đź“‘
DeFi Saver Knowledge Base
  • Welcome to DeFi Saver Knowledge Base
  • General
    • What is DeFi Saver?
      • Boost & Repay
      • Smart Contracts
      • DeFi Saver and security
      • Liquidity Sources of DeFi Saver
      • DeFi Saver Fees
    • Smart Wallets
      • Can I access DFS created positions using other apps?
      • Why did we switch to Safe?
    • Wallet Compatibility
    • Troubleshooting common issues
      • Error: "An issue was detected with this transaction that would cause it to fail" - what to do
      • How can I withdraw tokens from my Smart Wallet?
      • My MetaMask account is failing to load - what should I do?
      • My transaction is pending / not going through - what should I do?
      • I cannot make any transactions using DeFi Saver after using Furucombo?
      • Avoiding MEV with your transactions
  • Features
    • ETH Saver
      • How does ETH Saver work?
      • Profit tracking & how does it work
      • Positions in ETH Saver
      • Are there fees?
        • Are there any costs that are not immediately noticeable?
    • Automation
      • Automation strategies
      • Requirements for using Automation
      • Automation Fees
      • How does Automation work?
      • When are Automation transactions made?
      • Are there risks when using Automation?
    • Recipe Creator
      • What are Flash Loans?
      • Is Recipe Creator safe to use?
      • Pre-made recipes / Recipe Book
      • How can I reuse output of previous functions?
    • Loan Shifter
      • Collateral Swaps
      • Debt Swaps
    • Notify
      • Notification Monitors
      • How do I set up Notify?
    • Simulation Mode
    • Smart Savings
      • Overview of Yearn
      • Overview of Convex
      • Overview of mStable
      • Why is a smart wallet needed for using Smart Savings?
      • How to start lending funds and earning interest using Smart Savings?
      • Managing existing portfolios using Smart Savings
      • The difference between APR and APY
      • Are there any security risks?
    • Bridge
    • Exchange
      • What are Limit Orders?
      • What is DCA?
  • Protocols
    • Aave
      • Aave Dashboard
      • Aave versions comparison
      • How does Aave Automation work?
      • Can I manage my existing Aave lending/borrowing portfolio using the Aave dashboard?
      • What are Flash Loans?
      • How can I long or short assets using Aave?
      • Staking Aave tokens
      • How can I tell how much interest I will earn or have already earned using Aave?
      • How can I swap my collateral or debt in Aave?
      • Migrating your Aave position(s)
    • CurveUSD
      • What is LLAMMA in CurveUSD?
      • How do you create a loan in CurveUSD protocol?
      • Does CurveUSD charge any fees?
      • Is there a standard (hard) liquidation in CurveUSD?
      • What are bands in CurveUSD?
      • Why do I need a Smart wallet for CurveUSD?
    • Compound
      • Compound Dashboard
      • Can I manage my existing Compound lending/borrowing portfolio using the Compound dashboard in DeFi S
      • How to earn and withdraw COMP tokens
      • How can I tell how much interest I will earn or have already earned using Compound?
    • Fluid
      • Intro to Fluid
      • Liquidity Layer
      • Lend Protocol
      • Vault Protocol
      • DEX Protocol
      • DeFi Saver-supported Features
    • Liquity
      • Liquity Dashboard walkthrough
      • What is a Trove?
      • Liquity Redemptions
      • How to stay protected from redemption risk in Liquity
      • How do Liquidations work in Liquity?
      • What are the key benefits of Liquity?
      • Does Liquity charge any fees?
      • What is a Stability Pool?
      • What is the "Debt-in-Front" value in Liquity?
      • How can I earn LQTY tokens?
      • Why do I need a Smart wallet for Liquity?
    • Liquity V2
      • Intro to BOLD
      • Borrowing Rates and Redemptions
      • Collateral Ratios
      • Troves as NFTs
      • Revenue Distribution and Forkanomics
      • LQTY Staking
      • DeFi Saver-supported Features
    • Chicken Bonds
    • MakerDAO
      • Managing the Dashboard
      • Automation options for MakerDAO
      • What is a CDP and why should I be interested in opening one?
      • How do Boost & Repay work?
      • How does CDP Automation work?
      • Can I transfer my MakerDAO Vault to a different address?
      • Can I manage MakerDAO Vaults created using other apps at DeFi Saver?
    • Morpho Blue
    • Reflexer
      • Reflexer Dashboard walkthrough
      • How can I start borrowing or leveraging using Reflexer?
      • What makes Reflexer unique?
    • Spark
      • Spark Dashboard walkthrough
      • What is sDAI?
      • Liquidations in Spark
  • Legal
    • Terms and Conditions
Powered by GitBook
On this page
  • Audits
  • Insurance
  • Historical security issues
  • How to stay safe using DeFi Saver?
  1. General
  2. What is DeFi Saver?

