Useful Links

• Website: yieldnest.finance | app.yieldnest.finance

  • Documentation: Docs | Github | Audits

  • Social: Twitter | Blog | Discord

  • Contracts: deployed contracts

  • ynTokens:

    • YN MAX LRTs: ynETHx | ynBNBx | ynUSDx | ynBTCx

    • YN LRT Strategies: ynETH | ynLSDe | ynBNBk

• Dashboards: Dune | DeFiLlama

Introduction

This report is conducted by the YieldNest independent risk and research team, operated by LlamaRisk, as part of a series on YieldNest. In this series, we explore the architecture and mechanics of MAX LRTs and their underlying LRT strategies, which dynamically rebalance between restaking and DeFi protocols. This report introduces the YieldNest protocol, MAX LRTs, and LRT strategies while also providing a structured assessment of the broader role of restaking in DeFi.

We focus on the four MAX LRTs—ynETHx, ynBTCx, ynBNBx, and ynUSDx—and analyze one specific LRT strategy: ynETH. MAX LRTs are designed to optimize capital efficiency by integrating multiple yield sources and managing risk-adjusted strategies across the ecosystem. Our analysis considers the fundamental risk factors associated with the YieldNest protocol, utilizing both quantitative and qualitative methodologies to assess individual MAX LRTs, LRT strategies, and the broader YieldNest ecosystem.

Restaking protocols like EigenLayer and Kernel introduce shared security mechanisms that secure decentralized applications via Active Validated Services (AVSs), Networks, and Distributed Validation Networks (DVNs). These modular security solutions rely on restaked assets to underwrite risks, enforce task correctness, and provide economic security for restake applications (RAs). By leveraging the settlement guarantees and assets of underlying blockchains, these platforms enhance security and operational resilience within DeFi.

However, YieldNest envisions restaking as more than just an extension of shared security networks. It represents an evolving mechanism that unlocks capital efficiency and extends beyond conventional restaking models. Future DeFi protocols may integrate restaking across multiple financial layers—such as lending platforms that restake collateral across multiple protocols (e.g., Resupply) or AMMs that facilitate cross-chain liquidity provisioning. This broader perspective is why YieldNest defines MAX LRTs as a distinct category, incorporating diverse restaking strategies that maximize yield potential while ensuring sustainable, risk-adjusted returns.

This report serves as a foundational reference for understanding YieldNest’s modular, AI-enhanced approach to restaking, capital efficiency, and security optimization. The evolving nature of MAX LRTs and LRT strategies highlights the expanding role of restaking in DeFi, positioning it as a critical tool for enhancing liquidity, composability, and systemic stability across decentralized markets.

Section 1: Protocol Fundamentals

This section introduces relevant background information about the YieldNest protocol and the mechanics behind MAX LRTs and their underlying LRT strategies, which dynamically rebalance between restaking and DeFi protocols. It also expands on YieldNest’s modular, AI-enhanced approach to restaking, capital efficiency, and security optimization.

1.1 Introduction

YieldNest is a decentralized liquid restaking protocol that generates yield by integrating restaking applications and DeFi strategies. Through MAX LRTs and LRTs, these composable and liquid tokens simplify yield management by consolidating multiple restaking and DeFi protocols into a single, user-friendly asset.

The protocol’s modular architecture, built on adaptable smart contracts, ensures seamless integration with both existing and future shared security protocols while evolving alongside DeFi strategies. This approach enables users to access the highest risk-adjusted yields available, enhanced and secured by AI-driven automation and monitored 24/7. YieldNest’s core contracts facilitate these capabilities, positioning it as a versatile tool for yield optimization and restaking innovation.

1.2 YieldNest Protocol

1.2.1 Protocol Objectives

YieldNest’s products are designed to simplify and optimize yield generation by integrating restaking and DeFi strategies into liquid tokens. Each token is denominated in an underlying asset and exposes holders to a multi-strategy system that seamlessly rebalances and autocompounds yields.

MAX LRTs function as composable liquid tokens that integrate restaking and DeFi strategies across multiple protocols, while LRTs offer targeted exposure to dynamic restaking strategies. These tokens are designed to adapt to new and evolving opportunities, ensuring users consistently receive the highest risk-adjusted yields available.

