Is Harvest Finance Safe?
Risk Grade: C (48/100)
Harvest Finance is rated as elevated risk — multiple novel mechanisms and notable interaction risks.
Moderate risk — scarred by a $24M exploit that crashed its TVL by two-thirds, with structural oracle vulnerability still present
A yield aggregator that automatically moves your deposits between DeFi protocols to chase the highest returns. It manages $43M, down dramatically from $1B before its $24M hack in October 2020. Its C grade reflects that devastating exploit and the structural risk of depending on every protocol it connects to.
TVL
$14M
Mechanisms
6
Interactions
5
Value Grade
C-
Key Risks for Harvest Finance Users
Harvest lost $24M in October 2020 when an attacker manipulated Curve pool prices with a flash loan. Its TVL crashed from $1B to $335M. The same type of attack remains a structural concern
Your deposits are spread across Curve, Aave, Compound, and others. If any of those gets hacked, Harvest's automatic reinvestment can amplify your losses before anyone hits the pause button
30% of all vault profits go to FARM token buybacks, not to you. During low-yield periods, this tax can make your actual returns worse than alternatives
Top Risk Factors
- •Devastating $24M flash loan exploit in October 2020 via price manipulation of Curve pools — TVL dropped from $1B to $335M
- •Yield strategies depend on external protocol security — aggregator inherits risks from every integrated protocol
- •Flash loan oracle manipulation vulnerability class remains a structural concern for yield aggregator designs
Risk Score Breakdown
Harvest Finance's highest risk area is Track Record (15/15). Here's how each dimension contributes to the overall 48/100 score:
Read the Full Harvest Finance Risk Report
This protocol has 2 collapse scenarios. 3 high-severity interaction risks identified. See the full mechanism classification, interaction matrix, and deep-dive recommendations.
View Full Report →Considering an investment?