZ to user B, then user A loses the redemption right to the original chain XTZ, and the mapping relationship between the XTZ and the user A address of the multi-signed address in the contract is also given to that with B. User B can initiate redemption according to his or her own wishes, or trade rTokens to other people. In this process, the multi-sign address completes multiple rounds of ownership of the original chain XTZ through the signature of special validators on Stafi who are different to that in Polkadot world—it does not requires block-producing consensus. The requirements come in only when generating the address and the changes of ownership.When user A trades the rTokens to user B, special validators (SSVs) need to conduct the signature and complete the conversion of the original Stake XTZ.
Stafi Special Validator (SSV)
Different from Stafi Validator (SV), a SSV is the witness of the asset ownership in the Stafi Stake contract. When the eligible holder initiates redemption to the contract, the special validator will participate in the calculation and complete the transfer of the asset from the multi-sign address to the personal address by signing. When no redemption operation occurs, the special validator stores its own private key locally, waiting to be called. A special validator is composed of multiple people picked randomly. Before the multi-signature address is formed, Stafi will select N SSVs from SVs through a random algorithm. N SSVs will be chosen by Stafi randomly to perform the calculation locally and transmit the results through a secret channel. After validation, the participation rights are obtained and stored locally on the servers respectively. The entire process is automated by the system.
At the same time, each SSV will be required to run the light node of the projects supported by Stake Contract, in order to verify the original chain trading status. This program is written to the entire special validator client and the validation is performed automatically.
SSV Group
In order to ensure the smoothness of the redemption channel, special certifiers in Stafi perform tasks in groups with a fixed shift. During their own shift, a single certifier group completes the multi-signal address generation and storage of the secret key, and after the execution cycle is completed, replaced by another new group. This ensures the engagement of the current verifier. One term of validators lasts an Era (1 Era is about 24hours). The election for the next group is done in the previous Era. Stafi selects new SSVs from SV candidates by block-producing rate, Staking ratio, etc,. And the new SSVs will replace the old SSVs’ private key with their own ones. Meanwhile, the system will destroy the relationship established with the old SSVs’ private key. However, frequent turnover will affect computational efficiency. When Stafi officially lands, it will select a reasonable replacement cycle balancing safety and efficiency.
System of Encouragements and Penalities for Special-Validators
Due to the importance of special verifiers, Stafi has established a system of encouragements and penalties for them, stimulating positive behaviors such as calculations and storage, and punishing negative behaviors such as disconnections and non-timely replacements. Stipulated by Stafi protocol, participation in the generation of addresses, computing, and signatures will be rewarded Stafi's token--FIS incentives. On the other hand, Stafi's penalties for security issues are severe. Stafi will require all certifiers involved in computing and storage to maintain designated online time. If the certifier is frequently dropped out, it will be slashed. If the dropping time is longer than N hours, the certifier will be Jailed and will not be able to participate in any computing and storage of the special certifier group for a period of time. In addition, the system will severely punish attacks that attempt to recover private keys and steal other people's assets based on provable data on the chain.
Staking Mechanism for Special-Validators
Anyone holding Stafi tokens can apply to become a special certifier of Stafi. A special certifier needs to stake FIS Token. The smuggled FIS Token is proportional to the amount of Stake that can be accepted, that is, the more FISs that are staked, the greater the value of Stake asset calculation and storage. This can effectively increase the cost of joint malicious behaviors conducted by special certifiers. The FISs that are staked will be motivated by the system, and at the same time, is also the pool of funds for system punishment. Due to the speciality of Stafi system, the requirements for the special verifier are strict, and the nodes in the early days after launch will be opened gradually to engage validators.