YieldNest serves as an asset management layer, abstracting away the complexity of active strategy management and providing users with diversified exposure through a single liquid token. By reducing barriers to entry, optimizing asset returns, and establishing a modular investment infrastructure, the protocol enhances accessibility across multiple restaking and DeFi platforms.

1.2.2 MAX LRT Overview

MAX LRTs consolidate composable strategies from both restaking and DeFi protocols into a single liquid token. Each MAX LRT strategy is structured to deliver optimized, risk-adjusted returns by integrating advanced restaking and DeFi mechanisms. Designed for simplicity, transparency, and high utility, these assets enable users to benefit from seamless autocompounding yields without the need for active portfolio management.

YieldNest initially introduces four MAX LRTs, utilizing blue-chip assets—ETH, BTC, USD, and BNB—as their primary underlying assets. The protocol will focus on these four assets initially, with potential expansion once the full YieldNest DAO is operational.

• ynETH MAX (ynETHx): ETH-based strategies.

• ynBTC MAX (ynBTCx): BTC-based strategies.

• ynUSD MAX (ynUSDx): USD-based strategies.

• ynBNB MAX (ynBNBx): BNB-based strategies.

Each strategy provides settlement on its respective Layer 1 blockchain (e.g., ynETHx settles on Ethereum L1, and ynBNBx on BNB L1) while integrating and optimizing opportunities across different DeFi ecosystems. MAX LRTs simplify yield management by consolidating multiple yield sources into a single asset, offering automated compounding yields and maximizing risk-adjusted returns while dynamically adapting to new opportunities across the DeFi landscape.

1.2.3 MAX LRT Architecture

Each MAX LRT follows a unique strategy composition and management framework. The base configuration of every MAX LRT is defined by:

• Price Asset: The asset in which the MAX LRT is denominated (e.g., ETH).

• Accounting Layer: The Layer 1 settlement chain (e.g., Ethereum L1).

• Primary Underlying Asset: The core yield-generating asset (e.g., WETH).

• Other Underlying Assets: Additional assets integrated for yield optimization (e.g., wstETH & OETH).

• Reward Fee: The fee structure associated with yield distribution.

For example, in the case of ynETHx, users deposit underlying assets and receive ynETHx share tokens denominated in ETH. MAX LRTs are built for composability, enabling seamless tracking and accounting of all underlying strategies within a single liquid token while maintaining L1 settlement assurances. These capabilities are further enhanced by AI-driven optimization and security mechanisms, ensuring continuous adaptation and resilience across the evolving DeFi landscape.

Source: YieldNest Github

Internal modules like the RateProvider ensure accurate pricing and conversions, while a Coprocessor manages asset allocation, strategy execution, and accounting. This system serves as the foundational infrastructure that enables MAX LRTs to support multichain strategies seamlessly, optimizing capital efficiency across diverse DeFi ecosystems.

The Buffer Strategy is an ERC-4626-compliant mechanism designed to provide immediate liquidity for withdrawals. It ensures that a portion of the MAX LRT’s underlying assets remains in readily accessible, yield-generating strategies, allowing users to redeem their MAX LRT positions without delays. Effectively, the Buffer Strategy functions as a liquidity reserve, balancing capital deployment efficiency with the need for rapid, frictionless redemptions.

To maintain stability, any stress on the buffer will be mitigated through liquidity pools or queue systems, where participants can benefit from withdrawal flows. This ensures sustainable liquidity management while reinforcing MAX LRTs’ ability to maintain deep liquidity, even under volatile market conditions.

source: ynETHx diagram, YieldNest docs

The YieldNest DAO will have the flexibility to add or remove strategies and MAX LRTs over time. Each MAX LRT is designed to evolve into its own SubDAO, maintaining independent governance and strategy execution. The objective is to minimize the number of MAX LRTs, ensuring a focused, efficient, and low-risk structure while maximizing utility and capital efficiency.

There are no predefined strategy limitations for any MAX LRT. Each SubDAO will have the autonomy to explore different strategies, prioritizing AI-enhanced, risk-adjusted returns. The integration of autonomous AI agents will optimize restaking allocations, rebalance DeFi exposure, and dynamically adjust parameters based on real-time market conditions and risk assessments.

Initially, MAX LRTs will be structured as products within the YieldNest ecosystem. Over time, governance will transition to decentralized SubDAOs, each managing its respective MAX LRT independently, leveraging AI-powered governance support for strategic decision-making.

