← All Reports

Yearn — yvWETH-1

1.5
yvWETH-1 (WETH-1 yVault) / Ethereum / May 11, 2026
View full report on GitHub →

Score Breakdown

CategoryWeightScore
Audits & Historical20%1.50
Centralization & Control30%1.50
Funds Management30%1.25
Liquidity Risk15%1.50
Operational Risk5%1.00
Final Score1.5 / 5.0
20%30%30%15%
Minimal Risk

Overview

yvWETH-1 is a WETH-denominated Yearn V3 vault (ERC-4626) that deploys deposited WETH into yield strategies on Ethereum mainnet. At the May 11 snapshot the vault is ~100% deployed across three funded strategies (with ~1 WETH of idle): Morpho Gauntlet WETH Prime Compounder (~71%), stETH Accumulator (~25%), and Spark WETH Lender (~4%). Two previously-queued strategies — Aave V3 Lido WETH and Aave V3 WETH — remain revoked (activation = 0 on both at block 25073237; they were revoked between the April 27 and May 5 snapshots).

The April-27 snapshot captured the vault mid-deallocation following the April 18, 2026 rsETH (KelpDAO) bridge exploit on the LayerZero OFT bridge layer (see the hgETH reassessment report for verified on-chain facts about that event). Per the Yearn team that deallocation was precautionary — funds were pulled from previously-funded Aave / Morpho strategies because some underlying lending markets could indirectly hold rsETH as collateral. None of the funded strategies on yvWETH-1 reference rsETH directly. Between May 5 and May 11, vault TVL fell from 5,462.15 WETH to 5,333.06 WETH (-2.36%) and the mix shifted toward the stETH Accumulator: the Accumulator's current_debt grew from 1,166.19 → 1,316.44 WETH while Morpho Gauntlet shrank 4,033.64 → 3,800.46 WETH and Spark shrank 262.32 → 215.17 WETH. Neither Aave V3 strategy was re-funded. The team's causal attribution for the original revocations has not been independently verified, but the rsETH event itself is well documented.

Key architecture:

  • Vault: Standard Yearn V3 vault (v3.0.2) accepting WETH deposits, issuing yvWETH-1 shares. Deployed as an immutable Vyper minimal proxy (EIP-1167) via the v3.0.2 Yearn V3 Vault Factory (0x444045c5C13C246e117eD36437303cac8E250aB0)
  • Funded strategies (3 in default queue, all with debt):
  • Withdrawal mechanics: Morpho and Spark unwind atomically against deep underlying lending markets. The stETH Accumulator does not auto-unwind on user withdrawalavailableWithdrawLimit() returns only the strategy's loose WETH balance. Larger redemptions touching the Accumulator portion are management-paced (manual unwind via Curve or the Lido withdrawal queue)
  • Governance: Standard Yearn V3 Role Manager (0xb3bd6B2E61753C311EFbCF0111f75D29706D9a41) governed by the Yearn 6-of-9 ySafe with 7-day TimelockController for strategy additions

Key metrics (May 11, 2026, snapshot at block 25073237, timestamp 1778519075 = 17:04:35 UTC):

  • TVL: 5,333.06 WETH (~$12.41M at ETH/USD = $2,326.70, Chainlink ETH/USD feed)
  • Total Supply: 5,090.77 yvWETH-1
  • Price Per Share: 1.047594 WETH/yvWETH-1 (~4.76% cumulative appreciation over ~26 months, ~2.2% annualized)
  • Total Debt: 5,332.07 WETH (~99.98% deployed)
  • Total Idle: 0.9928 WETH
  • Deposit Limit: 15,000 WETH
  • Profit Max Unlock Time: 10 days
  • Fees: 0% management fee, 10% performance fee

Snapshot drift since the prior May-5 snapshot (block 25031569, 6 days earlier): vault TVL fell ~129.09 WETH (-2.36%). Allocation also shifted notably toward the manual-unwind venue: stETH Accumulator grew from 1,166.19 → 1,316.44 WETH (+150.25 WETH absolute; allocation share 21.35% → 24.68%), while Morpho Gauntlet shrank 4,033.64 → 3,800.46 WETH (-233.18 WETH; 73.85% → 71.26%) and Spark shrank 262.32 → 215.17 WETH (-47.15 WETH; 4.80% → 4.03%). The stETH Accumulator's last_report is unchanged (May 1, 1777645139), so the absolute increase in its current_debt came from update_debt(...) reallocation calls — Brain / Debt Allocator deliberately moved ~150 WETH into the Accumulator between snapshots.

