How Does Superfluid Finance Work?

Constant Flow Agreement (CFA) — per-second ERC-20 token streams between two accounts using a virtual balance model updated at each block

Superfluid pioneered programmable real-time token streaming on EVM chains in 2021. The CFA uses a semantic money / token monadic design: actual balances are computed on-demand from a stored flow rate and timestamp rather than stored explicitly, enabling gas-efficient continuous transfers without per-second transactions.

General Distribution Agreement (GDA) — scalable one-to-many pool-based token distribution where members receive proportional shares of inflows in real-time

The GDA contract enables a single streamer to distribute to thousands of recipients simultaneously, with pool units determining allocation. Used by ENS DAO for $5.4M in grants and Optimism for 30M OP token retroPGF distributions. Technically distinct from Merkle-airdrop patterns.

Super Token — ERC-20 + ERC-777 extension with built-in streaming and distribution capabilities, wrapping standard ERC-20s via a 1:1 upgrade/downgrade mechanism

Super Tokens are the unit of value in Superfluid. Users wrap standard ERC-20 tokens (e.g., USDC → USDCx) to gain streaming capabilities. The wrapper is non-custodial and 1:1 redeemable. Deployed across Polygon, Optimism, Arbitrum, Base, and 6+ other EVM chains.

Sentinel Network — decentralized keeper bots that monitor stream solvency and trigger liquidations of insolvent (zero-balance) streaming accounts

Stream senders must lock a buffer deposit when opening a stream. When an account balance hits zero while streaming, any sentinel can call the liquidation function to close the stream and claim the buffer as reward. The TOGA (Transparent Ongoing Auction) mechanism determines the Patrician-in-Charge (PIC) who gets priority liquidation rights.

SUP Token Governance — native governance token enabling DAO voting on protocol upgrades, fee structures, and ecosystem incentive distribution

SUP (1B max supply) launched February 2025. Initially non-transferable. Team/investor lockups: 3-year stream with 1-year cliff. 60% community allocation. SUP holders vote on protocol parameters and treasury allocation via Superfluid DAO.

SUP Locker System — stake SUP tokens to earn streaming rewards distributed via GDA pools; the locker system uses a tax mechanism to discourage early exit

The locker system was audited by Sherlock in 2024 and 2025. A medium-severity finding identified that locker owners could deploy SUP liquidity into Uniswap V3 low-liquidity pools to bypass the exit tax mechanism. Team acknowledged but deferred fix. Adds composability risk.

Context injection vulnerability: the Host contract serializes/deserializes a 'ctx' state object to track msg.sender across agreement calls. In Feb 2022, an attacker crafted malicious calldata that exploited a discrepancy between Host-side serialization and Agreement-side deserialization to spoof account identities, stealing ~$13M. Although patched, the ctx pattern remains a complex trust boundary.

Delayed liquidation risk: if sentinel bots fail to monitor (offline, congestion, low incentive) an insolvent stream, the protocol accrues bad debt. The stream sender's buffer is slashed, but in extreme cases the protocol absorbs losses. Over-reliance on economic incentives for external keepers creates a liveness assumption.

Composability risk amplification: protocols integrating Super Tokens (e.g., Aave, Uniswap wrappers, yield optimizers) inherit Superfluid's full contract risk surface. A vulnerability in the Superfluid Host or CFA agreement contracts could propagate to all integrated protocols simultaneously, creating correlated failure.

Unit saturation in GDA pools: due to technical limitations in the GDA implementation, total pool units cannot exceed the flow rate. In high-membership pools with small individual allocations, unit downscaling can cause rounding errors that result in members receiving less than expected, potentially creating unfair distributions in DAO grant scenarios.

Tax bypass via low-liquidity pool manipulation: locker owners can deploy SUP tokens into a low-liquidity Uniswap V3 pool paired with ETH, skew the pool price so liquidity is ETH-heavy, then withdraw ETH without triggering the SUP exit tax. Acknowledged by team but unfixed as of 2025 Sherlock audit.