Staking Contract Security
The asset security of a Staking Contract is guaranteed in many ways. First, the asset neutrality, Staking assets will be locked to the original chain, and their mapping relationship will be recorded in the Staking Contract. Multi-signature address is guaranteed by the N SSVs through the threshold multi-signal sharing technology. So the SC is not subject to any single third party control. Second, the multi-signature address uses the asset mechanism. The special verifier is selected by the Stafi random algorithm. The verifiers do not know each other, the possibility of collusion becomes small, and the asset protection will be dynamically replaced within a certain period to ensure security.. The third is punitive. When the certifier participates in the private key signature calculation and storage, it needs to stake a certain FIS to participate. In the event of an attack or illegal behavior, the staked FIS will be Slashed, the value of the stake and can be processed. The value of the assets is directly proportional. When a variety of conditions are combined, the Stafi system can effectively punish certain risk factors. Under the assumption that most people are honest, the assets of the Staking contract can guarantee certain security.
Decentralization of Staking Contract Assets
When a holder initiates Staking through the Staking Contract, all Staking assets relationship will be concentrated in one contract. Although each Staking is initiated by a single address, it will not affect the degree of decentralization, but when the Staking assets are too concentrated, they are more easily attacked. Stafi avoids the concentration of assets by establishing several Staking Contracts of the same kind for one token. The total amount of the contract will automatically increase according to the amount of Staking assets, and the new assets will enter the new Staking contract. At the same time, Stafi will establish multiple Staking Contracts at the primary stage. The Stafi system will equally distribute the initial Stake demand evenly among these Stake contracts, which will serve as a buffer. As the demand of Stake increases, the number of contracts will gradually be increased and differentiated by variables.
At the same time, Stafi is a decentralized open protocol. The Staking Contracts developed by initial developers will be audited and open sourced for third parties, which can create their own Staking Contracts to achieve the decentralization of Staking assets.
Tokenomics
Stafi Protocol creates value by providing liquidity of Staking assets. Staker can obtain inflation rewards while circulating rToken to respond to the market in a timely manner. The protocol captures the value of the liquidity and outputs the value to the protocol. The FIS is the native digital cryptographically-secured utility token of the Stafi protocol, FIS is a transferable representation of attributed functions specified in the protocol /code of the stafi protocol, designed to play a major role in the afunctioning of the ecosystem in the Stafi protocol, and intended to be used solely as the primary utility token on the platform.
The protocol of Stafi is created by Substrate and adopts Nominated Proof-of-Stake (NPoS), which complete Staking by setting up Staking Contracts in the upper layer to communicate with public chains. The Staking process is immune to Stafi’s contracts, for the latter act as the account book during Staking. Tokens staked through contracts will be written in the contracts and finally be locked-up on the original chain.
In order to maintain Stafi protocol, Stafi Validators (SV) and Stafi Special Validators (SSV) are essential. SVs are responsible for the security of the whole protocol while SSVs guarantee the safety of all Staking Contracts. Under the protocol framework, the election of validators and the motivations for them become paramount, which will be expounded in the third part of this document.
FIS is the native tokens of Stafi. FIS is involved in 3 scenarios: Gas, Staking and value capture.
- FIS is the fuel of the system. It prevents a large sum of spam popping up in the system. FIS charged will be distributed to validators and Protocol Treasury, and the distribution ratio can be adjusted by concerning parameters.
- Stafi adopts NPoS consensus and uses the underlying motivation design of Polkadot for reference. Based on security design, Stafi tunes up motivation curve in accordance of the Staking ratio of FIS in order to achieve the cyber security and long-term development of the system.
- FIS is a medium for the value capture in Stafi system (mainly provides value for the liquidity of rToken). The Staking Contracts of Stafi not only provides Staking service for Stakers, but also guarantee liquidity. Service fee will be charged by Stafi protocol from users to value to Stafi network. The proposition of value will be expounded in part 5 of this document.
Token Model
There are two types of tokens in the Stafi protocol, one is an alternative token (currently rToken), and one is a native token (FIS). The functions of the two tokens in the protocol are different. rToken mainly assumes the medium for liquidity, and the equity is attributed functions/right are inherited from Staking Token. As the native token of the Stafi protocol, FIS is mainly a system transaction medium, mainly responsible for value capture, consensus incentives, and prevention of system abuse (Tx fee)[2].