Lido withdrawal #121758 status: Lido withdrawal request #121758 (the 1,000-stETH in-flight request flagged in the April 27 snapshot) remains finalized AND claimed at block 25073237 (getWithdrawalStatus([121758]) = (1000 stETH, 811.44 shares, owner = stETH strategy, ts = 1776716615, isFinalized = true, isClaimed = true)). At the snapshot the strategy's pendingRedemptions = 0, so the accounting-lag mechanism described in the prior snapshot remains dormant. estimatedTotalAssets() = 1,317.61 WETH matches current_debt = 1,316.44 WETH to within profit-unlock noise.

Links:

Risk Summary

Key Strengths

  • Battle-tested Yearn V3 infrastructure: V3 framework audited by 3 top firms, ~24 months of clean V3 production. Immutable vault contract eliminates proxy upgrade risk
  • Top-tier underlying mix: Morpho/Gauntlet ($6.6B+ TVL), Lido stETH (largest LST $20B+ TVL), and Spark Lend — each is among the highest-quality WETH venues in DeFi
  • Standard Yearn governance: Yearn V3 Role Manager + 6-of-9 ySafe (named DeFi signers) + 7-day self-governed timelock
  • Bulk of TVL atomic-unwind: ~75% in Morpho + Spark unwinds atomically against deep blue-chip lending markets
  • Conservative LST integration: the stETH Accumulator's design (no auto-unwind, pendingRedemptions blocks reporting, peg buffer) deliberately avoids forced-sale of stETH at a discount during peg events
  • Lido withdrawal #121758 cleared: the in-flight withdrawal flagged in the April 27 snapshot is finalized and claimed; accounting-lag mechanism is dormant at this snapshot
  • Yearn Treasury funds: Treasury has deposited ~1,600 ETH into the vault which won't be withdrawn until the yETH recovery is repaid. This allows vault to allocate more funds into Lido stETH and keep vault funds liquid.
  • Active monitoring via Yearn's monitoring-scripts repo
  • No leverage. No cross-chain.

Key Risks

  • Single-venue concentration in Morpho (~71%): the redeployed mix puts roughly seven-tenths of TVL behind one venue (Morpho Gauntlet WETH Prime). Morpho is top-tier, but the concentration in Gauntlet is potentially problematic
  • stETH peg risk under stress: Curve ETH/stETH peg has been stable post-Shapella but historical depeg events have happened (e.g. June 2022 ~5% discount). During stress, manual unwind via Curve would realize that discount on the ~25% Accumulator share
  • Lido queue extension under stress: normal 1–7 days can extend significantly during large coordinated unstake events
  • Two strategies revoked: Aave V3 Lido WETH and Aave V3 WETH — both blue-chip — were revoked entirely between April 27 and May 5. Per Yearn team this followed the rsETH bridge exploit (unverified attribution); the rationale for these specific revocations is not independently verifiable on-chain
  • Brain-dependent operational tempo: the manual-unwind layer on ~25% of TVL keeps yvWETH-1 more operationally dependent on Brain than the all-stable vaults

Critical Risks

  • None identified. The dominant systemic risk would be either (a) a Morpho/Gauntlet WETH Prime market failure given the ~71% concentration, or (b) a Lido stETH integrity failure on the ~25% Accumulator portion. All gates pass.
Full Report

Contract Addresses

Core yvWETH-1 Contracts

Contract Address Type
yvWETH-1 Vault 0xc56413869c6CDf96496f2b1eF801fEDBdFA7dDB0 Yearn V3 Vault (v3.0.2), Vyper minimal proxy
Underlying asset (WETH) 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2 Wrapped Ether
Accountant 0x5A74Cb32D36f2f517DB6f7b0A0591e09b22cDE69 Shared Yearn Accountant (0% mgmt, 10% perf)
Fee Recipient (Dumper) 0x590Dd9399bB53f1085097399C3265C7137c1C4Cf Claims fees and routes to auctions/splitters

Governance Contracts (shared with all Yearn V3 risk-1 vaults)

Contract Address Configuration
Yearn V3 Role Manager 0xb3bd6B2E61753C311EFbCF0111f75D29706D9a41 Single instance for all category-1 vaults
Daddy / ySafe (Governance) 0xFEB4acf3df3cDEA7399794D0869ef76A6EfAff52 6-of-9 Gnosis Safe — holds 12 of 14 vault roles
Brain (Operations) 0x16388463d60FFE0661Cf7F1f31a7D658aC790ff7 3-of-8 Gnosis Safe
Security 0xe5e2Baf96198c56380dDD5E992D7d1ADa0e989c0 4-of-7 Gnosis Safe — DEBT, MAX_DEBT, EMERGENCY
Strategy Manager (Timelock) 0x88Ba032be87d5EF1fbE87336b7090767F367BF73 TimelockController — 7-day delay for strategy additions and accountant changes. Self-governed
Keeper 0x604e586F17cE106B64185A7a0d2c1Da5bAce711E yHaaSRelayer — REPORTING only
Debt Allocator 0x1e9eB053228B1156831759401dE0E115356b8671 Minimal proxy — REPORTING + DEBT_MANAGER

