See Yields
← All posts

CATEGORY

Risk Management

7 articles

Multisig and Timelock Analysis: Which Solana Protocols Can Rug You
9 min read

Multisig and Timelock Analysis: Which Solana Protocols Can Rug You

The APY tells you what a protocol pays. It says nothing about who controls the code or how fast they can change it. We pulled the admin controls for the ten biggest Solana DeFi protocols by TVL. Only one has a documented timelock. Here is who holds the keys and how much warning you would get.

multisigtimelockadmin-key-risk
Audit Reports Decoded: What Solana DeFi Audits Actually Tell You
8 min read

Audit Reports Decoded: What Solana DeFi Audits Actually Tell You

58% of Solana DeFi protocols with $1M+ TVL have no public audit. Meanwhile, the two biggest exploits of 2026 hit protocols that were audited. Both facts are true, and both matter. Here is how to read an audit report like an analyst instead of treating it like a checkbox.

defi-auditsmart-contract-auditsolana-audit-firms
TVL Concentration on Solana: When One Protocol Holds Too Much
8 min read

TVL Concentration on Solana: When One Protocol Holds Too Much

The fear is that a handful of protocols hold all the money on Solana. The data says otherwise: the top three control 22% of DeFi TVL, and the concentration index sits in unconcentrated territory. The real risk is not who is biggest. It is what they share.

tvlconcentrationsystemic-risk
Oracle Risk in DeFi: How Price Feeds Can Break Your Yield
8 min read

Oracle Risk in DeFi: How Price Feeds Can Break Your Yield

Every lending position, perp, and looping vault on Solana depends on one number it does not produce itself: the price. When the oracle feeding that number lags, breaks, or gets gamed, your yield turns into a liquidation. Here is how oracle risk works and how we score it.

oraclepythswitchboard
Smart Contract Risk for DeFi Users: What to Check Before You Deposit
8 min read

Smart Contract Risk for DeFi Users: What to Check Before You Deposit

Audits alone did not stop the two biggest Solana exploits of 2026. Here is the checklist that would have flagged both, and how to run it in five minutes before you deposit.

risksecuritysmart-contracts
Zcash Orchard Bug: AI Found What Cryptographers Missed for 4 Years
4 min read

Zcash Orchard Bug: AI Found What Cryptographers Missed for 4 Years

A critical vulnerability in Zcash's Orchard shielded pool could have minted unlimited counterfeit ZEC. An AI-assisted audit found it. ZEC dropped over 40%. Here is what happened and what it means for DeFi.

zcashsecurityexploit
How We Score Risk: Inside yieldwire's Security Methodology
10 min read

How We Score Risk: Inside yieldwire's Security Methodology

Most yield aggregators show you APY and TVL. We show you whether the protocol behind those numbers has a multisig, a timelock, or a history of exploits. Here's exactly how our security scoring works.

securityriskmethodology