FIS
FIS is a non-refundable functional utility token which will be used as the medium of exchange for transactions between participants of the Stafi protocol. The goal of introducing FIS is to provide a convenient and secure mode of payment and settlement between participants who interact within the ecosystem on the Stafi protocol, and it is not, and not intended to be, a medium of exchange accepted by the public (or a section of the public) as payment for goods or services or for the discharge of a debt; nor is it designed or intended to be used by any person as payment for any goods or services whatsoever that are not exclusively provided by the issuer. FIS does not in any way represent any shareholding, participation, right, title, or interest in the Foundation, the Distributor, their respective affiliates, or any other company, enterprise or undertaking, nor will FIS entitle token holders to any promise of fees, dividends, revenue, profits or investment returns, and are not intended to constitute securities in Singapore or any relevant jurisdiction. FIS may only be utilised on the Stafi protocol, and ownership of FIS carries no rights, express or implied, other than the right to use FIS as a means to enable usage of and interaction within the Stafi protocol.
FIS is the native token for Stafi Protocol, the initial issuance is 100 million, and there will be further issuance each year ahead. FIS to Stafi is similar to Dot to Polkadot, preventing system abuse and value capture. In Stafi, the specific functions that FIS acts as are as follows:
- Staking
- Validators in Stafi consensus need staking FIS to join the consensus network, and the nominator who want to obtain motivation also needs Staking FIS to nominate.
- Tx Fee
- In order to avoid system abuse, the initiator of a transaction has to pay FIS to get computing resources. In this way, invalid transactions will be eradicated.
- On-chain governance
- FIS holders can participate in the tinkering of Stafi Protocol parameters, vote for Protocol upgrade and determine development courses. Anyone can hand in proposals to the Protocol, but only holders of FIS can vote for or against a proposal, 1 FIS account for 1 ballot.
rToken(reward-Token)
rToken is a alternative token obtained by Staker through Staking contract, If you Staking XTZ, you can get rXTZ, Staking Atom, users can get rAtom. rToken and Staking Token are in a ratio 1:1. Holding rToken can get incentives from token staked. At the same time, rToken can be traded in the market instead of rToken. After the transaction, Staking contract will modify the reward and redemption rights.
There is no limit on the number of rTokens. Theoretically, it is equal to the total number of tokens that are integrated in PoS projects. When rTokens are redeemed, there is a burning mechanism, which basically maintains the unity with Staking Token.
In Stafi protocol, the specific roles of rToken are:
- Obtaining Staking Rewards
rToken is the mapping of Staking Token, and the Staking rewards obtained by Staking Token will be sent to the holders of rToken. During the redemption period, rToken will be locked and its rights obtain reward will be lost temporarily.
- Trade
rToken can be traded. After the transaction, the corresponding motivation and redemption rights will be transferred accordingly. The Stafi Protocol will promote the listing of rToken and corresponding Staking Token trading pairs on centralized and decentralized exchanges to provide rToken with higher trading liquidity.
- Redemption
rToken is the only redemption medium for Staking Token. rToken holders can initiate a redemption to the Staking contract. During the redemption process, the holder no longer has the motivation rights, and rToken will be locked. After the Staking token is unlocked on the original chain, it will be sent back to the user’s Account.
rToken
rToken is a redeemable token for the staked assets issued by StaFi protocol that can be traded, lent, or borrowed in a variety of venues. Whenever a user stakes a native token through the relevant Staking Contract, a certain amount of rTokens will be issued per amount of the native tokens staked in the Staking Contract and the real-time exchange rate for the rToken. The exchange rate for the rToken will gradually increase, as staking rewards for that native token accumulate, and so will the amount of native tokens that can be redeemed.
How to obtain rToken?
There are two main methods to obtain rToken:
- Stake native tokens through StaFi's Staking Contract: rTokens will be minted and sent to your designated wallet address according to the amount of the native tokens you Stake(Qs) and the exchange rate of rToken (Cr)
- Obtain rToken on Uniswap or other exchanges:
All rTokens can be traded and exchanged for native tokens per market exchange rates on decentralized exchanges or centralized exchanges that support rTokens.
rToken classification
StaFi classifies rToken into four categories:
- rETH: the rToken for Ethereum 2.0 Staking after it goes live.