Yearn V3 Infrastructure

Contract Address
Vault Factory (v3.0.2) 0x444045c5C13C246e117eD36437303cac8E250aB0
Vault Original (v3.0.2) 0x1ab62413e0cf2eBEb73da7D40C70E7202ae14467

Active Strategies (3 in default queue, 3 with debt)

# Strategy Name Current Debt (WETH) Allocation
1 0x365cC9c28Df1663fA37C565A3aC1Addc3A219e15 Spark WETH Lender 215.17 4.03%
2 0xeEB6Be70fF212238419cD638FAB17910CF61CBE7 Morpho Gauntlet WETH Prime Compounder 3,800.46 71.26%
3 0x470e0e048F85CFD72EEf325895e02c8D297E7435 stETH Accumulator 1,316.44 24.68%

Previously queued, now revoked (activation = 0 at block 25073237):

Current funding posture: vault is ~100% deployed across three venues (~1 WETH idle). Morpho Gauntlet dominates at ~71% — a meaningful single-venue concentration. The stETH Accumulator share has grown to ~25%. Both Aave V3 strategies remain revoked; per Yearn team the original revocations followed the April 18 rsETH bridge exploit (unverified attribution). None of the funded strategies reference rsETH directly. Between the May 5 snapshot (block 25031569) and this snapshot (block 25073237, 6 days later) the mix shifted from 73.85% / 21.35% / 4.80% to 71.26% / 24.68% / 4.03% — a deliberate reallocation toward the Accumulator (+150 WETH absolute) at the expense of both Morpho (-233 WETH) and Spark (-47 WETH).

Strategy Protocol Dependencies

Protocol Strategy Allocation
Morpho (Gauntlet curator) Morpho Gauntlet WETH Prime Compounder 71.26% of vault TVL
Lido (stETH) stETH Accumulator 24.68% of vault TVL
Spark Lend Spark WETH Lender 4.03% of vault TVL
Curve ETH/stETH pool stETH Accumulator (stake / unwind path) Indirect dependency
Lido withdrawal queue stETH Accumulator (unwind path) Indirect dependency

Sky-governance exposure note: Spark Lend is a Sky sub-DAO. Roughly 4% of yvWETH-1's debt sits in Spark WETH Lender, which is administered through Sky / Spark governance. This is a small Sky-governance dependency on a minority allocation; immaterial relative to the Morpho-dominated mix.

Audits and Due Diligence Disclosures

Yearn V3 Core Audits

Auditor Date Scope Report
Statemind May 2, 2024 V3 Vaults (v3.0.0) PDF
ChainSecurity May 4, 2024 V3 Vaults + Tokenized Strategy (v3.0.0) 2 PDFs
yAcademy Jun 2024 V3 Vaults (v3.0.1) PDF

Lido Audits (Underlying Protocol)

Lido is one of the most extensively audited LSTs in DeFi. Audits include MixBytes, Quantstamp, Sigma Prime, Statemind, Oxorio, ChainSecurity, and others. See Lido security for the full list.

Curve ETH/stETH Pool

Audited as part of Curve's StableSwap suite. Pool address 0xDC24316b9AE028F1497c275EB9192a3Ea0f67022.

Strategy Review Process

All strategies pass through Yearn's 12-metric risk-scoring framework (RISK_FRAMEWORK.md). yvWETH-1 is registered as Category 1 in the Role Manager (getCategory(vault) == 1), the strictest tier.

Bug Bounty

On-Chain Complexity

  • 3 funded strategies at the snapshot
    • Morpho Gauntlet WETH Prime Compounder — direct WETH deposit into a Morpho Gauntlet ERC-4626 vault. Single hop
    • Spark WETH Lender — direct supply into Spark Lend WETH market. Single hop
    • stETH Accumulator — pipeline: WETH → ETH (unwrap) → stETH (Curve or Lido submit). Two hops; the only LST in the mix
  • No leverage, no looping, no cross-chain bridging
  • Standard ERC-4626 deposit / withdrawal at the vault level
  • Manual unwind is the only operational complexity layer — _freeFunds() on the stETH Accumulator is a no-op, so user redemptions touching the ~25% Accumulator portion depend on management pre-positioning loose WETH
  • Vault is immutable (non-upgradeable Vyper minimal proxy)

