Fluid Lending Protocol

Contract Addresses (Ethereum Mainnet)

All contracts verified on Etherscan. Compiled with Solidity 0.8.21.

fToken Contracts (Lending)

fToken	Address	Underlying	Underlying Address
fUSDC	0x9Fb7b4477576Fe5B32be4C1843aFB1e55F251B33	USDC	0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48
fUSDT	0x5C20B550819128074FD538Edf79791733ccEdd18	USDT	0xdAC17F958D2ee523a2206206994597C13D831ec7
fWETH	0x90551c1795392094FE6D29B758EcCD233cFAa260	WETH	0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2
fwstETH	0x2411802D8BEA09be0aF8fD8D08314a63e706b29C	wstETH	0x7f39C581F595B53c5cb19bD0b3f8dA6c935E2Ca0
fGHO	0x6A29A46E21C730DcA1d8b23d637c101cec605C5B	GHO	0x40D16FC0246aD3160Ccc09B8D0D3A2cD28aE6C2f
fsUSDS	0x2BBE31d63E6813E3AC858C04dae43FB2a72B0D11	sUSDS	0xa3931d71877C0E7a3148CB7Eb4463524FEc27fbD
fUSDtb	0x15e8c742614b5D8Db4083A41Df1A14F5D2bFB400	USDtb	0xC139190F447e929f090Edeb554D95AbB8b18aC1C

fToken On-Chain State (Ethereum Mainnet, as of Feb 2026)

fToken	Total Assets	Exchange Rate	Supply Rate	Approx TVL
fUSDC	274.8M USDC	1.1853	4.59%	~$274.8M
fUSDT	167.5M USDT	1.1788	3.99%	~$167.5M
fGHO	42.3M GHO	1.0975	7.32%	~$42.3M
fwstETH	2,874 wstETH	1.0381	0.26%	~$8.9M
fUSDtb	5.8M USDtb	1.0171	1.82%	~$5.8M
fWETH	1,773 WETH	1.0682	2.56%	~$4.7M
fsUSDS	15,025 sUSDS	1.0021	0.00%	~$15.8K
Total Ethereum fTokens				~$504M

All exchange rates are >1.0, confirming accumulated yield since launch. No rewards programs currently active on any fToken — yields are purely organic from supply/borrow spreads.

Core Infrastructure (Dependency for Lending)

• Liquidity Layer: 0x52Aa899454998Be5b000Ad077a46Bbe360F4e497 — Central contract holding all funds. Upgradeable proxy (Instadapp Infinite Proxy) with AdminModule and UserModule.
• LendingFactory: 0x54B91A0D94cb471F37f949c60F7Fa7935b551D03 — Creates fToken markets. Owner: Timelock.
• Timelock: 0x2386DC45AdDed673317eF068992F19421B481F4c — Owner of Liquidity Layer, LendingFactory, VaultFactory, DexFactory. 1-day delay.
• GovernorBravo: 0x0204Cd037B2ec03605CFdFe482D8e257C765fA1B — Onchain governance. 117 proposals executed.
• Avocado Multisig: 0x4F6F977aCDD1177DCD81aB83074855EcB9C2D49e — Timelock guardian (cancel-only). Also owns DeployerFactory.
• FLUID Token: 0x6f40d4A6237C257fff2dB00FA0510DeEECd303eb — Governance token. 100M max supply, ~77.5M circulating.

Resolvers (Read-Only Periphery)

• FluidLiquidityResolver: 0xD7588F6c99605Ab274C211a0AFeC60947668A8Cb — Active resolver for supply/borrow rates, exchange prices, rate model params
• RevenueResolver: 0x0A84741D50B4190B424f57425b09FAe60C330F32

Audits and Due Diligence Disclosures

Fluid has undergone 8 distinct security audits across 4 audit firms, covering all major protocol components. The Lending Protocol was covered in the PeckShield and StateMind full-protocol audits. The Liquidity Layer (critical dependency for lending) was audited by both MixBytes and StateMind in 2025 using a dual-audit approach. All audit reports are available on the audits and security page.