Source: YieldNest

Smart Contracts Overview

MAX LRTs leverage a modular smart contract architecture built around the BaseVault and Vault contracts. These contracts implement the ERC-4626 standard, enabling seamless deposits, withdrawals, and conversions between assets and shares while maintaining compatibility with DeFi integrations. By inheriting from BaseVault, the Vault contract extends functionalities such as fee management via integration with FeeMath.

Additionally, the protocol employs a TransparentUpgradeableProxy model with a timelock, separating logic and storage. This design enables seamless upgrades without data loss, ensuring flexibility, scalability, and security as the ecosystem evolves.

The Vaults.sol contract introduces an advanced architecture that supports multiple restaking and DeFi protocols across chains, maintaining flexibility for future protocol integrations. This modular design allows MAX LRTs to adapt to various asset classes and optimize strategies based on evolving market conditions. The standardized interfaces and extension points embedded in the contract architecture ensure long-term adaptability while preserving security and composability.

Additionally, the smart contract architecture is enhanced by AI-driven automation, which optimizes liquidity allocation, capital efficiency, and real-time strategy execution. The AI agents continuously monitor on-chain and off-chain signals, dynamically reallocating funds between restaking and DeFi strategies to maximize risk-adjusted returns while mitigating market volatility.

Guard Validation Engine: Security Framework for MAX LRT

The Guard Validation Engine serves as a core security layer within the MAX LRT architecture, ensuring that all transactions processed through the generic processor comply with predefined on-chain security rules. This framework enhances safety, transparency, and governance across MAX LRT transactions.

Role & Functionality

The generic processor facilitates seamless execution of transactions—including deposits, withdrawals, swaps, and strategy interactions—without requiring contract upgrades. To maintain security, the Guard engine enforces a whitelist-based rule system, ensuring that only approved transactions are permitted.

In addition to rule-based security, AI-driven threat detection systems proactively identify anomalous transactions, liquidation risks, and systemic vulnerabilities in real time. These AI-powered mechanisms enhance the security framework by dynamically adjusting risk parameters, enforcing automated governance alerts, and preventing potential exploits before they escalate.

Key Security Features:

AI-Powered Risk Assessment – AI continuously evaluates transaction flows and detects potential security threats before execution. Target-Level Access Control – Limits execution to pre-approved contracts, whether internal or external. Function-Level Access Control– Restricts callable functions to whitelisted operations on authorized contracts. Parameter Validation – Ensures function parameters comply with predefined security constraints, including address whitelists. Custom Validation Logic – Allows for custom validator contracts via external interfaces to handle complex security conditions.

Advantages of the Guard System:

AI-Driven Monitoring – Continuous risk assessment and anomaly detection optimize security without compromising transaction efficiency. Modular Design – Separates vault operations from strategy management and business logic, which are handled via peripheral contracts or coprocessor networks. Unlimited Extensibility – Supports custom validators through the IValidator interface, enabling additional security logic. Granular Control – Allows security rules to be enforced at both function and parameter levels for precise governance. Fail-Safe Defaults – Transactions revert if no active rule exists, enforcing whitelist-based security at all times.

Implementation & Governance:

Guard.sol – Manages validation logic and rule enforcement for all MAX LRT transactions. BaseVault.sol – Implements the processor functionality, enabling controlled rule modifications (additions, edits, removals) within governance-approved constraints. AI-Driven Threat Detection – Real-time monitoring of smart contract interactions to identify and mitigate security risks before they escalate. Timelock Governance – Ensures that all rule modifications are subject to a timelock delay, reinforcing security and transparency in the governance process.

This security framework provides a flexible yet robust structure, ensuring MAX LRT transactions remain safe, controlled, and adaptable to evolving governance and market conditions.

For a detailed breakdown of the MAX LRT smart contract architecture, refer to ynBNBx.

1.2.4 LRT Overview

Native LRTs and LRTs represent restaking/DeFi strategies that form part of MAX LRTs, or that can be independent products with exposure limited to restaking. LRTs are classified into two types:

1. Native Liquid Restaked Tokens (nLRTs): Represent restaking of the native L1 network token (e.g., ynETH, where native ETH is restaked through ETH L1 validators and subsequently via EigenLayer).