Historical Track Record

  • Vault deployed: March 12, 2024 (deployment tx) — ~26 months in production
  • TVL: 5,333.06 WETH (~$12.41M)
  • PPS trend: 1.000000 → 1.047594 (~4.76% cumulative return over ~26 months, ~2.2% annualized — reflects historical periods at lower deployment ratios)
  • Security incidents: None known for this vault or for the Yearn V3 framework
  • Strategy changes: active management. Between April 27 and May 5, Aave V3 Lido WETH and Aave V3 WETH were both revoked (activation = 0); funds were re-deployed from the prior 67%-idle posture into a Morpho-dominant 3-venue mix. Between May 5 and May 11 the Debt Allocator / Brain reallocated ~150 WETH from Morpho+Spark into the stETH Accumulator, lifting its share from 21.35% → 24.68%
  • Yearn V3 track record: V3 framework live since May 2024 (~24 months). No V3 vault exploits

Lido track record: $20B+ TVL, longest-running LST, Shapella enabled withdrawals (June 2023). Curve stETH/ETH peg has been stable post-Shapella with brief periods of slight discount during stress events.

Funds Management

yvWETH-1 is ~100% deployed at the snapshot (~1 WETH idle), split roughly: Morpho Gauntlet 71%, stETH Accumulator 25%, Spark 4%. The earlier April-27 67%-idle posture (per Yearn team a rsETH-precautionary deallocation, unverified attribution) has reversed.

Strategy 1: Morpho Gauntlet WETH Prime Compounder (~71.26% of vault TVL)

Contract: 0xeEB6Be70fF212238419cD638FAB17910CF61CBE7

Direct WETH deposit into the Gauntlet-curated Morpho WETH Prime ERC-4626 vault. Atomic single-hop deposit / redeem against deep Morpho lending markets (Morpho protocol $6.6B+ TVL). Curated by Gauntlet, audited 25+ times across Trail of Bits, Spearbit, OpenZeppelin, ChainSecurity, Certora.

Strategy 2: stETH Accumulator (~24.68% of vault TVL)

Contract: 0x470e0e048F85CFD72EEf325895e02c8D297E7435

The contract code (Strategy.sol / BaseLSTAccumulator.sol, verified on Etherscan) implements:

Stake path:

  1. WETH unwrapped to ETH at the strategy contract
  2. ETH staked via one of two routes, selected per call:

Unwind path (manual, management-only — there is no auto-unwind on user withdrawal):

Method Mechanic Latency
manualSwapToAsset() Sells stETH → ETH via Curve with a min-out parameter Immediate
initiateLSTWithdrawal() Queues stETH in the Lido withdrawal queue (0x889edC2eDab5f40e902b864aD4d7AdE8E412F9B1) for guaranteed 1:1 redemption 1–7 days under normal load
manualClaimWithdrawals() Claims finalized Lido withdrawals back to ETH Immediate after finalization

Accounting buffer:

  • reportBuffer haircuts the LST value in estimatedTotalAssets() to absorb peg slippage
  • pendingRedemptions blocks _harvestAndReport() from running while withdrawal requests are in flight (preventing double-counting)

Current strategy state (snapshot block 25073237):

Field Value
Loose WETH balance on strategy 0 WETH (verified at snapshot via WETH.balanceOf(strategy))
pendingRedemptions 0 stETH (April 27 in-flight request #121758 remains finalized and claimed)
estimatedTotalAssets() 1,317.61 WETH
totalAssets() (TokenizedStrategy) 1,317.61 WETH (matches estimatedTotalAssets() to within profit-unlock noise)
Vault current_debt for this strategy 1,316.44 WETH
Strategy stETH balance 1,317.61 stETH (entire backing held as stETH; 0 wstETH, 0 WETH)
Lido request #121758 isFinalized = true, isClaimed = true at block 25073237

The accounting-lag mechanism (pendingRedemptions > 0 blocks _harvestAndReport()) is dormant at this snapshot — there is no in-flight Lido withdrawal. If the strategy initiates a new initiateLSTWithdrawal() later, the lag mechanism will re-engage; captured under Reassessment Triggers.

Strategy parameters:

Strategy 3: Spark WETH Lender (~4.03% of vault TVL)

Contract: 0x365cC9c28Df1663fA37C565A3aC1Addc3A219e15

Direct supply of WETH into Spark Lend's WETH market. Spark Lend is a Sky sub-DAO; ChainSecurity / Cantina audits. Atomic redemption against Spark Lend WETH market liquidity. Allocation is small (~4%), so Sky-governance dependency is not material at this allocation.

Revoked strategies (activation = 0 at snapshot)

The rationale for revoking both Aave V3 strategies has not been independently verified.