#	Firm	Date	Scope	Critical	High	Medium	Low	Info	Total
1	PeckShield	Nov 2023	Full Protocol (incl. Lending)	0	4	4	5	0	13
2	StateMind	Oct–Dec 2023	Full Protocol (incl. Lending)	3	8	15	0	40	66
3	MixBytes	Mar–Jun 2024	Vault Protocol	0	0	2	4	0	6
4	Cantina	Sep–Oct 2024	DEX Protocol	0	0	2	7	4	13
5	MixBytes	Oct 2024	DEX Protocol	0	0	0	3	0	3
6	MixBytes	Sep–Dec 2025	Liquidity Layer	0	0	0	2	0	2
7	StateMind	Sep–Oct 2025	Liquidity Layer	0	1	0	0	4	5
Total				3	13	23	21	48	108

Lending-relevant audit details:

• PeckShield — Full Protocol (report): Covered lending/fToken contracts. All 13 issues resolved (12 resolved, 1 mitigated — "Trust Issue of Admin Keys").
• StateMind — Full Protocol (report): Covered Lending/iTokens (now fTokens), Liquidity Layer, Vaults, Oracles. Critical finding: LendingRewardRateModel returns rate with incorrect decimals (pool-draining risk) — fixed. Also: incorrect supplyExchangePrice calculation, DOS of iToken markets — all fixed.
• MixBytes — Liquidity Layer (report): Directly impacts lending withdrawal/supply mechanics. 2 Low findings.
• StateMind — Liquidity Layer Updates (report): 1 High: incorrect net transfer calculation causing user overpayment — fixed.
• MixBytes — Vault Protocol (report): Vault borrowers generate fToken yield. Relevant for lending counterparty risk. Insufficient reentrancy protection — fixed.

No formal verification (Certora, Halmos, etc.) has been performed.

Bug Bounty

Immunefi Bug Bounty Program — Active program under the "Instadapp" name. Last updated 2024-12-15. Fluid Lending Protocol is explicitly in scope.

Category	Severity	Min Reward	Max Reward	Calculation
Smart Contract	Critical	$25,000	$500,000	10% of directly affected funds
Smart Contract	High	$5,000	$100,000	50% of affected funds value
Web/App	Critical	$5,000	$50,000	Range model
Web/App	High	$5,000	$10,000	Range model

Fluid scope: Liquidity Layer, Lending Protocol, Vault Protocol (excluding periphery folder). Source repo.

Payment: USDC, USDT, or DAI on Ethereum. Medium/Low severity levels are not in scope.

Historical Track Record

• Production History: Fluid launched on Ethereum mainnet on February 20, 2024 (first TVL recorded). The protocol has been in production for approximately ~2 years (722 days as of February 2026).
• Lending TVL: $1.28B across all chains (88.7% of Fluid's total $1.45B TVL). Lending is the dominant product. TVL peaked at $2.68B (Oct 2025). TVL maintained >$500M for over 1.5 years.
• Multi-chain Lending Deployment:

Chain	Lending Supply TVL	% of Lending	Borrowed	Utilization
Ethereum	$718.9M	56.1%	$682.7M	95.0%
Plasma	$366.9M	28.6%	$279.3M	76.1%
Arbitrum	$146.7M	11.4%	$77.9M	53.1%
Base	$43.2M	3.4%	$20.0M	46.3%
Polygon	$5.4M	0.4%	$2.6M	47.8%
Total	$1.28B	100%	$1.06B	82.9%

• Incidents: No reported security incidents or exploits found. Not listed in DeFi Llama hacks database. No rekt.news entries for Fluid or Instadapp.
• TVL Stability: Only 1 daily drop >15% in entire history (August 6, 2024, -16.1%, aligned with broader crypto market selloff). Average daily volatility of 2.53% over past 90 days.
• Instadapp Legacy: Instadapp has been operating since 2019, maintaining ~$2B TVL through 2023. Fluid represents the team's most ambitious protocol built on years of DeFi infrastructure experience.

