Expand is an open-source protocol that enables secure, trustless verification of Web2 data within Web3 ecosystems, tailored for AI agents. By integrating Zero-Knowledge Proofs (ZKPs) with Transport Layer Security (TLS), ExpandZK ensures that sensitive data can be authenticated without exposure, bridging Web2 and Web3 seamlessly. It empowers AI agents and decentralized applications (dApps) with privacy-preserving data verification, supporting use cases like decentralized finance (DeFi), digital identity, and beyond.

Key Features

• Privacy-Preserving: Uses ZKPs to validate data integrity without revealing sensitive information.

• Secure Bridging: Facilitates reliable data verification between Web2 and Web3 environments.

• AI-Ready: Designed to provide trustless authentication for AI agents in decentralized systems.

Join our community to contribute to the future of secure, decentralized data verification for AI and Web3 applications.

Introduction

The XZK & vXZK Staking Program is a DeFi protocol designed to incentivize long-term participation in the ExpandZK ecosystem while providing attractive rewards to community members. This program represents a key component of the ExpandZK DAO's governance and tokenomics strategy, offering participants the opportunity to earn rewards while contributing to the protocol's stability and growth.

Program Incentives and Benefits

Reward Structure

• Total Reward Pool: 50 million XZK tokens distributed over 3 years

• Dynamic APR: Variable annual percentage rate based on staking duration and total participation

• Exponential Decay Model: Rewards follow a mathematical model using exponential decay, ensuring fair distribution over time

• Vesting Mechanism: Rewards are calculated based on time staked, encouraging long-term commitment

Check Staking Rewards for more information.

Community Benefits

1. Governance Participation

• Governance token vXZK holders can receive higher rewards, which increases governance token participation

• Direct influence on DAO governance decisions

• Enhanced voice in protocol development and strategic decisions

2. Economic Incentives

• Earn passive income through staking rewards

• Dynamic APR calculated based on current total staked tokens - higher staked tokens result in lower APR, while lower staked tokens result in higher APR

3. Protocol Stability

• Long-term token lockup reduces circulating supply volatility

• Creates a stable foundation for the ExpandZK ecosystem

• Aligns user interests with protocol success

4. Risk Mitigation

• Non-transferable staking tokens prevent speculative trading

• Pause mechanism for emergency situations

• DAO-controlled access for enhanced security

Technical Features

• Reentrancy Protection: Secure against common DeFi attacks

• Access Control: ExpandZK DAO governance integration

• Flexible Staking Periods: Support for various staking durations

• Transparent Reward Calculation: On-chain verifiable reward distribution

The XZK Staking Program serves as a cornerstone of the ExpandZK ecosystem, fostering community engagement while providing sustainable economic incentives for long-term participants.

Source Code

The complete source code for the XZK Staking Program is available on GitHub: https://github.com/expandzk/xzk-staking

Welcome to the XZK Staking Program user guide! This guide will help you understand how to interact with the staking protocol and maximize your rewards. Please refer to each operation's guide below:

• Stake

• Unstake

• Withdraw

Need Help?

If you need assistance or have questions not covered in these guides, please refer to the FAQ section or reach out to the community through official channels.

• Start Date: August 6, 2025 00:00:00 (UTC)

• End Date: August 5, 2028 00:00:00 (UTC)

• Total Duration: 3 years

Stake Description

Users can stake original tokens (XZK/vXZK) into the contract to receive corresponding amounts of staking tokens.

Important Notes

• Minimum Staking Amount: The minimum staking amount is 100 tokens

• Non-Transferable Tokens: The received staking tokens (sXZK-* or svXZK-*) cannot be transferred

• Locking Period: You cannot unstake your tokens before the locking period ends

Stake Steps

1. Specify Token Amount: Enter the amount of tokens you want to stake. The amount should be less than your account token balance. The estimated APR is calculated based on your stake amount.

1. Review Stake Details: Before staking, you can check the following details:

   • Staking Amount: The amount of original tokens (XZK or vXZK) you will stake

   • Stake Time: The time when you make the stake transaction

   • Unlock Time: The time when you can unstake your received staking tokens

   • Receiving Staking Token Amount: The amount of staking tokens you will receive

1. Click Stake: Initiate the staking process

2. Sign Approval Transaction: Sign the token approval transaction in your wallet to authorize the staking contract to use your tokens

1. Wait for Approval Confirmation: Wait for the approval transaction to be confirmed on the blockchain

2. Sign Stake Transaction: Once the approval transaction is confirmed, sign the stake transaction in your wallet

1. Wait for Stake Confirmation: Wait for the stake transaction to be confirmed on the blockchain

2. Complete: You will receive staking tokens in your wallet once the transaction is confirmed, you can check the Stake History to find out the Unstaking Available Time

Unstake Description

Users can unstake after the staking period ends, converting staking tokens back to original tokens (XZK OR vXZK).