Accessibility

  • Deposits: Permissionless ERC-4626 — anyone can deposit WETH and receive yvWETH-1. Subject to 15,000 WETH deposit limit
  • Withdrawals: ERC-4626. The bulk of TVL (~75%, Morpho + Spark) unwinds atomically against deep underlying lending markets. The ~25% in the stETH Accumulator does NOT auto-unwind — availableWithdrawLimit() on that strategy returns only its loose WETH balance. See the "Liquidity Risk" section below
  • No cooldown or lock period at the vault level
  • Fees: 0% management, 10% performance
  • Profit unlock: 10 days

Collateralization

  • 100% backing in WETH (Morpho, Spark positions) or stETH (Accumulator)
  • Collateral quality: Morpho protocol $6.6B+ TVL with Gauntlet curation; Lido stETH is the largest LST ($20B+ TVL, multi-operator); Spark Lend is a Sky-audited stack
  • No leverage — the Accumulator is a simple stake / unstake pattern; Morpho and Spark are direct lending positions
  • Redeemability: Morpho and Spark redeem atomically subject to underlying market utilization. stETH can be unwound either via Curve (subject to peg slippage) or via the Lido withdrawal queue (1–7 days under normal load, 1:1 redemption)

Provability

  • PPS: ERC-4626, fully algorithmic
  • Strategy totalAssets(): reads on-chain Morpho / Spark / stETH balances
  • Accounting-lag caveat (currently dormant): when the stETH Accumulator has an in-flight Lido withdrawal (pendingRedemptions > 0), _harvestAndReport() is blocked and the strategy values the in-flight portion at its pre-request mark. At this snapshot pendingRedemptions = 0 so the lag is not active, but the mechanism re-engages on every initiateLSTWithdrawal() call
  • Profit / loss: reported by keeper via process_report(), locked over 10 days

Liquidity Risk

Aspect Detail
Vault-level idle 0.9928 WETH (vault is ~100% deployed)
Atomic-unwind portion ~75% of TVL — Morpho Gauntlet (3,800.46 WETH) + Spark Lend (215.17 WETH), both deep blue-chip WETH lending markets
Manual-unwind portion ~25% of TVL — stETH Accumulator (1,316.44 WETH); availableWithdrawLimit() on this strategy returns only its loose WETH
Manual unwind paths (a) Curve ETH/stETH (immediate, peg-dependent), (b) Lido queue (1–7 days, 1:1)
Curve ETH/stETH pool depth Deep pool; stETH peg has been stable post-Shapella
Lido queue normal load 1–7 days for finalization
Cooldown / restrictions None at the vault level

Practical implications:

  • Small / medium withdrawals unwind atomically through the queue (Spark first, then Morpho) for the ~75% atomic portion
  • Withdrawals exceeding the atomic portion require either (a) additional Morpho headroom, which depends on Morpho Gauntlet WETH market utilization at the moment of withdraw, or (b) management to pre-position WETH out of the stETH Accumulator
  • Lido queue can extend under stress (post-merge withdrawal congestion, large coordinated unstake events)
  • Same-asset: vault token is WETH-denominated; no price-divergence risk on the share
  • Deposit limit: 15,000 WETH cap vs 5,333 WETH TVL (room for +181%)
  • Single-venue concentration: ~71% of TVL sits in the Morpho Gauntlet WETH Prime vault — concentrated single-venue exposure, though Morpho/Gauntlet is among the highest-quality WETH venues in DeFi

The on-chain reality on the stETH Accumulator: availableWithdrawLimit() is deliberately constrained to the strategy's loose WETH balance — verified in BaseLSTAccumulator.sol (returns 0 at this snapshot). This is a design choice to prevent forced-sale of stETH at a discount during peg events, but it means redemptions exceeding the atomic Morpho + Spark capacity are management-paced for the Accumulator portion.

Centralization & Control Risks

Governance

Position Address Threshold Roles on Vault
Daddy (ySafe) 0xFEB4acf3df3cDEA7399794D0869ef76A6EfAff52 6-of-9 12 of 14 vault roles
Brain 0x16388463d60FFE0661Cf7F1f31a7D658aC790ff7 3-of-8 QUEUE, REPORTING, DEBT, MAX_DEBT, DEPOSIT_LIMIT, WITHDRAW_LIMIT, PROFIT_UNLOCK, DEBT_PURCHASER, EMERGENCY
Security 0xe5e2Baf96198c56380dDD5E992D7d1ADa0e989c0 4-of-7 DEBT, MAX_DEBT, EMERGENCY
Strategy Manager (Timelock) 0x88Ba032be87d5EF1fbE87336b7090767F367BF73 7-day delay ADD_STRATEGY, REVOKE_STRATEGY, FORCE_REVOKE, ACCOUNTANT, MAX_DEBT
Keeper 0x604e586F17cE106B64185A7a0d2c1Da5bAce711E Bot REPORTING only
Debt Allocator 0x1e9eB053228B1156831759401dE0E115356b8671 Bot REPORTING + DEBT_MANAGER

ySafe 6-of-9 signers include publicly known DeFi contributors — see Yearn Multisig Info.