Funds Management

How fTokens Work

fTokens are ERC4626-compliant vault tokens. When a user deposits an underlying asset (e.g., USDC), the fToken contract:

1. Calls LIQUIDITY.operate() to deposit the underlying into the Liquidity Layer
2. The Liquidity Layer triggers a callback; the fToken transfers the underlying via SafeTransfer or Permit2
3. Shares are minted to the user based on the current exchange rate

On withdrawal, the reverse occurs: shares are burned before the underlying is withdrawn from the Liquidity Layer (burn-first pattern for safety).

Exchange rate: Computed onchain as tokenExchangePrice / EXCHANGE_PRICES_PRECISION (1e12 precision). The rate is monotonically increasing — it can never decrease. It incorporates:

• Yield from the Liquidity Layer (borrower interest)
• Optional rewards from a LendingRewardsRateModel (currently inactive for all fTokens; yields are purely organic)

Safety mechanisms in fToken contracts:

• Custom reentrancy guard (deposit/withdraw/rebalance all protected)
• Callback validation: checks caller = Liquidity AND token = ASSET AND status = ENTERED
• Burn-before-withdraw pattern
• BigMath precision with SafeCast overflow protection
• Rewards rate capped at 50% APR maximum

Accessibility

• Supplying: Permissionless — anyone can deposit via fTokens. No whitelist required.
• Redemption: fToken withdrawals via withdraw() or redeem() (standard ERC4626). Subject to Liquidity Layer withdrawal limits. If utilization is very high, withdrawals may be temporarily throttled until limits expand or borrows are repaid.
• Fees: No explicit deposit/withdrawal fees. Interest rates are algorithmically determined by utilization via a kink-based model.

Yield Source and Counterparty Risk

fToken yield comes from borrower interest. Borrowers use the Vault Protocol to deposit collateral and borrow assets from the Liquidity Layer. This means fToken holders are exposed to:

• Vault Protocol solvency: If borrowers default and liquidations fail to recover full value, bad debt could affect lending reserves
• Liquidation effectiveness: The tick-based liquidation mechanism must function correctly to prevent bad debt accumulation
• Oracle correctness: Vault liquidations depend on Chainlink, UniswapV3 TWAP, and Redstone price feeds. Oracle failures could delay liquidations

Collateral quality backing fToken yield (borrower collateral types):

• Blue-chip: ETH, WETH, wstETH, weETH, WBTC, cbBTC
• Stablecoins: USDC, USDT, sUSDe, GHO
• Others: PAXG, XAUt, various LSTs

Collateralization

• Backing: All lending positions are over-collateralized onchain. Borrowers must maintain collateral ratios (80-95% LTV depending on the pair).
• Liquidations: Fully onchain tick-based mechanism. Liquidation penalty as low as 0.1% for correlated pairs (wstETH/ETH), higher for uncorrelated pairs.
• Withdrawal Gap: Extra gap on Liquidity Layer limits reserved for liquidations to ensure they can always execute.

Provability

• Transparency: All reserves are fully onchain and verifiable via resolver contracts (FluidLiquidityResolver at 0xD7588F6c99605Ab274C211a0AFeC60947668A8Cb).
• Exchange Rate: fToken exchange rates are computed programmatically onchain (ERC4626 standard). No offchain oracle or admin input needed. Rate is monotonically increasing.
• Interest Rates: Algorithmically determined based on utilization. USDC rate model: kink at 85% utilization (5.5% rate), second kink at 93% (8.5%), max rate 40%.
• Revenue: Protocol revenue is calculated and verifiable via the RevenueResolver contract.

Interest Rate Model (USDC example, verified onchain)

Parameter	Value
Model Type	Kinked (V2)
Kink 1	85% utilization
Rate at Kink 1	5.50%
Kink 2	93% utilization
Rate at Kink 2	8.50%
Max Rate	40.00%
Fee	10% of spread

Liquidity Risk

Lending-Specific Liquidity Concerns

fToken holders face liquidity risk from the shared Liquidity Layer architecture. The Liquidity Layer serves not only lending but also Vaults, DEX, and stETH protocols. This means:

• Shared pool: fToken withdrawals compete with all other withdrawal demand on the Liquidity Layer
• High utilization: Ethereum lending utilization is 95.0% (borrowing $682.7M of $718.9M supplied). Overall cross-chain lending utilization is 82.9%. This is very high.
• Withdrawal limits: The Liquidity Layer enforces per-token expandable withdrawal limits. maxWithdraw() returns the minimum of: (1) the withdrawal limit at Liquidity, (2) actual liquid balance. If a large withdrawal exceeds the current expanded limit, users must wait for the limit to expand.

