How Does Meta Pool ETH Work?

Liquid Staking|Risk C|6 mechanisms|5 interactions

Meta Pool ETH lets you stake ETH and receive mpETH, a liquid token that earns staking rewards while remaining usable in DeFi. With about $21M staked, it is a smaller liquid staking provider on Ethereum. The protocol received a C risk grade largely due to a major smart contract exploit in June 2025 where $27M in unauthorized tokens were minted, raising serious questions about code quality even though most funds were recovered.

TVL

$24M

Sector

Liquid Staking

Risk Grade

C

Value Grade

D+

Core Mechanisms

3.4.2

mpETH reward-bearing LST implemented as ERC-4626 vault share, accruing staking rewards via exchange rate appreciation

Standard reward-bearing LST pattern. Share price increases as staking rewards accumulate. ERC-4626 standard enables composability.

3.3.2

Validator operations pooled through SSV Network distributed validator technology for fault tolerance

Meta Pool delegates staked ETH to SSV Network operators rather than running its own validators, adding a layer of infrastructure dependency.

2.1.2

Fast-unstake fee starting at 0.25% for immediate mpETH-to-ETH redemption; delayed unstake (7-14 days) is free

Dual unstaking mechanism with fee/speed tradeoff. Fee-based fast unstake draws from liquidity pool.

5.1.3

Novel

mpDAO vote-escrow governance with 30-day (0.5x) to 300-day (5x) lock multiplier for voting power

Variable lock period with configurable multiplier is a mild novelty signal. Formula: locked_amount * unlocked_days / 60.

2.2.4

Staking rewards split between mpETH holders (via exchange rate) and protocol fee retained by DAO treasury

Standard fee-split model where protocol takes a commission on staking yield and remainder accrues to LST holders.

6.4.1

mpETH exchange rate derived from ERC-4626 share price calculation based on total assets and total shares

Internal exchange rate oracle based on contract accounting. External price feeds may be used by DeFi integrations.

How the Pieces Interact

Reward-bearing LST (3.4.2)Fast-unstake fee model (2.1.2)Medium

During high redemption periods, fast-unstake liquidity pool could deplete, forcing users to delayed unstake. This creates a two-tier exit where informed users drain fast-unstake pool first, leaving others locked for 7-14 days.

Pooled delegation via SSV (3.3.2)Reward-bearing LST (3.4.2)Medium

SSV operator underperformance or downtime reduces staking rewards, slowing mpETH exchange rate growth. Users may not notice degraded yield if SSV issues are not transparently reported.

ERC-4626 share price oracle (6.4.1)Fast-unstake fee model (2.1.2)High

The June 2025 exploit demonstrated that ERC-4626 mint function vulnerabilities can create mpETH without corresponding ETH deposits, directly compromising the share price used for redemptions.

mpDAO vote-escrow governance (5.1.3)Reward-bearing LST (3.4.2)High

Governance decisions about protocol fee splits, operator selection, and contract upgrades directly affect mpETH holder returns. Long lock periods in governance may delay critical security responses.

Revenue split model (2.2.4)mpDAO vote-escrow governance (5.1.3)Medium

Governance participants with locked mpDAO tokens may vote to increase protocol fee take at the expense of mpETH staker yield, creating misalignment between governance token holders and LST depositors.

What Could Go Wrong

  1. Major smart contract exploit in June 2025 allowed unauthorized minting of $27M in mpETH tokens, indicating critical code quality issues in the ERC-4626 implementation
  2. Single oracle dependency for mpETH exchange rate pricing without documented fallback mechanism increases depeg risk during market stress
  3. Relatively low liquidity for mpETH limits fast-unstake capacity and could amplify price impact during high-redemption periods
  4. Validator operations delegated to SSV Network operators introduce dependency on third-party infrastructure availability and performance

Smart Contract Exploit Leading to mpETH Depeg

Elevated

Trigger: A new vulnerability in the mpETH ERC-4626 contract is exploited, allowing unauthorized minting or draining of underlying ETH deposits

  1. 1.Attacker exploits smart contract vulnerability to mint unbacked mpETH or drain deposited ETH mpETH exchange rate breaks from fair value, creating immediate depeg on secondary markets
  2. 2.Informed holders rush to fast-unstake pool to redeem mpETH at protocol rate before pool drains Fast-unstake liquidity pool depletes within minutes, leaving remaining holders unable to exit quickly
  3. 3.Remaining holders submit delayed unstake requests, creating 7-14 day queue Secondary market mpETH price drops significantly below peg as sellers cannot wait for delayed redemption
  4. 4.DeFi protocols using mpETH as collateral liquidate positions at discounted prices Cascading liquidations amplify selling pressure and realize losses for leveraged mpETH positions
  5. 5.Protocol pauses contracts to prevent further damage and begins incident response All remaining stakers locked out of redemptions until contract is remediated and unpaused
See all 2 collapse scenarios in the full risk report →

Risk Profile at a Glance

Mechanism Novelty3/15
Interaction Severity6/20
Oracle Surface5/10
Documentation Gaps4/10
Track Record15/15
Scale Exposure3/10
Regulatory Risk3/10
Vitality Risk6/10
C

Overall: C (45/100)

Lower score = safer

More on Meta Pool ETH

Is Meta Pool ETH Safe?

Safety analysis

Is Meta Pool ETH a Good Investment?

Value analysis

Full Risk Report

All mechanisms & interactions

Related Liquid Staking Explainers

How Does Bedrock Work?C-How Does Renzo Work?CHow Does Crypto.com Liquid Staking Work?CHow Does Lolik Liquid Staking Work?CHow Does Dinero Work?C