BendDAO Protocol Overview

NFT owners can bring their blue-chip NFTs to the protocol and receive up to 60% of their ETH floor price as instant liquidity. This feature provides sellers with immediate access to liquidity. The NFT is brought as collateral, and debt is created against its value. In the future, the buyer can close the debt and receive the underlying NFT.

The buyer can pay at least 40% of the NFT’s value and become a borrower (having borrowed the NFT and having a debt against it). The remaining 60% is paid through an Aave flash loan and repaid through an instant NFT-backed loan on BendDAO. As a result, the buyer owes 60% of the NFT floor price to BendDAO. The buyer must repay that amount to receive the underlying NFT. Anyone can purchase different NFTs on supported marketplaces, such as the BendDAO marketplace itself, OpenSea, LooksRare, or X2Y2.

BendDAO introduced a 24-hour repayment window for loans. During that time, the borrower can repay their outstanding debt without any losses. This feature prevents users from suffering any losses due to market fluctuations.

When a user deposits an NFT into the BendDAO pool, they receive a wrapped version of that NFT called a bound NFT (bNFT). During borrowing against the original NFT, the bNFT is minted, and during loan repayment, it is burned. The bNFT has the same metadata and tokenId as the original NFT. It is non-transferable and non-approvable to prevent owners from hacking. The bNFT gives access to airdrops, claimable and mintable assets.

Users can develop their own smart contracts to receive their originally deposited NFTs to claim airdrops or participate in third-party project activities. It is similar to an Aave-like flash loan that should be returned in the same transaction. All claims and interactions can be performed between receiving and giving back the original NFT.

ETH depositors can earn APR on their deposited ETH to the BendDAO pool, and rewards are paid in BEND tokens. Those ETH are used to give access to instant liquidity for NFT depositors.

The veBEND token is used to vote for listing different NFT projects on the BendDAO protocol. VeBEND is a vote-escrowed BEND token, and users can lock their BEND tokens for a maximum period of four years. veBEND holders also collect income from NFT-backed loans and down payments.

The BendDAO protocol uses Aave best practices to provide NFT lending and borrowing. The LendPool contract is the main entry point for users, allowing them to interact with the protocol by performing depositing, withdrawing, borrowing and repaying, auctioning, and liquidating positions.

The LendPoolAddressesProvider and LendPoolAddressesProviderRegistry contracts are used to store information about different markets, corresponding assets, and price oracles in an Aave-like fashion.

The BToken is similar to the Aave AToken - an interest-bearing token that users receive when they deposit ERC20 tokens to the BendDAO.

All active loans are stored and tracked by the LendPoolLoan contract. Every call to LendPool is followed by that contract after necessary validations. It updates the loan state or creates one if needed.

The NFTOracle contract provides data about listed NFT collections’ floor prices. These prices are pushed to that contract by an EOA with admin permission.

The ReserveOracle contract utilizes ChainLink price feeds to get prices for different reserves. These prices are used during NFT collateral calculation.

A seller or borrower can list their NFT by calling borrow function on LendPool contract. User should specify an asset and a desired amount to be borrowed. validateBorrow function inside ValidationLogic library then checks loan health factor according to current LTV for that particular NFT collection.

The BorrowLogic library uses the _borrow function to check if a loan already existed for the specified NFT id. If a loan is being created, the NFT is transferred from the user to the BendDAO protocol. In return, the user receives their borrowed funds and the bNFT token, which is minted by the LendPoolLoan contract inside the createLoan function.

A seller or borrower can list their NFT by calling borrow function on LendPool contract. User should specify an asset and a desired amount to be borrowed. validateBorrow function inside ValidationLogic library then checks loan health factor according to current LTV for that particular NFT collection.

In return user receives their borrowed funds and boundNFT token which is minted by LendPoolLoan contract inside createLoan function.
If a loan already existed, it is just updated, and the user receives only the borrowed funds.