Important Notes

• Minimum Unstake Amount: The minimum unstake amount is 1 tokens

• Locking Period: You can only unstake tokens that have passed their locking period

• Withdrawal Delay: After unstaking your tokens, they cannot be withdrawn to your wallet immediately. You must wait 1 day before withdrawal

• Partial Unstaking: You can partially unstake your tokens. The remaining staked tokens will continue earning rewards

• Gas Optimization: If you have staked more than 20 times, you should not unstake all staking amounts at once because it will cost a lot of gas. You can specify smaller amounts for multiple transactions

Unstake Steps

1. Specify Unstake Amount: Enter the amount of staking tokens you want to unstake. The amount must be less than your current available staking token amount.

1. Review Unstake Details: Before unstaking, you can check the following details:

   • Unstaking Token Amount: The amount of staking tokens you will unstake in this transaction

   • Withdrawal Available Time (UTC): The time when you can withdraw your tokens

   • Receiving Token Amount: The amount of original tokens (XZK or vXZK) you will receive after the unstaking period ends
2. Click Unstake: Initiate the unstake process

3. Sign Unstake Transaction: Sign the unstake transaction in your wallet

1. Wait for Unstake Confirmation: Wait for the unstake transaction to be confirmed on the blockchain

2. Complete: When the unstake transaction is complete, you can check the Unstake History to find out the Withdrawal Available Time

Withdraw Description

Users can withdraw original tokens (XZK or vXZK) 1 day after unstaking.

Important Notes

• Locking Period: You can only withdraw tokens that have passed their locking period

• Gas Optimization: If you have unstaked more than 20 times, you should not withdraw all amounts at once because it will cost a lot of gas. You can withdraw up to 20 records in one transaction

Withdraw Steps

1. Withdraw Amount: The default withdraw amount is all available original tokens (XZK or vXZK),This amount is automatically set and cannot be modified

1. Click Withdraw: Initiate the withdraw process

2. Sign Withdraw Transaction: Sign the withdraw transaction in your wallet

1. Wait for Withdraw Confirmation: Wait for the withdraw transaction to be confirmed on the blockchain

2. Complete: When the withdraw transaction is complete, you will receive original tokens (XZK or vXZK) in your wallet. You can check the Withdraw History to confirm the transaction

What is the staking token and how does it work?

The staking token is an ERC20Votes token that represents your staking shares. It cannot be transferred and is used to track your proportional ownership of the staking pool. The token amount you receive is calculated based on the current exchange rate between underlying tokens and staking tokens.

Why is the amount of staking tokens received different from the staked underlying token amount?

The staking token amount is calculated based on current total staked amount and rewards, used to record staking shares. As rewards are released, the exchange ratio between staking tokens and underlying tokens will change.

Can staking tokens be transferred?

No. The transfer function for staking tokens is disabled and only used to record staking shares.

Can I unstake early during the staking period?

No, you must wait for the staking period to end before unstaking.

Why can't I withdraw immediately after unstaking?

The contract sets a 1-day withdraw delay to prevent malicious operations and protect user interests.

How is my reward calculated?

Rewards are calculated through an exponential decay mechanism, with higher rewards in early stages that gradually decrease.

What happens if the contract is paused?

If staking functionality is paused by DAO, you will not be able to perform new staking operations.

Rewards are distributed based on staking share ratio. Longer staking time and larger amounts result in more rewards. Rewards use an exponential decay mechanism with higher rewards in early stages.

The contract uses ReentrancyGuard to prevent reentrancy attacks, SafeERC20 to ensure secure token transfers, AccessControl for permission management, and multiple security mechanisms to protect user assets. Please read for more information.

There are two types of admins:

• Multisig wallet - can pause claims for specific addresses and enable/disable claimToDao feature, but cannot pause entire staking operations or withdraw user tokens;

• - can pause/unpause all staking operations and claim tokens to DAO if the feature is enabled by Multisig wallet.

The two-tier admin system provides security through separation of powers: the multi-sig admin handles operational controls (specific claim pauses, feature toggles) while the DAO handles emergency controls (full system pause, emergency withdrawals). This prevents any single entity from having complete control over user funds.

The DAO can claim tokens from the contract using claimToDao(amount) only if the multi-sig admin has enabled this feature using enableClaimToDao(). This is a safety mechanism that requires both DAO approval and multi-sig admin consent, providing an emergency option for contract upgrades or critical vulnerability responses.

No, admins cannot directly withdraw user tokens.

When pauseStaking() is called by the DAO, all staking, unstaking, and claiming operations are paused. Users cannot stake new tokens, unstake existing positions, or claim rewards until the DAO calls unpauseStaking().

No, the multi-sig admin can only pause claims for specific addresses using pauseClaim(address). They cannot pause the entire staking system - only the DAO has that capability through pauseStaking() and unpauseStaking().

Security Design & Considerations

Overview

The XZK Staking contracts are designed with security as a top priority. This document outlines the key security features, design principles, and considerations that ensure the safety of user funds and the integrity of the staking system.