Strategy-specific governance: the stETH Accumulator's manual unwind functions (manualSwapToAsset, initiateLSTWithdrawal, manualClaimWithdrawals) are management-only. This is a strategy-level centralization point — Brain decides when to start unwinding stETH for upcoming user redemptions. Standard for LST integrations.

Properties (all 6 Yearn V3 risk-1 vaults):

  1. No EOA holds vault roles directly
  2. Strategy additions and accountant changes pass through 7-day timelock
  3. Self-governed timelock — TIMELOCK_ADMIN belongs to the timelock itself
  4. Vault contract is immutable — Vyper minimal proxy
  5. Same governance pattern across 37+ vaults

Programmability

  • PPS: ERC-4626, fully algorithmic
  • Vault operations: permissionless deposit / withdraw on-chain
  • Strategy reporting: automated via keeper
  • Debt allocation: Debt Allocator (automated) + Brain (manual)
  • Off-chain inputs: none directly to PPS or fund movement, but the LST-Accumulator unwind decisions are off-chain (management-paced)

External Dependencies

Dependency Criticality Notes
Morpho protocol + Gauntlet curator Critical — ~71% of vault TVL Morpho $6.6B+ TVL; Gauntlet curates the WETH Prime vault's underlying markets
Lido (stETH) High — ~25% of vault TVL Largest LST, $20B+ TVL, well-audited stack, multi-operator. Shapella-enabled withdrawals work 1:1 within 1–7 days
Spark Lend + Sky governance Low — ~4% of vault TVL Sky sub-DAO; small allocation
Curve ETH/stETH pool Medium (unwind path for ~25%) Used for both staking (when better than 1:1) and manual unwind
Lido withdrawal queue Medium (unwind path for ~25%) 1:1 redemption, 1–7 days normal load

Dependency quality: Morpho/Gauntlet, Lido, and Spark are all top-tier WETH venues. Concentration risk is meaningful (~71% Morpho), but each individual venue is high quality.

Operational Risk

  • Team: Yearn Finance — established 2020, public contributors, named multisig signers
  • Vault management: Standard Yearn V3 Role Manager pattern shared across 37+ vaults
  • Documentation: Comprehensive Yearn V3 documentation. Strategy code (including BaseLSTAccumulator.sol) verified on Etherscan
  • Legal: Yearn BORG via YIP-87
  • Incident response: 4 historical V1 events handled. V3 framework not yet stress-tested by an exploit. $200K Immunefi bug bounty for responsible disclosure
  • V3 immutability: vault cannot be upgraded — eliminates proxy upgrade risk but means a critical bug requires deploying a new vault and migrating
  • Strategy-level operational risk: the management-paced unwind for the stETH Accumulator's ~25% portion means yvWETH-1 retains a higher operational dependency on Brain than the all-stable vaults — even though the bulk of TVL (Morpho + Spark) still unwinds atomically. The May 5 → May 11 reallocation moved ~150 WETH into the Accumulator (raising its share from 21% → 25%), which marginally increased that dependency
  • Operational anomaly: between April 27 and May 5, two strategies (Aave V3 Lido WETH and Aave V3 WETH) were revoked while funds were re-deployed. Per Yearn team this followed the rsETH bridge exploit (unverified attribution); the rationale for revoking these specific blue-chip strategies has not been independently verified — Brain must monitor incoming withdrawal demand and pre-position WETH

Monitoring

Existing Monitoring Infrastructure

Yearn maintains the monitoring repository with active alerting. yvWETH-1 is in the monitored vault list:

  • Large flow alerts (yearn/alert_large_flows.py) — runs hourly via GitHub Actions. Alerts on deposits / withdrawals exceeding threshold via Telegram
  • Endorsed vault check (yearn/check_endorsed.py) — weekly
  • Timelock monitoring (timelock/timelock_alerts.py) — monitors the Yearn TimelockController across multiple chains

Key Contracts

Contract Address Monitor
yvWETH-1 Vault 0xc56413869c6CDf96496f2b1eF801fEDBdFA7dDB0 PPS (convertToAssets(1e18)), totalAssets(), totalDebt(), totalIdle(), Deposit / Withdraw events
Morpho Gauntlet WETH Prime Compounder 0xeEB6Be70fF212238419cD638FAB17910CF61CBE7 totalAssets(), current_debt, isShutdown(), keeper report frequency
Spark WETH Lender 0x365cC9c28Df1663fA37C565A3aC1Addc3A219e15 totalAssets(), current_debt, isShutdown(), keeper report frequency
stETH Accumulator 0x470e0e048F85CFD72EEf325895e02c8D297E7435 totalAssets(), estimatedTotalAssets(), pendingRedemptions, balanceOfAsset(), isShutdown(), keeper report frequency
Lido stETH 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84 Total supply, exchange rate, pause state
Lido Withdrawal Queue 0x889edC2eDab5f40e902b864aD4d7AdE8E412F9B1 Strategy's outstanding withdrawal request status
Curve ETH/stETH 0xDC24316b9AE028F1497c275EB9192a3Ea0f67022 stETH/ETH peg, pool depth
ySafe (Daddy) 0xFEB4acf3df3cDEA7399794D0869ef76A6EfAff52 Signer / threshold changes
Accountant 0x5A74Cb32D36f2f517DB6f7b0A0591e09b22cDE69 Fee changes

