search

Security & Audits

hashtag
Audits & Testing

Unstable Protocol shares its core CDP architecture with Lybra V2, a battle-tested system that has undergone multiple audits by Consensysarrow-up-right, Halbornarrow-up-right, and Code4renaarrow-up-right.

Unstable Protocol was audited by KALOS Securityarrow-up-right in May 2024. The audit report can be found herearrow-up-right.

Additionally, Unstable Protocol engaged Alberto Cuesta Cañadaarrow-up-right—co-author of ERC4626 (Tokenized Vaults), ERC3156 (Flash Loans), and ERC7266 (Oracles); former CTO of Yield Protocol; current judge for Code4rena, Cantina and engineer at Optimism —as a consultant. Alberto contributed to both protocol mechanics and the design of our testing framework, which applies the Branching Tree Technique (BTT) to exhaustively map edge cases and protocol invariants.

hashtag
Safety & Risk Management

hashtag
Protocol Safety Features

hashtag
Access Control

  • Multi-tier access control scheme separates critical functions (Owner) from operational functions (Admin), enabling rapid emergency responses while protecting high-impact changes

  • Vault-level pause switches for mint, burn, and redemption

hashtag
Vault & Oracle Safety

  • Supply caps per vault to limit risk exposure

  • Multiple oracle types with ability to update if compromised

  • Toggle between redemption rate and market pricing modes

  • Depeg thresholds to auto-pause minting during market instability

hashtag
Collateral Onboarding Framework

  • Collateral types are classified as stable-denominated, ETH-denominated, and volatile/other-denominated wrappers

  • Stable-denominated wrappers (e.g. scUSD, wstkscUSD): high initial LTVs (up to 97%) with strict peg stability, liquidity, and oracle integrity requirements

  • ETH-denominated wrappers (e.g. scETH): moderate LTVs (e.g. 80%) with risk buffers for slashing, withdrawal delays, and price tracking deviations

  • Volatile/other-denominated wrappers (e.g. stS): conservative LTVs (e.g. 75%) due to higher volatility, complex redemption mechanics, and oracle fragility

  • All assets must meet minimum on-chain liquidity thresholds

  • Initial debt ceilings are capped per asset; borrowing is limited until stability and liquidity are proven over time

  • Timelock delay is enforced for onboarding and parameter changes

  • Parameters are scaled gradually with protocol adoption; risk settings tighten as TVL grows to preserve solvency

PreviousDeployments

Last updated