2. Non-Native Liquid Restaked Tokens (LRTs): Represent any token on the native L1 network that can be restaked (e.g., ynLSDe, which restakes Liquid Staking Derivatives (LSDs)).

Both nLRTs and LRTs are delegated to provide security for various RAs across restaking platforms while enabling trading opportunities within the DeFi ecosystem. As shown in the ynETHx diagram above, an example of nLRTs and LRTs can be seen in ynETH and ynLSDe, respectively, which both play a crucial role in forming the restaking strategies for ynETHx.

1.2.5 LRT Components

Using ynETH to provide context, the main LRT components will be presented below to provide context into the workings of MAX LRTs and the underlying LRT strategies that function for restaking.

TokenStakingNodesManager
This contract manages the creation, initialization, and upgrade of StakingNode instances, registration of new validators, and rewards. Staking nodes within the YieldNest protocol manage the delegation of staking operations to various operators.

The StakingNodesManager uses an Upgradeable Beacon pattern to manage staking nodes. This allows staking node logic upgrades without disrupting existing nodes.

For Native LRTs, the manager uses staking-as-a-service providers to delegate ETH to beacon chain validators and makes deposits available for restaking on EigenLayer by directing withdrawal credentials to EigenPod instances owned by a YieldNest StakingNode.

• TokenStakingNode A StakingNode represents an individual staking entity that mirrors an EigenPod. It manages assets from ynEigen for LRTs and staked ETH for ynETH, delegation and reverse delegation of restaking power, and interactions with yield-generating strategies.

• EigenStrategyManager This contract manages EigenLayer strategies, users with STRATEGY_ADMIN_ROLE can register strategies.

• RewardsDistributor The distributor manages YieldNest staking rewards, protocol fees, and routing net rewards to liquidity pools. Validators send Execution rewards to the ExecutionLayerReceiver and the StakingNodesManager sends Consensus rewards to the ConsensusLayerReceiver.

• WithdrawalQueueManger Allows users to request withdrawals via requestWithdrawal() and claim them with claimWithdrawal.

Source: YieldNest Docs, ynETH diagram

1.2.6 Withdrawal Processing

LRT Withdrawal Overview

LRTs holders can call requestWithdrawal()for the amount of LRT held e.g. ynETH they want to redeem. The LRT amount is transferred to the WithdrawalQueueManager and a corresponding NFT is minted that contains a unique ID, the amount being withdrawn, the withdrawal fee, the redemption rate, and the request timestamp. The NFT is not bound to an address but cannot be canceled.

After all waiting periods have elapsed, sufficient funds are available and the withdrawal has been processed the user can claim their funds with their NFT ID. Claiming burns the LRT and the corresponding NFT, with the redeemed funds being sent to the user's address.

Faster alternative redemption methods include swapping LRTs on secondary sites such as AMMs e.g. Curve or selling a claim NFT to another party prepared to wait, like the ynETH example given below.

Source: YieldNest Docs, ynETH withdrawals

MAX LRT Withdrawal Overview

The MAX LRTs withdrawal system is designed for seamless liquidity access through a buffer strategy that dynamically manages assets to ensure instant redemptions and capital efficiency. YieldNest approach continuously reallocates funds across secure, yield-generating strategies such as Euler Vaults and other advanced DeFi mechanisms, optimizing both availability and performance.

This intelligent allocation framework ensures that withdrawals remain fluid and responsive to market conditions while preserving security and risk-adjusted returns.

Future Enhancements

To further reinforce liquidity availability, YieldNest is developing a dynamic fee structure that will:

• Ensure withdrawal access even in extreme market conditions,

• Optimize capital efficiency without unnecessary idle funds,

• Maintain long-term sustainability and system resilience.

With this evolving architecture, MAX LRTs are built to adapt, optimize, and deliver a superior withdrawal experience, ensuring users always have access to their assets safely, efficiently, and without compromise.

1.3 YieldNest Tokens

1.3.1 Current MAX LRTs

As mentioned in section 1.2.2, YieldNest will initially offer 4 MAX LRTs; ynETHx, ynBTCx, ynUSDx, and ynBNBx. This set focus is intended to expand over time once the YieldNest DAO has been established.

