> For the complete documentation index, see [llms.txt](https://docs.mstable.org/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.mstable.org/docs/security-and-risks.md). # Security & Risks Audits, safeguards, and risk considerations for the **Stacked Yield** vault. mStable is built on a combination of audited infrastructure and leading DeFi protocols. Audits and safeguards reduce risk, but using DeFi products always carries inherent risks that users should understand. Stacked Yield is built to rotate between supported yield markets, so the specific risks below reflect the current strategy implementation and may shift as the strategy evolves. ### Product audit * [Sherlock Audit, mStable Pendled sUSDe (via dHEDGE)](https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MgKiKW1UaPZfO4BHc_y%2Fuploads%2F4JF9lyLhp5Gf2xREAMMc%2FSherlock%20Audit%20%E2%80%93%20mStable%20Pendled%20sUSDe%20\(via%20dHEDGE\).pdf?alt=media\&token=9510beab-29a2-4c1d-bef4-9911cdd1ff90) * Completed by Sherlock in September 2025. * Scope: integration of Ethena (sUSDe), Pendle PTs, Aave looping, and Chamber infrastructure. * Covers the strategy powering mPT-sUSDe. ### Infrastructure audits Stacked Yield runs on Chamber, which has undergone multiple audits. The same contracts power other products such as Toros Finance and have secured large amounts of TVL while processing billions in trading volume across chains. Chamber was previously known as dHEDGE, so audits and references below using the dHEDGE name cover the same codebase. #### Most relevant audits * [Aave V3 Integration](https://github.com/santipu03/santipu03/blob/main/private-audits/dHEDGE_Aave.md): audited by Santipu (Jan 2025) * [EasySwapper V2](https://github.com/santipu03/santipu03/blob/main/private-audits/dHEDGE_SAW.md): audited by Santipu (Oct 2024) * [Core Contracts](https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MgKiKW1UaPZfO4BHc_y%2Fuploads%2Fns3MnPmX02OJCrva3UJ1%2FdHEDGE%20Sherlock%20Audit%20Report%202024.pdf?alt=media\&token=a49a57c9-477b-4490-81c8-51f884466fe7): audited by Sherlock (June 2024) * [Core Contracts](https://skynet.certik.com/projects/dhedge?auditId=dHEDGE%20V2#code-security): audited by CertiK (Jul 2021) For the full audit history, see the [dHEDGE Audits Timeline](https://docs.dhedge.org/security/audits-timeline). ### Partner protocol audits As Stacked Yield integrates with external protocols, their security is equally important: * [Pendle Audits](https://docs.pendle.finance/Developers/Security) * [Aave Audits](https://docs.aave.com/developers/the-core-protocol/security-and-audits) * [Ethena Audits](https://docs.ethena.fi/security/audits) ### Operational safeguards * **Pause functions:** emergency ability to halt deposits or rollovers. * **Automation via bots:** bots execute predefined strategies for rebalancing and securing Aave capacity. Bots are non-custodial and cannot access user funds. ### Risks These risks reflect the current strategy implementation. They may change as Stacked Yield rotates between supported yield markets. * **Stablecoin risk:** the current strategy is built on Ethena's sUSDe. If sUSDe (or its underlying USDe) diverges significantly from $1, it directly impacts performance and collateral safety. * **sUSDe yield risk:** the yield from sUSDe depends on perp funding markets. If yields compress or funding turns negative, overall returns may fall significantly. * **Smart contract risk:** potential vulnerabilities in mStable, Chamber, or integrated protocols. * **Borrowing risk:** looping increases exposure, amplifying both gains and losses. * **Liquidity risk:** * Aave caps may limit deposits or rollover capacity. * Pendle PT liquidity can thin near expiry, causing slippage during rollovers. * **Oracle risk:** dependence on Aave oracles for pricing and collateral health calculations. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.mstable.org/docs/security-and-risks.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.