Self-custody on rhino.fi
rhino.fi is a self-custodial DeFi platform. This means that the funds you see and hold on the platform remain completely under your control, always.
Your funds cannot be moved or sold without your permission, and you can always recover your funds even if, for some reason, our website were to stop operating.
This provides a level of security and transparency that wouldn’t be possible on a centralised cryptocurrency exchange.
Core design
The platform has been built in collaboration with StarkWare, our Layer 2 scalability partner, and has been designed with several novel and important cryptographic technologies, including zero-knowledge proofs. It is heavily reviewed by top security audit firms.
Wallet connection
When users first onboard to rhino.fi, they choose their wallet and connect their existing one. As in any DeFi application, this wallet enables users to control their funds and give permission to trade, invest, or bridge.
Users are then asked to complete several steps, and make a deposit.
The deposit step is different from a deposit into a centralised exchange, as it moves users’ funds into the rhino.fi ‘smart wallets’.
These smart wallets are what enable rhino.fi to provide an improved, consistent user experience across the entire platform and all the chains and L2s that we support.
How do smart wallets work?
The rhino.fi smart wallets are the core logic that powers the platform. These hold users’ funds, and allow us to provide the same quality of UX no matter which chain or L2 users are active on.
These smart wallets can be thought of as ‘upgrading’ users’ existing MetaMask wallet (or whichever wallet they normally use).
Users still control their funds, using signatures from the wallet they normally use, but they now have several additional capabilities including:
No more token approvals.
Lower fees on transfers and trades.
Instant bridge access.
Easy one-click access to yield opportunities.
Pay fees in any currency instead of the native fee of the chain.
EVM Chains
rhino.fi’s smart wallets on EVM chains are relatively simple, and can be viewed here. They contain the following primary functionality:
Track user balances
Swap funds via DEX aggregators
Send funds to other addresses
Invest funds into yield opportunities
Conduct emergency withdrawals out of the smart wallet.
StarkEx
In addition to the EVM smart wallets, rhino.fi also maintains a smart wallet built on StarkEx. More details about StarkEx and StarkWare can be found here.
rhino.fi runs a standalone StarkEx instance, which is actually a fully fledged, customised Ethereum L2 rollup. This gives a huge amount of flexibility over what can be accomplished, and the user experience that can be enabled.
However at its core, just like the EVM smart wallet, the rollup enables the following functionality:
Track user balances.
Trade funds on Ethereum with significantly lower gas costs than Ethereum L1.
Send funds to other addresses.
Invest funds into yield opportunities.
Perform emergency withdrawals out of the rollup.
One point of difference with the StarkEx wallet is that it operates using a different public-private key pairing than Ethereum and the EVM. This means that a second key, which we call the ‘Trading Key’, must be generated and stored securely.
Transactions on StarkEx are signed using this key instead of your regular (for example MetaMask) wallet keys. The trading key is encrypted and backed up, and can be recovered if lost by signing with your Ethereum wallet key.
Meta Transactions and Gas Abstraction
One of the upgrades enabled by the rhino.fi smart wallets is to abstract away transaction broadcasting from users.
When using the platform, users only need to sign transactions off-chain, which carries no cost, and send that signature to rhino.fi. We then take care of broadcasting the transaction quickly and safely, and pay the blockchain fee on the user’s behalf.
This has the following advantages:
Quick, hassle-free broadcasting (no need to replace or increase gas price).
No need to hold funds in native tokens such as ETH, BNB or MATIC to pay gas.
User pays no fees if the transaction fails (for example due to prices changing).
You can learn more about meta transactions here.
Security & Upgrades
Security is essential to rhino.fi’s self-custody. Therefore all our contracts are heavily audited, and have bug bounty programmes.
One of the most essential factors in security is the process of upgrading the smart wallets. Balancing self-custody and upgradeability is a difficult task. We want to make sure we are able to keep improving and adding new functionality to rhino.fi without compromising the safety and self-custody of your funds. We therefore use Timelock contracts in order to enact upgrades.
This is how the process works:
When we want to do an upgrade we have to propose it to the Timelock contract.
This starts a 7-14 day countdown (depending on the chain).
During these 7-14 days, members of the community can monitor the upgrade and check that it is safe and audited, and that the upgrade code matches what is expected.
If for some reason the code were found to be unsafe, any community members could raise the alarm, allowing users to withdraw before the upgrade completed.
Once the countdown completes, the smart wallets upgrade, adding new functionality.
Emergency Withdrawals
The final security measure to ensure complete self-custody on rhino.fi is the emergency withdrawal process.
In order to facilitate better user experience on the platform, withdrawals are broadcast under normal circumstances as meta transactions. This means that it would be theoretically possible for users to be blocked from withdrawing funds from the smart wallets if the rhino.fi website were to be turned off or taken down.
Emergency withdrawals ensure that, even if the website stopped existing, users can always recover their funds safely and quickly. This mechanism allows you to go directly to the underlying smart contracts and force a withdrawal of your own funds at any time.
If you would like to discuss our approach to self-custody, or any other aspect of rhino.fi’s technology in more detail, please contact us via Twitter or Discord.
