# Security & Risks

mStable is built on a combination of audited infrastructure and leading DeFi protocols. While audits and safeguards reduce risk, using DeFi products always carries inherent risks that users should understand.

***

### Product Audit

* [Sherlock Audit – mStable Pendled sUSDe (via dHEDGE)](https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MgKiKW1UaPZfO4BHc_y%2Fuploads%2F4JF9lyLhp5Gf2xREAMMc%2FSherlock%20Audit%20%E2%80%93%20mStable%20Pendled%20sUSDe%20\(via%20dHEDGE\).pdf?alt=media\&token=9510beab-29a2-4c1d-bef4-9911cdd1ff90)
  * Completed by **Sherlock** in September 2025.
  * Scope: integration of **Ethena (sUSDe), Pendle PTs, Aave looping, and dHEDGE infrastructure**.
  * Covers the strategy powering **mStable Pendled sUSDe (mPT-USDe)**.

***

### Infrastructure Audits

mStable tokens are built on **dHEDGE smart contracts**, which have undergone multiple audits. These contracts also support other products (e.g. **Toros Finance**) and have secured large amounts of TVL while processing billions in trading volume across chains.

#### Most relevant audits

* [**Aave V3 Integration**](https://github.com/santipu03/santipu03/blob/main/private-audits/dHEDGE_Aave.md) — audited by Santipu (Jan 2025)
* [**EasySwapper V2**](https://github.com/santipu03/santipu03/blob/main/private-audits/dHEDGE_SAW.md) — audited by Santipu (Oct 2024)
* [**Core Contracts**](https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MgKiKW1UaPZfO4BHc_y%2Fuploads%2Fns3MnPmX02OJCrva3UJ1%2FdHEDGE%20Sherlock%20Audit%20Report%202024.pdf?alt=media\&token=a49a57c9-477b-4490-81c8-51f884466fe7) — audited by Sherlock (June 2024)
* [**Core Contracts**](https://skynet.certik.com/projects/dhedge?auditId=dHEDGE%20V2#code-security) — audited by CertiK (Jul 2021)

For the full audit history, see the [dHEDGE Audits Timeline](https://docs.dhedge.org/security/audits-timeline?utm_source=chatgpt.com).

***

### Partner Protocol Audits

As mStable integrates with external protocols, their security is equally important:

* [Pendle Audits](https://docs.pendle.finance/Developers/Security)
* [Aave Audits](https://docs.aave.com/developers/the-core-protocol/security-and-audits)
* [Ethena Audits](https://docs.ethena.fi/security/audits)

***

### Operational Safeguards

* **Pause functions:** emergency ability to halt deposits or rollovers.
* **Automation via bots:** bots execute predefined strategies for rollovers, rebalancing, and securing Aave capacity. Bots are non-custodial and cannot access user funds.

***

### Risks

* **Stablecoin risk:** The strategy is built on Ethena’s sUSDe. If sUSDe (or its underlying USDe) diverges significantly from $1, it directly impacts performance and collateral safety.
* **sUSDe yield risk:** The yield from sUSDe depends on perp funding markets. If yields compress or funding turns negative, overall returns may fall significantly.
* **Smart contract risk:** Potential vulnerabilities in mStable, dHEDGE, or integrated protocols.
* **Borrowing risk:** Looping increases exposure, amplifying both gains and losses.
* **Liquidity risk:**
  * **Aave caps** may limit deposits or rollover capacity.
  * **Pendle PT liquidity** can thin near expiry, causing slippage during rollovers.
* **Oracle risk:** Dependence on Aave oracles for pricing and collateral health calculations.

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.mstable.org/security-and-risks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.