Critical Events to Monitor

  • PPS decrease — should only increase outside of explicit loss events
  • Allocation drift — currently ~71% Morpho / ~25% stETH / ~4% Spark; drift toward >85% in any single venue should trigger reassessment
  • stETH/ETH peg deviation — affects the ~25% Accumulator portion's manual unwind via Curve
  • Lido withdrawal queue length — extended queue degrades the 1:1 unwind path
  • pendingRedemptions not draining after expected finalization — points to stuck or slow Lido withdrawal (currently 0 at the snapshot; will engage on the next initiateLSTWithdrawal())
  • Strategy additions / removalsStrategyChanged events; further revocations are operational signals
  • ySafe signer / threshold changes
  • Lido pause — would impact stETH redemption mechanics
  • Morpho Gauntlet WETH Prime utilization — affects atomicity of the largest portion (~71%)

Monitoring Functions

Function Contract Purpose Frequency
convertToAssets(1e18) Vault PPS tracking Every 6 hours
totalAssets() Vault Total TVL Daily
totalDebt() / totalIdle() Vault Capital deployment ratio Daily
estimatedTotalAssets() Strategy Real on-chain backing (vs totalAssets()) Daily
pendingRedemptions() Strategy In-flight Lido withdrawal value Daily
balanceOfAsset() Strategy Loose WETH available for user withdrawals Hourly
Lido getWithdrawalStatus(...) Lido queue Track pending request finalization Daily until finalized
Curve get_dy(0,1,1e18) Curve pool stETH/ETH spot exchange rate Hourly
getThreshold() / getOwners() ySafe Governance integrity Weekly
getMinDelay() ySafe Delay change detection Weekly

Reassessment Triggers

  • Time-based: Reassess in 6 months (November 2026) or annually
  • TVL-based: Reassess if TVL exceeds 10,000 WETH or changes by ±50%
  • Allocation drift:
    • Morpho Gauntlet WETH Prime share moves above 85% or below 50% of vault TVL
    • stETH Accumulator share grows above 50% of vault TVL — deeper review of the manual unwind path
    • any one venue exceeds 90% of vault TVL
  • Strategy changes (addStrategy() proposals at the Strategy Manager TimelockController, 0x88Ba032be87d5EF1fbE87336b7090767F367BF73, 7-day delay):
    • any new strategy proposed for inclusion — re-review during the 7-day timelock window
    • any new strategy with leverage, looping, cross-chain bridging, or non-blue-chip routing
    • any new strategy with direct or indirect rsETH exposure (LayerZero OFT bridge contagion still recent — see hgETH report)
    • re-funding of either revoked Aave V3 strategy (0xC7baE383738274ea8C3292d53AfBB3b42B348DF0 or 0x5ABcBBDbf617a21F7667e8cfD17Fa16475D20dB8) — would clarify the ongoing rationale of the May 5 revocations
  • Lido-specific:
    • extended Lido withdrawal queue (>14 days) — degrades the 1:1 unwind path
    • stETH/ETH peg deviation > 1% sustained
    • any Lido contract upgrade or oracle change
    • any new initiateLSTWithdrawal() from the Accumulator — re-engages the pendingRedemptions accounting-lag mechanism that is dormant at this snapshot
  • Strategy-specific:
    • pendingRedemptions failing to drain after expected Lido finalization
    • Brain unwind cadence (frequency / size of manualSwapToAsset and initiateLSTWithdrawal calls) drops materially
  • Morpho-specific: Morpho Gauntlet WETH Prime sustained utilization > 95% — degrades the atomic unwind path on the largest single allocation
  • Incident-based: any V3 exploit, strategy loss, governance compromise, or major incident at Morpho / Lido / Spark / Curve
  • Governance-based: ySafe / Brain / Security signer or threshold changes; any change to the timelock delay (would itself require 7 days)

Appendix: Contract Architecture

Snapshot at block 25073237 (May 11, 2026, 17:04 UTC).