DeFi Saver and security

PreviousSmart ContractsNextLiquidity Sources of DeFi Saver

Last updated 1 year ago

All of the actions performed using DeFi Saver are done in a trustless manner using logic stored in DeFi Saver’s smart contracts.

The source code of DeFi Saver smart contracts is publicly available in our and you can find additional information on our smart contracts architecture in our .

Audits

DeFi Saver Automation has been audited in February 2021 by Dedaub and you can find our brief summary post .

Smart contracts powering the new DeFi Saver architecture and the Recipe Creator have been audited by ConsenSys Diligence and Dedaub. You can find more info in , as well as both of the reports .

We want to highlight the importance of external audits and note that all feature releases and integrations will be audited before they are deployed in production.

Insurance

We are looking into adding options of utilising DeFi insurance protocols directly within the app in the future and will share any details on this as soon as this functionality is ready.

Historical security issues

As of now, there have been two security incidents at DeFi Saver:

  1. Exchange vulnerability discovered in June 2020, affecting users of our separate Exchange users from early 2020 until that point. No funds were lost or stolen. No other parts of the app were affected. More info can be found .

  2. Compound import (migrate) contract vulnerability discovered in January 2021, affecting users that specifically used the import (migrate) option for their Compound position. No funds were lost or stolen. No other parts of the app were affected. More info can be found .

How to stay safe using DeFi Saver?

We can never emphasize the importance of staying safe when using decentralized finance protocols and apps. Besides the always present smart contract risk, there are several additional factors that one should consider and pay attention to stay safe from scam attempts in the form of phishing, cloaking, fraudulent search adverts, and others.

Here are several things you should always keep in mind when using DeFi Saver:

  • Always check the URL One of the most frequent scams is tied to users using search engines to visit our website and application. Scammers love to abuse search engines to direct users to “copies” and fake versions of our website. Always make sure that the URL you are visiting to interact with our app is defisaver.com and app.defisaver.com. The easiest way to mitigate the risk of opening a fraudulent, fake site is to bookmark the URL and always open DeFi Saver through the bookmark.

  • Beware of search engine ads While we may promote DeFi Saver using search engine ads in the future, this is currently not the case and search ads are unfortunately often the way that scammers will try to get users to a fake site where they will try to drive users into giving away their private key or secret words (seed phrase). This is most often done using URLs that resemble defisaver.com. For example, there have recently been deflsaver.com and defsaver.com. If you ever notice anyone impersonating our app, please report this to us via Twitter, Discord, or the in-app chat widget.

To wrap up, we will never ask for:

  • Your private key

  • Your seed phrase

  • Your MetaMask or other web3 wallet passwords

However, your Ethereum Public Address is what you may share with anyone. Wallet addresses can be shared safely with anyone from whom you want to receive cryptocurrency of a certain type. No one can steal your digital assets by knowing only your wallet’s public address. We may ask you to provide it in case you require assistance from us regarding potential issues.

Github repository
developer docs
here
one of our blog posts
here
here
here