• ynETHx
  ynETHx is the ETH-based MAX LRT and is the first deployment of MAX LRTs. Denominated in ETH, the vault accepts derivatives including wstETH stETH, ynETH, ynLSDe, WOETH, oETH, sfrxETH, and mETH. The underlying LRT strategy is ynETH. Assets are rebalanced across multiple tokenized strategies and chains to achieve a high adjusted yield from restaking and DeFi with yields auto-compounding.

• ynBNBx ynBNB is a MAX LRT on the BNB chain designed to optimize yield from BNB restaking and DeFi strategies. Accepting BNB derivatives such as wBNB, ynBNB, and asBNB, assets are allocated to generate yields from BNB staking, Kernel restaking, and DeFi strategies.

Source: YieldNest Docs, ynBNBx

• ynBTCk
  ynBTCk is a BTC derivative restaking token, that allows users to restake BTCB, solvBTC and solvBTC.BBN on Kernel (Binance and Solv products). Holders of ynBTCk earn BTC LST's staking yields, restaking rewards, YieldNest Seeds, future AVS airdrops & rewards.

Source: YieldNest Docs, ynBTCk

• ynUSDx (Coming soon)

1.3.2 Current LRTs

Active tokens include ynETH, ynLSDe, and ynBNB.

• ynETH
  ynETH is a native Liquid Restaking Token (nLRT), that aims to maximize yield by delegating assets to a basket of EigenLayer AVSs across different verticals. Users deposit ETH which is staked on the Beacon Chain and then restaked to EigenLayer. Users receive ynETH representing a tradable and liquid token receipt of the underlying ETH.

  Rewards are sourced from Ethereum staking, AVSs, and airdrops. Rewards are accrued in the ynETH contract, thereby increasing the pool’s total value and increasing the value of ynETH (i.e. non-rebasing).

Source: YieldNest docs - ynETH (Flow of funds)

• ynBNB
  ynBNB is an LRT based on the BNB Chain, generating yield from restaking protocols like Kernel, Karak, and Binomial (not yet active). Users stake their BNB and receive slisBNB from Lista, a liquid staking platform for BNB. Staked BNB is then restaked to earn BNB staking yields, restaking rewards, and airdrops.

Source: YieldNest Docs - ynBNB

• ynLSDe
  ynLSDe is a Liquid Restaking Token that generates yield from Ethereum-based Liquid Staking Derivatives restaking (stETH, wstETH, oETH, wOETH, sfrxETH, and mETH). Strategies are either in the form of a diversified basket of AVSs or isolated AVS categories.

  Users deposit a registered LSD and receive ynLSDe. Like ynETH, this represents a share of the underlying liquidity pool. Share values increase with yields accrued from ETH staking, EigenLayer rewards, and airdrops.

Source: YieldNest Docs, ynLSDe

1.3.3 Use Cases

MAX LRTs and their underlying ynTokens are yield-generating, composable assets that unlock multiple utility streams across DeFi. In addition to various DeFi strategies integrated, standalone LRTs remain accessible for users seeking direct exposure to specific restaking strategies.

Core Use Cases

1. Stablecoin Collateral: ynTokens can be used as collateral for LRT-backed stablecoins, enhancing capital efficiency in DeFi.

2. DEX Liquidity Provision: Providing liquidity on protocols like Curve enables additional revenue streams from swap fees and liquidity mining incentives.

3. Lending & Borrowing: MAX LRTs and LRTs can be supplied as collateral in decentralized money markets like Curve’s LlamaLend, allowing users to borrow against their holdings while earning yields.

Current and Emerging Applications

• Curve Finance: Liquidity provision for ynETH/wstETH and ynETHx/wETH pools, facilitating deep liquidity and efficient trading.

• Convex Finance: Staking CRV rewards from liquidity pools to maximize yield via Convex’s governance and boosting mechanisms.

• LlamaLend: Collateral for loans within the ynETH/crvUSD pool, enhancing borrowing opportunities.

• Spectra Protocol: Interest rate derivatives offering additional liquidity utility for ynETH, expanding its role in structured DeFi products.

• Thena & PancakeSwap: DEX liquidity provision for ynBNB, enabling ynBNB/BNB and ynBNB/wBNB pairs, further integrating MAX LRTs into the BNB Chain ecosystem.

