Audits

Security is Our Top Priority

Smart contract risk is highly prevalent among DeFi protocols. One of Usual’s top priorities is to mitigate and reduce the potential risk from the underlying Usual smart contracts by conducting in-depth audits aimed at identifying potential vulnerabilities, logical errors, or inefficiencies and further by conducting continuous security monitoring of the smart contracts. The audits are conducted by leading industry experts and will be used to enhance trust through proper risk and security management on the smart contracts. Please find below the chronological overview of our completed audits.

May 2024

Auditor

Cantina

• Lead Security Researcher: xmxanuel

• Security Researcher: deadroses

• Associate Security Researcher: jonatas

Scope

• Codebase Simplification: Replacing the "mint engine" with the "swap engine"

• Cantina Managed Audit Phase 1: Permissioned launch smart contracts audit

• Cantina Managed Audit Phase 2: Permissionless launch smart contracts audit

June 2024

Auditor

Cantina

Scope

• Public security competition managed by Cantina on the same scope that audited in May 2024

• Link: Public Competition & Bug Bounty Program

October 2024

Auditor

Paladin

Scope

• L2 Token contracts

• OFT MintAndBurnAdapter

• L1 OFT Adapter

• Link: L2 Tokens & Adapter Audit

November 2024

Auditors

Cantina

• Lead Security Researcher: deadroses

• Lead Security Researcher: xmxanuel

• Security Researcher: Phaze

• Associate Security Researcher: Chinmay Farkya

Halborn

Sherlock (public audit competition)

Scope

V1 contract upgrades & additions covering:

• bUSD0 (formerly USD0++)

• DAO Collateral

• SwapperEngine

• USUAL

• USUALS

• USUALSP

• USUAL distribution

• USUAL Airdrop

• USUALx

December 2024

Auditors

Blackthorne

Cantina

Scope

• WrappedM aka UsualM

• bUSD0 (formerly USD0++) unwrap with Cap for vault strategies

• USUALx

January 2025

Auditors

Spearbit

Scope

• Claim Redirect

• Fee sweep via DistributionModule

• USUALx adjustment for fee sweep

• bUSD0 (formerly USD0++) adjustment for fee sweep

February 2025

Auditors

Sherlock Spearbit

Scope

• Euler USL vault and oracle

• Usual USL Economic Risk Assessment

• UsualUSDtb

• Yield Module

For more detailed information on our security measures or to report a potential vulnerability, please contact our security team at [email protected].

March 2025

Auditors

Sherlock Spearbit

Scope

• Usual bUSD0 (formerly USD0++) Investment Vault

• Coherent Audit competition on overall protocol

May 2025

Auditors

Hexens

Halborn

Sherlock Spearbit

Scope

• ETH0 Protocol

• ETH0 Zapper Contract

• USUALX Lockup Contract

July 2025

Auditors

Sherlock

Spearbit

Scope

• bUSD0 (formerly USD0++) Upgrade (Updating Burn Redemption Mechanism)

• Sync Vault remediation

• Usual USDC

Sherlock - Audit report on bUSD0 (formerly USD0++) upgrade (Burn Redemption Mechanism)

October 2025

Auditors

Sherlock

Scope

• EUR0

November 2025

Auditors

Hexens

Halborn

Sherlock

Scope

• sUSD0

• sEUR0

• RDM (Revenue Distribution Module)

• USD0a Protocol

• bUSD0 (formerly USD0++) Upgrade