Your funds cannot be moved or sold without your permission, and you can always recover your funds even if, for some reason, our website were to stop operating.
This provides a level of security and transparency that wouldn’t be possible on a centralised cryptocurrency exchange.
Core design
The platform has been built in collaboration with StarkWare, our Layer 2 scalability partner, and has been designed with several novel and important cryptographic technologies, including zero-knowledge proofs. It is heavily reviewed by top security audit firms.
Wallet connection
When users first onboard to rhino.fi, they choose their wallet and connect their existing one. As in any DeFi application, this wallet enables users to control their funds and give permission to trade, invest, or bridge.
Users are then asked to complete several steps, and make a deposit.
The deposit step is different from a deposit into a centralised exchange, as it moves users’ funds into the rhino.fi ‘smart wallets’.
These smart wallets are what enable rhino.fi to provide an improved, consistent user experience across the entire platform and all the chains and L2s that we support.
How do smart wallets work?
The rhino.fi smart wallets are the core logic that powers the platform. These hold users’ funds, and allow us to provide the same quality of UX no matter which chain or L2 users are active on.
These smart wallets can be thought of as ‘upgrading’ users’ existing MetaMask wallet (or whichever wallet they normally use).
Users still control their funds, using signatures from the wallet they normally use, but they now have several additional capabilities including:
No more token approvals.
Lower fees on transfers and trades.
Instant bridge access.
Easy one-click access to yield opportunities.
Pay fees in any currency instead of the native fee of the chain.
EVM Chains
rhino.fi’s smart wallets on EVM chains are relatively simple, and can be viewed here. They contain the following primary functionality:
Track user balances
Swap funds via DEX aggregators
Send funds to other addresses
Invest funds into yield opportunities
Conduct emergency withdrawals out of the smart wallet.
StarkEx
In addition to the EVM smart wallets, rhino.fi also maintains a smart wallet built on StarkEx. More details about StarkEx and StarkWare can be found here.
rhino.fi runs a standalone StarkEx instance, which is actually a fully fledged, customised Ethereum L2 rollup. This gives a huge amount of flexibility over what can be accomplished, and the user experience that can be enabled.
However at its core, just like the EVM smart wallet, the rollup enables the following functionality:
Track user balances.
Trade funds on Ethereum with significantly lower gas costs than Ethereum L1.
Send funds to other addresses.
Invest funds into yield opportunities.
Perform emergency withdrawals out of the rollup.
One point of difference with the StarkEx wallet is that it operates using a different public-private key pairing than Ethereum and the EVM. This means that a second key, which we call the ‘Trading Key’, must be generated and stored securely.
Transactions on StarkEx are signed using this key instead of your regular (for example MetaMask) wallet keys. The trading key is encrypted and backed up, and can be recovered if lost by signing with your Ethereum wallet key.
Meta Transactions and Gas Abstraction
One of the upgrades enabled by the rhino.fi smart wallets is to abstract away transaction broadcasting from users.
When using the platform, users only need to sign transactions off-chain, which carries no cost, and send that signature to rhino.fi. We then take care of broadcasting the transaction quickly and safely, and pay the blockchain fee on the user’s behalf.
This has the following advantages:
Quick, hassle-free broadcasting (no need to replace or increase gas price).
No need to hold funds in native tokens such as ETH, BNB or MATIC to pay gas.
User pays no fees if the transaction fails (for example due to prices changing).
You can learn more about meta transactions here.
Security & Upgrades
Security is essential to rhino.fi’s self-custody. Therefore all our contracts are heavily audited, and have bug bounty programmes.
One of the most essential factors in security is the process of upgrading the smart wallets. Balancing self-custody and upgradeability is a difficult task. We want to make sure we are able to keep improving and adding new functionality to rhino.fi without compromising the safety and self-custody of your funds. We therefore use Timelock contracts in order to enact upgrades.
This is how the process works:
When we want to do an upgrade we have to propose it to the Timelock contract.
This starts a 7-14 day countdown (depending on the chain).
During these 7-14 days, members of the community can monitor the upgrade and check that it is safe and audited, and that the upgrade code matches what is expected.
If for some reason the code were found to be unsafe, any community members could raise the alarm, allowing users to withdraw before the upgrade completed.
Once the countdown completes, the smart wallets upgrade, adding new functionality.
Emergency Withdrawals
The final security measure to ensure complete self-custody on rhino.fi is the emergency withdrawal process.
In order to facilitate better user experience on the platform, withdrawals are broadcast under normal circumstances as meta transactions. This means that it would be theoretically possible for users to be blocked from withdrawing funds from the smart wallets if the rhino.fi website were to be turned off or taken down.
Emergency withdrawals ensure that, even if the website stopped existing, users can always recover their funds safely and quickly. This mechanism allows you to go directly to the underlying smart contracts and force a withdrawal of your own funds at any time.
If you would like to discuss our approach to self-custody, or any other aspect of rhino.fi’s technology in more detail, please contact us via Twitter or Discord.
Updated on: 30/05/2023
Thank you!