How Does Moonwell Vaults Work?

Yield|Risk C|5 mechanisms|5 interactions

Moonwell Vaults is a yield product that deposits your crypto into Morpho lending markets on Base to earn returns from borrower interest. A professional risk curator decides which markets your money goes to and how much goes where, while the vault automatically reinvests your earnings. Think of it as hiring a fund manager who allocates your deposits across different lending opportunities.

TVL

$26M

Sector

Yield

Risk Grade

C

Value Grade

C-

Core Mechanisms

Yield/MetaMorpho-Vault

MetaMorpho vaults that dynamically allocate capital across Morpho isolated lending markets on Base

Standard MetaMorpho vault pattern. Deposited assets are dynamically allocated across Morpho markets by curators. Yield from borrower fees auto-compounds. Deployed on Base and previously Optimism.

Lending/Isolated-Markets

Morpho isolated lending markets with curator-defined parameters including supply caps, borrow caps, and market selection

Underlying markets are Morpho isolated pairs with immutable on-chain logic. Risk parameters (market selection, caps) are managed by the vault curator.

Risk-Management/Curator

External risk curator (Anthias Labs, previously Block Analitica/B.Protocol) managing vault allocation strategy

Standard curator model in MetaMorpho ecosystem. Curator defines vault parameters while allocator dynamically optimizes within constraints. Curator role recently transferred via governance (MIP B56, February 2026).

Oracle/Chainlink

Chainlink price feeds for collateral valuation in underlying Morpho markets

Standard Chainlink oracle dependency. The November 2025 exploit directly resulted from a Chainlink oracle malfunction, demonstrating the critical dependency.

Governance/DAO

WELL token governance for vault strategy decisions, curator selection, and protocol parameters

Moonwell DAO governs vault operations through proposals. Recent MIP B56 (February 2026) transferred curator role and MIP deprecating Optimism vault. Active governance participation.

How the Pieces Interact

Chainlink oracle dependencyVault collateral valuationHigh

Oracle malfunction directly enabled the November 2025 exploit. Vault deposits flow to Morpho markets where collateral valuation depends entirely on oracle accuracy. A repeated oracle failure could drain vault funds through the same attack vector.

Curator allocation decisionsMarket risk concentrationHigh

The curator controls which Morpho markets receive vault capital. A flawed curator decision (e.g., allocating to a risky collateral type) could expose all vault depositors to concentrated losses. Curator transition (Block Analitica to Anthias Labs) adds execution risk.

Auto-compounding yieldsCascading bad debtMedium

Auto-compounding continuously reinvests yield back into the same Morpho markets. If a market accumulates bad debt, compounding amplifies depositor exposure to the impaired market before the risk is detected.

Multi-chain deploymentVault deprecation riskMedium

Moonwell deprecated its Optimism vault in February 2026, forcing depositors to migrate. Ongoing strategic shifts could deprecate other vaults, creating disruption and potential losses during migration windows.

Bug bounty discontinuationExploit discoveryMedium

Discontinuing the Immunefi bug bounty program removes the financial incentive for white-hat researchers to responsibly disclose vulnerabilities, increasing the likelihood that future exploits are discovered by attackers first.

What Could Go Wrong

  1. Moonwell suffered a $1M oracle exploit in November 2025 where a Chainlink price feed malfunction valued 0.02 wrstETH at $5.8M, enabling the attacker to extract 292 ETH. This is the third major security incident in 3 years, demonstrating persistent vulnerability patterns.
  2. Moonwell Vaults deploy capital through Morpho isolated markets controlled by external curators (recently transferred from Block Analitica/B.Protocol to Anthias Labs). Curator decisions directly determine which markets receive vault capital and associated risk exposure.
  3. The protocol discontinued its Immunefi bug bounty program earlier in 2025, months before the November 2025 exploit. This signals reduced commitment to proactive security and removes a critical defense layer.

Repeated Oracle Exploit at Scale

Moderate

Trigger: Chainlink oracle malfunction recurs, this time affecting a larger Morpho market receiving Moonwell Vault capital, enabling a more damaging price manipulation attack

  1. 1.Chainlink price feed for a major collateral asset malfunctions or is manipulated Attacker deposits minimal collateral but oracle values it at millions
  2. 2.Attacker borrows maximum value against inflated collateral from Morpho markets fed by Moonwell Vaults Vault depositors' funds drained through the Morpho market lending mechanism
  3. 3.Exploit repeated across multiple markets before oracle issue is resolved Cumulative losses exceed previous incidents, potentially draining majority of vault TVL
  4. 4.Third major exploit in three years destroys remaining user confidence Mass exodus from all Moonwell products, protocol becomes unviable
See all 2 collapse scenarios in the full risk report →

Risk Profile at a Glance

Mechanism Novelty3/15
Interaction Severity10/20
Oracle Surface4/10
Documentation Gaps3/10
Track Record12/15
Scale Exposure3/10
Regulatory Risk3/10
Vitality Risk7/10
C

Overall: C (45/100)

Lower score = safer

More on Moonwell Vaults

Is Moonwell Vaults Safe?

Safety analysis

Is Moonwell Vaults a Good Investment?

Value analysis

Full Risk Report

All mechanisms & interactions

Related Yield Explainers

How Does Piku DAO Work?D+How Does Alpaca Leveraged Yield Farming Work?C-How Does Re7 Labs Work?C-How Does AILayer Farm Work?C-How Does Alpaca Finance Work?C-