Yield Engine

Verification

Multi-stage verification gate for DeFi positions: automated filters (10%+ APY, $1M+ TVL), 523+ exploit database cross-reference, contract verification, APY consistency checks, and exact-amount approvals.

Position lifecycle Default filters Risk checks Exploit database

SDK adapters discover raw positions. Before any position reaches your board, it passes through this multi-stage verification gate.

Position lifecycle

Positions enter as PROVISIONAL and graduate to LOCKED only after passing evidence review. No shortcut path.

DISCOVERED Adapter finds pool auto filters PROVISIONAL Needs human review evidence LOCKED Ready to execute BLOCKED branch: only hacks, scams, or missing contracts — never auto-applied
Positions are never auto-blocked. The system always asks the user before changing status to BLOCKED. Only hacks, scams, or missing contracts trigger a BLOCK recommendation.

Default filters

Non-negotiable filters applied to every scan:

FilterThresholdRationale
Minimum APY>10%Below this, gas costs and risk don't justify the position
Minimum TVL>$1MLow TVL = low liquidity = high slippage risk
Asset typesStables & delta-neutral onlyNo directional bets unless explicitly requested
Board checkRequiredPosition must not duplicate existing board entries

Risk verification

Each position goes through these automated checks:

01
Contract verification
Checks Etherscan for verified source code and confirms ABI matches the expected interface.
02
Exploit history
Cross-references each position against 523+ historical DeFi exploits with loss amounts.
03
TVL stability
No sudden drops indicating a run on the protocol.
04
APY consistency
Flagged if >3σ deviation from historical baseline.
05
Approval scope
Only exact-amount approvals. Never infinite uint256.max.
06
Gas estimation
Real eth_gasPrice query from archive RPC. Never guessed.

Exploit database

523+ documented DeFi hacks with protocol, chain, attack vector, and loss amount. Every position is cross-referenced before reaching your board. The Risk Engine uses this as one of six scoring dimensions.

ProtocolDateLossVectorResolved?
Euler FinanceMar 2023$197MDonation attack on eToken collateralYes — funds returned, contracts redeployed
Curve FinanceJul 2023$73.5MVyper compiler reentrancy bug (v0.2.15–0.3.0)Partial — ~73% recovered via white-hat
Mango MarketsOct 2022$114MOracle price manipulation via thin liquidityNo — attacker convicted, protocol wound down

Unresolved exploit in last 12 months → FLAG. No post-mortem → BLOCK.

Leverage is market risk, not a security issue. Leveraged positions are never auto-blocked — the system shows the APY split (base + reward) and lets the user decide.

Verified positions are ready for execution. The Calldata Pipeline takes them from intent to broadcast-ready transaction.

← Previous
SDK Adapters