Exit Mechanisms

• Normal exit: Call withdraw() or redeem() on fToken. Subject to available liquidity and withdrawal limits.
• Secondary market: fTokens are ERC20 tokens and can be traded on secondary markets, though no significant DEX liquidity for fTokens was observed.
• Throttled exit: During high utilization, the expansion-rate mechanism throttles large withdrawals. This prevents bank runs but delays exit for large holders.

Lending TVL by Asset Type (Ethereum)

Asset Type	TVL	% of Ethereum Lending
Stablecoins	$368.8M	51.3%
ETH/LSTs	$265.1M	36.9%
BTC tokens	$54.4M	7.6%
Other (Gold, FLUID, etc.)	$30.7M	4.3%
Total	$718.9M	100%

Top Supply Assets (All Chains)

Rank	Token	Supply TVL	% of Total
1	wstUSR	$242.5M	18.9%
2	wstETH	$130.3M	10.2%
3	USDT0	$125.3M	9.8%
4	USDC	$124.4M	9.7%
5	weETH	$113.1M	8.8%
6	sUSDe	$103.8M	8.1%
7	USDT	$77.7M	6.1%
8	WBTC	$55.1M	4.3%
9	syrupUSDC	$51.3M	4.0%
10	syrupUSDT	$51.0M	4.0%

Concentration risk: wstUSR is the single largest supply asset at 18.9% of total lending TVL. Top 5 assets account for 57.6%.

Historical Liquidity Performance

• During the August 2024 market stress (only >15% TVL drop), the protocol maintained operations normally. TVL recovered and continued growing.
• No recorded instances of withdrawal limit throttling causing prolonged user lockouts.

Centralization & Control Risks

Governance

• Governance Model: Onchain GovernorBravo governance. FLUID token holders vote on proposals that execute through a timelock. Discussion on governance forum, onchain voting via GovernorBravo, and offchain signaling via Snapshot.
• Timelock: 0x2386DC45AdDed673317eF068992F19421B481F4c — 1-day (86,400s) delay. Admin of GovernorBravo is the Timelock itself (standard circular pattern). The Timelock guardian is the Avocado multisig (can cancel queued transactions). Min delay: 1 hour, max delay: 30 days.
• Owner/Admin: All core contracts (Liquidity Layer proxy admin, LendingFactory, VaultFactory, DexFactory) are owned by the Timelock (0x2386DC45...), not directly by the multisig. Verified onchain via owner() calls and EIP-1967 admin slot reads.
• GovernorBravo Parameters (verified onchain):
  • Quorum: 4,000,000 FLUID (4% of total supply)
  • Proposal threshold: 1,000,000 FLUID (1% of total supply)
  • Voting delay: 7,200 blocks (~1 day)
  • Voting period: 14,400 blocks (~2 days)
  • Proposals executed: 117
  • Minimum time from proposal to execution: ~4 days (1d delay + 2d voting + 1d timelock)

Lending-Specific Admin Controls

Role	Who	What They Can Do to Lending
Timelock (governance)	0x2386DC45...	Upgrade Liquidity Layer implementation, change LendingFactory owner, change supply/borrow configs, change rate models
LendingFactory Auths	Set by Timelock	Update fToken rewards config, change rebalancer address, rescue stuck tokens, set fToken creation code
LendingFactory Deployers	Set by Timelock	Create new fToken contracts
Rebalancer	0x724d...b9b6 (fUSDC/fUSDT only)	Deposit underlying without minting shares (adds as rewards). Cannot withdraw.
Guardian (Avocado multisig)	0x4F6F977a...	Pause Class 0 protocols only. Cannot move or withdraw funds. Cancel timelock transactions.

Key finding: No admin role can directly access or move user funds deposited via fTokens. The most powerful action is the Timelock upgrading the Liquidity Layer implementation (1-day delay).

