Security
Security is foundational to Vale’s design. This page explains the security model and the measures in place to protect your assets.Security Philosophy
Vale is built on a simple principle: minimize trust assumptions. Rather than asking you to trust Vale with your funds, the protocol is designed so that:- You maintain custody of your assets at all times
- Smart contracts are simple and audited
- All operations are transparent and verifiable on-chain
Non-Custodial Architecture
Vale is fully non-custodial:You Control Your Funds
You Control Your Funds
Your deposited funds are represented by vault shares that you hold in your
wallet. Vale cannot move, freeze, or access your funds.
No Admin Keys for Fund Movement
No Admin Keys for Fund Movement
The Vale router contract has no admin functions that can move user funds.
There’s no “emergency withdraw” or similar function that could be abused.
Direct Wallet Custody
Direct Wallet Custody
Vault shares go directly to your wallet when you deposit. You can interact
with the underlying vault directly if needed.
Smart Contract Security
Minimal Design
The Vale router contract is intentionally simple:- Stateless: Never holds user funds between transactions
- Immutable: Cannot be upgraded or modified after deployment
- Limited Scope: Only handles fee collection and vault routing
- No Complex Logic: Straightforward deposit/withdraw flows
Code Transparency
All Vale contracts are:- Open source and publicly verifiable
- Deployed on Base with verified source code
- Available for anyone to audit or review
Vault Security
Vale routes deposits to Morpho vaults, which have their own security measures:Audited Infrastructure
Morpho is one of the most audited protocols in DeFi:- Multiple security audits from leading firms
- Formal verification of critical components
- Established track record with significant value secured
Institutional Curation
Vale only routes to vaults managed by vetted institutional curators:- Curators have professional risk management processes
- Vault strategies are designed with conservative parameters
- Track records are evaluated before integration
Collateralization
Lending vaults require borrowers to post collateral:- Loans are overcollateralized
- Liquidation mechanisms protect lender capital
- Oracle systems monitor collateral values
On-Chain Verification
Every Vale operation is recorded on-chain:Transaction Records
All deposits and withdrawals are blockchain transactions you can verify on
any block explorer.
Risk Factors
While Vale implements significant security measures, you should understand the remaining risks:Smart Contract Risk
All smart contracts carry risk. Even audited contracts can have undiscovered vulnerabilities. Vale mitigates this through:- Simple contract design
- Reliance on battle-tested Morpho infrastructure
- Open source code for community review
Protocol Risk
The underlying Morpho protocol has its own risks:- Oracle failures could affect liquidations
- Extreme market conditions could impact lending markets
- Protocol governance decisions could affect vault operations
Market Risk
DeFi yields are variable:- Interest rates fluctuate based on supply and demand
- Yields are not guaranteed
- Past performance doesn’t guarantee future returns
Security Best Practices
When using Vale, we recommend:Verify Contracts
Always verify you’re interacting with official Vale contracts. Check
addresses against documentation.
Secure Your Wallet
Use a hardware wallet or secure key management. Your vault shares are only
as secure as your wallet.
Start Small
Consider starting with a smaller amount to familiarize yourself with the
protocol before larger deposits.
Stay Informed
Follow Vale’s official channels for security updates and announcements.