Pando Leaf

Pando Leaf receives a C risk grade (50/100) from Hindenrank, where lower scores indicate lower risk. Elevated risk — major infrastructure exploit in 2023 with incomplete recovery, combined with non-standard custody and oracle mechanisms that concentrate trust in a small node set. Pando Leaf is a CDP (Collateralized Debt Position) protocol on the Mixin Network that lets users mint pUSD stablecoins by depositing cryptocurrency collateral like BTC and ETH. Inspired by MakerDAO, it uses a unique Mixin Trusted Group (MTG) multi-signature system instead of traditional smart contracts. With approximately $14M in TVL, Pando Leaf was significantly impacted by the September 2023 Mixin Network hack that resulted in ~$200M in total losses across the ecosystem, with Pando Leaf losing 70% of its ETH and 90% of its USDT collateral. The C grade reflects the combination of this major security incident, non-standard oracle infrastructure, and the custodial trust assumptions inherent in the MTG model.

The key risks identified for Pando Leaf are: (1) Mixin Network infrastructure risk: The September 2023 hack proved that Pando Leaf's underlying infrastructure can be compromised, with users only receiving 50% reimbursement for losses — this exact scenario has already occurred (2) Non-standard security model: Unlike most DeFi protocols that use transparent smart contracts, Pando Leaf relies on a small group of MTG nodes for custody and execution, requiring users to trust this node set rather than verifiable code (3) Oracle centralization: Price feeds come through MTG node consensus rather than established oracle networks, creating potential for delayed or inaccurate pricing during volatile markets (4) Limited ecosystem liquidity: Operating exclusively on Mixin Network means limited secondary market depth for pUSD and restricted exit options during stress events

Pando Leaf scores 50/100 across eight risk dimensions: Mechanism Novelty: 3/15, Interaction Severity: 7/20, Oracle Surface: 7/10, Documentation Gaps: 4/10, Track Record: 15/15, Scale Exposure: 3/10, Regulatory Risk: 5/10, Vitality Risk: 6/10. The highest risk area is Track Record at 15/15.

Among 25 rated CDP protocols on Hindenrank, Pando Leaf ranks #24 by safety (lowest risk score = safest). Its 50/100 risk score and C grade place it among the riskier CDP protocols.

Pando Leaf scores 15/15 on the Track Record risk dimension, indicating some history of security incidents or exploits. Higher scores reflect more severe or frequent incidents. Review the full risk report for details.