Core Security Features

1. Immutable Configuration

• Fixed Reward Structure: The total reward amount (50 million tokens) and duration (3 years) are immutable constants

• No Backdoor Parameters: Critical parameters like TOTAL_REWARD, TOTAL_DURATION_SECONDS, and TOTAL_FACTOR are set at deployment and cannot be modified

• Transparent Rewards: The reward calculation uses a deterministic exponential decay function that is publicly verifiable

• ReentrancyGuard: All critical functions (stake, unstake, claim) are protected against reentrancy attacks

• SafeERC20: Uses OpenZeppelin's SafeERC20 library for secure token transfers

Limited Admin Functions

The contract has minimal admin privileges, all of which are time-locked and require DAO governance:

• Pause/Unpause Staking: Can only pause staking operations, cannot affect existing stakes

• Claim to DAO: Limited to withdrawing rewards to the DAO treasury

• No Fund Extraction: Admins cannot directly withdraw user staked tokens

Role-Based Access Control

• ExpandZK Access: Only the official ExpandZK DAO can execute admin functions

• Pause Admin: Separate role for pausing individual user claims (for security incidents)

• No Super Admin: No single address has unlimited control over the contract

Staking Period Enforcement

• Minimum Staking Period: Users must stake for the full duration before unstaking

• Nonce-Based Verification: Unstaking requires proof of staking history through nonce verification

• Claim Delay: 1-day delay between unstaking and claiming to prevent rapid withdrawals

Start Time Protection

• 5-Day Start Delay: Contract cannot start immediately, preventing rushed deployments

• Immutable Start Time: Once set, the start time cannot be changed

Non-Transferable Staking Tokens

• Disabled Transfers: Staking tokens (sXZK) cannot be transferred between addresses

• Vote Token Integration: Staking tokens integrate with governance voting while remaining non-transferable

• Prevents Token Manipulation: Users cannot trade or manipulate staking token balances

Underlying Token Safety

• Standard ERC20: Uses well-audited OpenZeppelin ERC20 implementation

• Safe Transfer Patterns: All token operations use safe transfer methods

• Balance Verification: All operations verify sufficient balances before execution

Reward Calculation

• Deterministic Algorithm: Rewards are calculated using a fixed exponential decay function

• Taylor Series Approximation: Uses mathematically sound approximation for exponential calculations

• Overflow Protection: All calculations use SafeMath patterns (Solidity 0.8.26+)

Exchange Rate Protection

• Share-Based System: Uses a share-based exchange rate that prevents manipulation

• Total Supply Tracking: Accurate tracking of total staking token supply

• Reward Distribution: Fair distribution based on staking duration and amount

Comprehensive Logging

• Staking Records: Complete history of all staking operations with timestamps

• Unstaking Records: Detailed tracking of unstaking operations and claim eligibility

• Event Emissions: All critical operations emit events for off-chain monitoring

Transparent State

• Public Variables: All important state variables are publicly readable

• View Functions: Multiple view functions for users to verify their positions

• APR Calculations: Real-time APR calculations for transparency

• No Emergency Withdraw: No function allows admins to withdraw user funds

• No Parameter Changes: Critical parameters are immutable after deployment

• No Upgrade Mechanism: Contract is not upgradeable, preventing malicious upgrades

• No Inflation: Staking tokens cannot be minted beyond the reward schedule

• No Deflation: Staking tokens cannot be burned except through legitimate unstaking

• Fair Distribution: Rewards are distributed proportionally to staking amounts and duration

• Pause Mechanism: Emergency pause functionality for security incidents

• Individual Claim Pause: Ability to pause specific user claims if needed

• DAO Governance: All admin actions require DAO approval

• OpenZeppelin Standards: Uses battle-tested OpenZeppelin contracts

• Comprehensive Testing: Extensive test coverage for all functions

• Formal Verification: Mathematical functions are formally verified

• Reentrancy: Protected by ReentrancyGuard

• Overflow/Underflow: Protected by Solidity 0.8.26+ built-in checks

• Access Control: Role-based access with minimal privileges

• Impermanent Loss: Not applicable (single token staking)

• Liquidity Risk: Users can unstake after the lock period

• Reward Dilution: Fixed reward schedule prevents dilution

• Oracle Dependencies: No external oracle dependencies

• Upgrade Risks: No upgrade mechanism (immutable contract)

• Governance Risks: Limited to DAO-approved actions only

• Open Source: All code is publicly available and auditable

• Immutable Logic: Core logic cannot be changed after deployment

• Public Events: All operations emit events for transparency

• DAO-Controlled: Only the ExpandZK DAO can perform admin functions

• Time-Locked: All admin actions require DAO governance process

• Limited Scope: Admin functions are limited to pause/unpause operations

• No Fund Access: Admins cannot access user staked tokens

• Fair Rewards: Deterministic reward distribution

• Clear Terms: Staking period and conditions are transparent

The are designed with security as the foundation. The combination of immutable parameters, limited admin privileges, comprehensive access controls, and mathematical soundness provides users with confidence that their funds are safe and the system operates fairly. The contract architecture prioritizes user protection while maintaining the flexibility needed for legitimate operational requirements.

All security measures are implemented using industry-standard practices and battle-tested libraries, ensuring the highest level of protection for user funds and system integrity.