Vesu represents an ambitious experiment in fully permissionless, governanceless lending on Starknet. The programmable hooks system is innovative but introduces significant smart contract risk. Suitable for DeFi-native users who understand the risks of permissionless pool systems, but not for conservative depositors seeking battle-tested lending.
Top Risks
1
Vesu's fully permissionless lending pool creation with programmable 'hooks' introduces significant smart contract surface area — ChainSecurity's audit noted the 'high complexity and extensibility present a large attack surface.'
2
The protocol relies primarily on one smart contract developer, and novel issues and regressions were found during the last audit review cycle, presenting elevated risk of undiscovered vulnerabilities.
3
No governance token means no economic backstop or safety module — bad debt from permissionless pools has no recourse beyond the pool's own depositors.
Risk Breakdown
Frequently Asked Questions
Is Vesu safe to use?
Vesu receives a C+ risk grade (38/100) from Hindenrank, where lower scores indicate lower risk. Vesu represents an ambitious experiment in fully permissionless, governanceless lending on Starknet. The programmable hooks system is innovative but introduces significant smart contract risk. Suitable for DeFi-native users who understand the risks of permissionless pool systems, but not for conservative depositors seeking battle-tested lending. Vesu is a fully permissionless lending protocol on Starknet where anyone can create lending pools with custom risk parameters. Unlike most DeFi lending platforms, Vesu has no governance token and no central authority — it operates as pure infrastructure. Users can supply crypto assets to earn yield, borrow against collateral, or build custom lending experiences using programmable 'hooks.' The protocol also offers Vesu Vaults, which are automated yield strategies that allocate across multiple lending pools. Vesu has been audited by ChainSecurity but was flagged for high complexity and elevated risk of undiscovered bugs.
What are the main risks of using Vesu?
The key risks identified for Vesu are: (1) Permissionless pool creation means anyone can set up a lending pool — malicious or poorly configured pools could trap depositor funds. (2) ChainSecurity audit flagged high complexity and single developer dependency, with novel issues found in the last review cycle. (3) No governance token or safety module means there is no protocol-level backstop if something goes wrong — depositors bear all losses.
What is Vesu's risk score breakdown?
Vesu scores 38/100 across eight risk dimensions: Mechanism Novelty: 6/15, Interaction Severity: 8/20, Oracle Surface: 3/10, Documentation Gaps: 3/10, Track Record: 8/15, Scale Exposure: 3/10, Regulatory Risk: 5/10, Vitality Risk: 2/10. The highest risk area is Track Record at 8/15.
How does Vesu compare to other Lending protocols?
Among 90 rated Lending protocols on Hindenrank, Vesu ranks #58 by safety (lowest risk score = safest). Its 38/100 risk score and C+ grade place it in the middle tier of Lending protocols.
Has Vesu ever been hacked or exploited?
Vesu scores 8/15 on the Track Record risk dimension, indicating some history of security incidents or exploits. Higher scores reflect more severe or frequent incidents. Review the full risk report for details.