- rTokens for Polkadot: rFIS, rDOT, rKSM and rTokens for other Substrate based projects.
- rToken for the Cosmos ecosystem: rATOM, rKAVA, etc.
- Others, such as rXTZ, rEOS, etc.
Reward Claim Mechanisms
As each PoS project has its own rules for claiming rewards, StaFi will ensure that users' Staking Rewards can be obtained in a timely manner per relevant project rules.
rFIS
StaFi network will calculate the reward for all validators every Era (6 hours). However, the nominators (stakers) and validators will not receive rewards unless they manually claim the rewards. If the Rewards have not been claimed for 84Era (21days), they will be destroyed.
Within 21 days, as long as a validator or a Staker Claim rewards, the system will automatically issue rewards for all Stakers. In order for Stakers to receive Staking Reward in a timely manner, StaFi Staking Contract will utilize smart contracts to Claim rewards regularly on a periodic basis, such as every 6 hours.
If any one of the following two situations occurs, StaFi will update the exchange rate of rToken:
- Other Stakers manually claimed the rewards, which causes StaFi Staking Contract to receive the Staking Reward before the next scheduled automatic Claim.
- The automatic Claim is triggered (every 6 hours), and the Staking Contract receives Staking Rewards.
rDOT
Polkadot network will calculate the reward for all validators every Era (24 hours). However, similar to Stafi, the nominators (Stakers) and validators will not receive rewards unless they claim the rewards. If the Rewards have not been claimed for 84Era (84 days), they will be destroyed.
Within 84 days, as long as a validator or a Staker Claim rewards, the system will automatically issue rewards for all Stakers. In order for Stakers to receive Staking Reward in a timely manner, StaFi Staking Contract will utilize smart contracts to Claim rewards regularly on a periodic basis, such as every 24 hours.
If any of the following two situations occurs, StaFi will update the exchange rate of rToken:
- Other Stakers manually claimed the rewards, which causes StaFi Staking Contract to receive the Staking Reward before the next scheduled automatic Claim;
- The automatic Claim is triggered(every 6 hours), and Staking Contract receives Staking Rewards.
rETH
According to the current official documents about Ethereum 2.0 released by the Ethereum Foundation, staking rewards are issued on beacon chain every 6.5 minutes, yet they cannot be directly claimed, nor transferred until further notice. Thus, reward claiming will not be an option on StaFi either until more information is made available.
Therefore, StaFi is currently not taking into consideration the effect of reward Claim function in Ethereum 2.0 network when calculating the exchange rate.
Stafi Special Validator (SSV)
Stafi Special Validators are to guarantee the security of Staking Contracts, which record the correlation between assets on original chains and rTokens, thus of paramount importance. The most fundamental design of Staking Contracts is a multi-signature account on the chain, which may vary among different Staking chain’s contracts or corresponding.
The election of SSVs are independent from that of SVs. Due to a higher security level, special services are designed, including signature, RPC and Oracle service--though during the kick-off phase of Stafi, the the last one may not be needed. Those services also are the approaches to motivate SVVs. The motivation also is independent. That is to say, SSVs can not only obtain their own rewards, but also that of SV’s.
The Relations between rToken and StaFi chain
- The security mechanism of Staking Contract
The private key management of the rToken Staking Contract will be implemented by the SSV validator on the StaFi chain using MPC+ multi-signature, thereby realizing the decentralization and a high-security level of Staking Contract.
- Initial issuance of rToken assets
The initial issuance of each rToken asset will be on the StaFi chain, so a myriad of rTokens will be issued and stored on the StaFi chain. The rToken assets on the StaFi chain will be interoperable with different public chains through the ETH bridge, Polkadot bridge, or Cosmos bridge, circulating in different DeFi ecosystems.