Moderate risk — well-audited standard yield aggregation with 4+ years of operation, balanced by external protocol dependency risk and reduced scale from peak.
Top Risks
1
Vesper deploys user deposits into external DeFi protocols via yield strategies (Grow and Earn pools). A vulnerability in any underlying strategy's integrated protocol (Aave, Compound, Maker, etc.) could result in loss of funds deposited through Vesper, even if Vesper's own contracts are secure.
2
A rebase vulnerability was discovered by Dedaub in March 2023 that could have allowed a malicious user to intercept strategy yield via the WETH/VSP Uniswap pool. While the vulnerability was never exploited and was patched promptly, it demonstrates the complexity of multi-strategy yield aggregation.
3
VSP token governance controls strategy selection and pool parameters. With diminished TVL from its 2021 peak of $1B, the economic security of governance (VSP market cap) may be low relative to controlled assets.
Risk Breakdown
Frequently Asked Questions
Is Vesper safe to use?
Vesper receives a B risk grade (27/100) from Hindenrank, where lower scores indicate lower risk. Moderate risk — well-audited standard yield aggregation with 4+ years of operation, balanced by external protocol dependency risk and reduced scale from peak. Vesper Finance is a yield aggregator built for longevity, offering Grow pools (in-kind yield) and Earn pools (cross-token yield) with over 50 independent audits covering all deployed contracts. Founded by Bitcoin developer Jeff Garzik, it operates with $35M in deposits. Its B grade reflects the well-understood yield aggregation model and extensive audit coverage, with moderate risk from external protocol dependencies.
What are the main risks of using Vesper?
The key risks identified for Vesper are: (1) Vesper deposits user funds into external DeFi protocols through yield strategies. If any integrated protocol is exploited, Vesper users in the affected strategy would lose funds even though Vesper's own contracts may be secure. (2) A vulnerability in Vesper's rebase logic was discovered in March 2023 by Dedaub. While it was never exploited and was promptly fixed, it demonstrates the complexity of managing multiple yield strategies. (3) VSP token's reduced market cap from its 2021 peak means governance economic security may be lower relative to managed assets, potentially reducing the cost of a governance attack.
What is Vesper's risk score breakdown?
Vesper scores 27/100 across eight risk dimensions: Mechanism Novelty: 0/15, Interaction Severity: 5/20, Oracle Surface: 2/10, Documentation Gaps: 2/10, Track Record: 6/15, Scale Exposure: 3/10, Regulatory Risk: 3/10, Vitality Risk: 6/10. The highest risk area is Vitality Risk at 6/10.
How does Vesper compare to other Yield protocols?
Among 112 rated Yield protocols on Hindenrank, Vesper ranks #16 by safety (lowest risk score = safest). Its 27/100 risk score and B grade place it among the safer Yield protocols.
Has Vesper ever been hacked or exploited?
Vesper scores 6/15 on the Track Record risk dimension, indicating some history of security incidents or exploits. Higher scores reflect more severe or frequent incidents. Review the full risk report for details.