The logic for NFT Down Payment is not a part of the BendDAO protocol. However, it is still represented as a set of contracts that includes the main logic for purchasing NFTs and different adapters for various marketplaces.

The Downpayment contract has a main function - buy, a payable function that accepts ether to perform a purchase and triggers an Aave flash loan. One of the previously mentioned adapters accepts that flash loan, purchases the targeted NFT, borrows ETH from the BendDAO pool against the purchased NFT, and repays the Aave flash loan. All main actions are performed inside the executeOperation function of BaseAdapter contract, from which all particular adapters inherit logic.

If someone’s position becomes unhealthy, then it becomes the target for starting an auction on that position. Such an auction acts as protection from the instant liquidation process.

The auction can be started when the position health factor is below 1. After the auction is started, borrowers have time to repay their loan but with a fine paid to the first auction bidder.

Bound NFTs are ERC721 tokens with enhanced functionality - all transfer functions are overridden, and they revert on any call, making bound NFTs non-transferable. Bound NFTs are implemented via the BNFT contract. There are two main functions - mint and burn. Minting accepts actual NFTs from the user and returns bound NFTs with restricted transfers. Bound NFTs have the same metadata and tokenURI as the original NFTs - for example, the tokenURI function proxies call to the underlying NFT.

There is an important flashLoan function that helps to implement Flash Claim logic. It allows users to use the underlying NFT in one transaction to claim an airdrop or participate in an original NFT project. That function transfers the original NFT to a caller, allows the receiver to perform executeOpeartion on their side, and succeeds if it was able to transfer back the original NFT.

The BendDAO team runs the NFT price oracle. Initially, price data is fetched from different marketplaces and aggregated via an off-chain node. It is not disclosed when those prices are being fetched, but those nodes push price data to an NFTOracle contract, which collects TWAP prices for all supported assets.

There is also a maxPriceDeviation parameter, which determines if the price is correct. It is used to compare the current price with a previous observation. If the difference between those prices is bigger than that parameter, the price is considered invalid.
The node pushes the price data via the setAssetData function, which is restricted to calls only by the contract admin.

There is a risk of an off-chain service providing incorrect data or not working. The BendDAO team claims that they operate multiple nodes and push prices as frequently as the current volatility on an asset arises. We can assume that this logic applies well, but we cannot be 100% sure that it works as described, especially during high volatility.

Also, the validity check on the price can lead to missing price changes when the floor price grows/drops too fast.

The NFT market still needs to be more mature/liquid than other assets in DeFi. Governors decide which NFT asset should be listed as acceptable collateral. Despite having a high entry level for NFT collections, it is still possible that any collateral asset could suddenly drop in price significantly so that no one would be interested in participating in the auction/liquidation process to buy back that collateral. As a result, the BendDAO protocol could become insolvent, having an outstanding debt to ETH depositors.

Coordinating a floor price manipulation on a specific collateral asset is possible to force someone’s position to become unhealthy. This is much more possible than traditional DeFi assets due to lower NFT liquidity.

It is important to have a trusted protocol owner who can pause the lending pool, access the NFT floor price oracle, and bound NFTs. BendDAO introduces a 7-day timelock for any changes and a 3/5 multi-signature wallet. An emergency pause can be performed without a timelock, but multiple signatures are still necessary.

There is an airdrop claiming functionality in the Bound NFT implementation. It is used to claim all distributed rewards to original NFTs without using flash claim functionality. It is possible to re-enter a function like claimERC20Airdrop or claimERC721Airdrop. Such functions have a nonReentrant modifier to prevent a reentrancy attack to have the ability to claim one airdrop multiple times.

Price data is pushed to the NFT Oracle via an EOA account, which triggers a transaction. BendDAO documentation says that prices are fetched and pushed according to market volatility. Theoretically, it is possible to guess the fetching price strategy and manipulate prices on needed marketplaces to force the EOA to push prices more frequently so that it spends its funds on unnecessary updates. That action can lead to DoS and outdated NFT floor prices on the BendDAO protocol.