Programmability

• System Operations: Largely programmatic. Interest rates and exchange rates are all computed onchain algorithmically.
• Oracle System (dependency via Vault Protocol): Chainlink primary, with UniswapV3 TWAP, Redstone, and custom center-price oracles as fallbacks. Modular per vault.
• Rate Model: Interest rates determined algorithmically via kink-based utilization model. Parameters set by governance.
• Keepers/Automation: No keepers needed for lending. Liquidations (in Vaults) are incentivized and performed by external liquidators.

External Dependencies

• Liquidity Layer: Critical dependency — holds all fToken deposits. Upgradeable proxy controlled by Timelock.
• Vault Protocol: Generates fToken yield. Vault borrowers, liquidations, and oracles all affect lending counterparty risk.
• Chainlink: Indirect dependency via Vault Protocol oracle system. Multiple fallback oracle paths reduce risk.
• Permit2: Supported for deposits (Uniswap's 0x000000000022D473030F116dDEE9F6B43aC78BA3).

Operational Risk

• Team: Instadapp Labs. Founded by Sowmay Jain and Samyak Jain — both are publicly known, India-based founders active since 2019. Key GitHub contributors include thrilok209, KABBOUCHI, and SamarendraGouda.
• Funding: Well-funded by top-tier VCs: Pantera Capital, Coinbase Ventures, Standard Crypto, additional undisclosed investors.
• Legal Structure: Instadapp Labs. No formal DAO legal wrapper disclosed.
• Documentation: Comprehensive technical documentation at docs.fluid.instadapp.io. Full source code on GitHub.
• Communication: Active governance forum, Discord, Twitter @0xfluid, Blog.
• Incident Response: No documented formal incident response plan found. However, Guardian role can pause protocols immediately. Team has ~6 years of operational history with zero security incidents.

Monitoring

Contracts to Monitor

Contract	Address	Why Monitor
fUSDC	0x9Fb7b4477576Fe5B32be4C1843aFB1e55F251B33	Largest fToken (~$274.8M). Exchange rate, deposits/withdrawals
fUSDT	0x5C20B550819128074FD538Edf79791733ccEdd18	Second largest (~$167.5M). Exchange rate, deposits/withdrawals
Liquidity Layer	0x52Aa899454998Be5b000Ad077a46Bbe360F4e497	Holds all fToken deposits. Admin changes, implementation upgrades
Timelock	0x2386DC45AdDed673317eF068992F19421B481F4c	Owner of all core contracts — queued/executed transactions
GovernorBravo	0x0204Cd037B2ec03605CFdFe482D8e257C765fA1B	Governance proposals, voting, execution

Key Events to Watch

Contract	Event	Significance
Timelock	QueueTransaction / ExecuteTransaction	Governance actions queued/executed — 1 day warning
Timelock	CancelTransaction	Guardian cancelled a queued action
Liquidity Layer	LogUpdateAuth	Auth permissions changed — affects who can modify lending configs
Liquidity Layer	LogUpdateGuardian	Guardian address changed
Liquidity Layer	LogPauseUser / LogUnpauseUser	Protocol paused/unpaused — directly affects fToken operations
Liquidity Layer	LogUpdateUserSupplyConfigs	Supply limits changed — affects max fToken deposits
Liquidity Layer	LogUpdateUserBorrowConfigs	Borrow limits changed — affects utilization and withdrawal availability
Liquidity Layer	LogUpdateRateDataV1 / LogUpdateRateDataV2	Interest rate parameters changed — affects fToken yield
LendingFactory	New fToken creation	New lending market created

Reassessment Triggers

• Time-based: Reassess in 6 months (August 2026) — protocol will have >2.5 years history. Apply >2 year modifier (-0.5) at that time.
• Utilization-based: Reassess if Ethereum utilization exceeds 99% (negative — withdrawal availability critically constrained)
• TVL-based: Reassess if lending TVL changes by more than 50%
• Incident-based: Reassess after any exploit, governance change, or significant parameter modification
• Governance: Reassess if GovernorBravo parameters change (quorum, timelock delay, voting period) or if Avocado multisig signers change
• Dependency: Reassess if Liquidity Layer implementation is upgraded or if a new protocol is added to the shared liquidity pool