Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.yieldo.xyz/llms.txt

Use this file to discover all available pages before exploring further.

Yieldo’s on-chain attribution and routing layer was audited by Hashlock in May 2026. The audit covered the Solidity contracts that handle deposit routing, vault dispatch, and on-chain attribution — i.e. every contract a user’s funds touch when depositing through Yieldo.

Report

  • Auditor: Hashlock
  • Audit name: Yieldo Smart Contract Audit Report
  • Date: May 2026
  • Language: Solidity
  • Final rating: Secure
  • Full report: hashlock.com/audits/yieldo

Scope

The audit covered Yieldo’s attribution and routing layer — the contracts that sit between the user and the partner vault on every deposit:
  • DepositRouter.sol — non-custodial pass-through router (V3.2.0 on all chains, see Deposit Router Contracts)
  • Proxy.sol — upgradeable proxy that fronts the router
  • adapters/ — per-protocol dispatch logic (ERC-4626, Midas issuance, Veda teller, Lido queue, custom)
  • interfaces/ — external vault interfaces consumed by the adapters

Why the attack surface is narrow

The router’s design deliberately minimizes the surface an auditor has to reason about, and the rating reflects that:
  • Non-custodial. Funds are pulled from msg.sender and delivered to the vault inside the same transaction. The router holds no balances between transactions.
  • No fee extraction from deposits. 100% of user tokens reach the vault — there is no protocol-side fee bps, no skim, no withhold.
  • No discretionary control over user assets. The router has no admin function that can move user funds, pause withdrawals, or sweep balances. The only privileged surface is the adapter dispatch table.
  • Atomic settlement. Either the vault mints shares to the user in the same tx, or the whole call reverts — there is no intermediate state where funds can be stranded in the router.
This is the architectural reason a “Secure” rating is achievable: there is very little a malicious or buggy router code path could do, because the router is not a custodian.

How this surfaces in the Yieldo score

The Hashlock audit feeds the Trust dimension of the Yieldo Score. Audited contracts contribute positively to a vault’s Trust sub-scores; in Stage 2 of the Scoring Roadmap, auditor tier and audit recency become first-class signals with Hashlock recognized as a maintained registry entry.

Re-audits and future changes

The router is upgradeable behind Proxy.sol. Any future router upgrade that materially changes the attribution or routing logic will be re-submitted to Hashlock (or an equivalent tier auditor) before the proxy upgradeTo call lands on mainnet. The current audited build is V3.2.0 — see the Deposit Router Contracts page for upgrade history and current proxy addresses per chain.