┌──────────────────────────────────────────────────────────────────────┐
│                          VAULT LAYER                                  │
│                                                                       │
│  ┌────────────────────────────────────────┐                          │
│  │  yvWETH-1 (v3.0.2)                    │                          │
│  │  ERC-4626, immutable Vyper proxy       │                          │
│  │  0xc564…dDB0                           │                          │
│  │                                        │                          │
│  │  TVL: 5,333.06 WETH (~$12.41M)         │                          │
│  │   ├── 0.99 idle                        │                          │
│  │   └── 5,332.07 deployed across 3      │                          │
│  └─────────────────┬──────────────────────┘                          │
│                    │                                                  │
│   ┌────────────────┼────────────────────────────┐                    │
│   ▼                ▼                            ▼                    │
│ ┌──────────────┐ ┌──────────────────────┐ ┌────────────────────────┐ │
│ │ Spark WETH   │ │ Morpho Gauntlet      │ │ stETH Accumulator      │ │
│ │ Lender       │ │ WETH Prime           │ │ 0x470e…7435            │ │
│ │ 0x365c…9e15  │ │ Compounder           │ │                        │ │
│ │ 215.17 WETH  │ │ 0xeEB6…CBE7          │ │ 1,316.44 WETH (24.68%) │ │
│ │ 4.03%        │ │ 3,800.46 WETH        │ │                        │ │
│ │ Atomic       │ │ 71.26%               │ │ Stake: WETH→ETH→stETH  │ │
│ │ unwind       │ │ Atomic unwind        │ │ via Curve or Lido      │ │
│ │              │ │ subject to market    │ │                        │ │
│ │              │ │ utilization          │ │ Unwind (mgmt-only):    │ │
│ │              │ │                      │ │  manualSwapToAsset()   │ │
│ │              │ │                      │ │  initiateLSTWithdrawal │ │
│ │              │ │                      │ │  manualClaimWithdrawals│ │
│ │              │ │                      │ │                        │ │
│ │              │ │                      │ │ pendingRedemptions = 0 │ │
│ │              │ │                      │ │ (req #121758 cleared)  │ │
│ └──────────────┘ └──────────────────────┘ └────────────────────────┘ │
│                                                                       │
│  Revoked between Apr 27 and May 5 (activation = 0 at block 25073237): │
│   • Aave V3 Lido WETH Lender — 0xC7bA…8DF0                            │
│   • Aave V3 WETH Lender      — 0x5ABc…0dB8                            │
└──────────────────────────────────────────────────────────────────────┘
                                │
                                ▼
┌──────────────────────────────────────────────────────────────────────┐
│                          UNDERLYING                                   │
│  ┌────────────────────────┐  ┌────────────────────────┐               │
│  │ Morpho protocol        │  │ Spark Lend (Sky        │               │
│  │ + Gauntlet curator     │  │ sub-DAO)               │               │
│  │ $6.6B+ TVL             │  │ ChainSecurity/Cantina  │               │
│  │ 25+ audits             │  │ audited stack          │               │
│  └────────────────────────┘  └────────────────────────┘               │
│  ┌────────────────────────┐  ┌────────────────────────┐               │
│  │ Lido stETH             │  │ Curve ETH/stETH pool   │               │
│  │ $20B+ TVL              │  │ 0xDC24…7022            │               │
│  │ Multi-operator         │  │ Stake-on-better-quote, │               │
│  │ Shapella withdrawals   │  │ manual unwind venue    │               │
│  └────────────────────────┘  └────────────────────────┘               │
│  ┌────────────────────────┐                                           │
│  │ Lido Withdrawal Queue  │                                           │
│  │ 0x889e…F9B1            │                                           │
│  │ 1:1, 1–7 days normal   │                                           │
│  └────────────────────────┘                                           │
└──────────────────────────────────────────────────────────────────────┘

Appendix: TimelockController Role Structure

TimelockController 0x88Ba032be87d5EF1fbE87336b7090767F367BF73 — same timelock used by 37+ Yearn V3 vaults including all six mainnet risk-1 vaults. getMinDelay() = 604800 (7 days).

Role Holder Type Notes
DEFAULT_ADMIN No holder Never granted (admin = address(0) at construction)
TIMELOCK_ADMIN Timelock itself Contract Self-governed
PROPOSER Daddy/ySafe 6-of-9 Safe Sole proposer
EXECUTOR Daddy/ySafe 6-of-9 Safe Direct execution
EXECUTOR TimelockExecutor 0xf8f60bf9456a6e0141149db2dd6f02c60da5779b Contract Wrapper: Brain (3/8) + deployer EOA can call execute() through it
CANCELLER Daddy/ySafe 6-of-9 Safe Cancel pending proposals
CANCELLER Brain 3-of-8 Safe Cancel pending proposals

To shorten the delay, Daddy 6/9 must propose updateDelay(), wait 7 days during which Brain or Daddy can cancel, then execute. DEFAULT_ADMIN was never granted, so no party can self-grant PROPOSER or TIMELOCK_ADMIN to skip the flow.

Submit report inaccuracy