There exist a number of potential risks when staking CFX using liquid staking protocols.
There is an inherent risk that Nucleon could contain a smart contract vulnerability or bug. The Nucleon code is open-sourced, audited and covered by an extensive bug bounty program to minimise this risk.
NUCLEON is built on Conflux and there is no guarantee that Conflux PoS network has been developed error-free. Any vulnerabilities inherent to Conflux PoS network brings with it slashing risk, as well as xCFX fluctuation risk.
Conflux PoS validators risk staking penalties, with up to 100% of staked funds at risk if validators fail. To minimise this risk, NUCLEON stakes across multiple professional and reputable node operators with heterogeneous setups, with additional mitigation in the form of coverage that is paid from NUCLEON fees.
Users risk an exchange price of xCFX which is lower than inherent value due to withdrawal restrictions, making arbitrage and risk-free market-making impossible. The X DAO is driven to mitigate above risks and eliminate them entirely to the extent possible. Despite this, they may still exist and, as such, it is our duty to communicate with them.
xCFX is a type of token which is minted and burned by users completely. Users need to burn the token they owned only to get back the corresponding CFXs. Therefore, in Exchangeroom contract, a function called XCFX_burn() is needed to feed the objective.
After the XCFXupgradeable contract is deployed, Exchangeroom contract will be assigned as the only minter of xCFXs. Then the users can stake CFXs to exchange xCFXs in Exchangeroom. Exchangeroom will mint xCFX tokens for users. In order to withdraw, the users invoke XCFX_burn() function and Exchangeroom will burn xCFX tokens for users. Then users can withdraw their CFXs by calling getback_CFX() function.
In addition, in order to prevent the owner from abusing, we will assign the owner of xCFX token proxy to ZERO address once the contract runs normally. Therefore, no new minters are added to xCFX contract.