• Euler: YieldNest has multiple Euler vaults live and will keep expanding and enhancing these strategies

• Enzyme Protocol – Vault-based strategy execution with ynTokens as composable assets.

Additional integrations are emerging across leading DeFi protocols. As MAX LRTs evolve, YieldNest aims to position itself as a foundational layer for multi-strategy restaking and yield aggregation. Unlike traditional restaking, which is often limited to shared security mechanisms like EigenLayer, YieldNest envisions restaking as a broader category—one that extends beyond validator security to encompass capital efficiency, liquidity optimization, and composable financial strategies.

By integrating restaking across multiple layers of DeFi—such as lending, AMMs, and liquidity provisioning—YieldNest is expanding the scope of what restaking can achieve, transforming it from a passive security mechanism into an active tool for maximizing yield and capital utility. MAX LRTs play a crucial role in this evolution, serving as adaptive, AI-enhanced financial primitives that unify restaking, DeFi strategies, and cross-chain liquidity into a seamless, capital-efficient ecosystem.

Source: YieldNest Risk Radar, ynETH distribution

Source: YieldNest App, Restake ynETH

Source: YieldNest App, Restake ynBNB

Source: YieldNest App, Restake ynETHx

Future Use Cases of MAX LRTs

The modular and composable nature of YieldNest MAX LRTs allows for integration in DeFi, restaking, and multichain liquidity aggregation. As DeFi evolves, MAX LRTs aim to be a connective layer across multiple ecosystems, ensuring capital efficiency, security, and seamless cross-chain execution.

The multichain expansion of DeFi necessitates cross-network capital efficiency, and MAX LRTs aim to serve as the liquidity backbone, bridging multiple strategies while maintaining L1 settlement assurances for maximum security. Key properties include:

• Omnichain Liquidity Aggregation: MAX LRTs will unify yield sources across Ethereum, L2s, and alternative chains (e.g., BNB Chain, Solana, Cosmos) into a single high-yielding asset.

• Automated Strategy Routing: AI-driven execution engines will rebalance capital across different LRT ecosystems, ensuring exposure to the most profitable and secure opportunities.

• Cross-Chain Collateralization: Users will be able to use MAX LRTs as collateral across multiple networks, unlocking liquidity in different ecosystems without sacrificing security.

Beyond shared security, MAX LRTs intend to become a collateral optimizer across DeFi. Protocols like Resupply introduce new layers of CDP-backed stablecoins (e.g., reUSD), where users deposit crvUSD or frxUSD to mint an overcollateralized asset, compounding yields. This example of rehypothecation presents opportunities for deeper liquidity, allowing restaked assets to generate secondary and tertiary yield streams while preserving L1 settlement guarantees.

Cross-protocol integrations will provide yield-bearing synthetic assets, which can further amplify leverage opportunities and risk-adjusted returns.

1.3.4 Incentive Programs

• Seed Program
  This program rewards users for restaking their ETH and LSDs, the amount of seeds restakers receive is based on a base rate of 2 Seeds multiplied by the amount of ERC20 tokens deposited multiplied by the number of hours participated. Additionally, a boost factor can be applied to the base rate in instances such as referrals that increase the amount of seeds earned. These seeds give holders access to future YieldNest rewards, such as participation in future airdrops. The ways to earn seeds are intended to expand as YieldNest expands its integrations e.g. providing liquidity to DeFi protocols and referrals.

• Pioneer Program
  The Pioneer Program aims to reward early and committed adopters, with eligibility requirements based on restaking within a window and minimum amounts. Eligible users can claim a Pioneer NFT and lock in permanent 15% Seed boosts. Future utility for Pioneer NFTs is planned, an upgrade that will attribute NFTs with unique markers such as traits and additional bonuses. Once the YieldNest DAO has launched, Pioneers will have the option of becoming Guardians. Within the DAO, Guardians will have more voting power, the ability to create proposals and other benefits.

• Integrations Program
  Users can earn additional yield from YieldNest, EigenLayer, and the liquidity platforms by providing liquidity in participating liquidity pools. As shown in section 1.3.2, Curve, Thena, Spectra, and PancakeSwap offer rewards to liquidity providers for ynETH and ynBNB.

• Referral Program
  Users can refer new restakers to YieldNest to earn a 10% Seeds bonus of the base rate multiplied by the ETH value deposited by the referred user.

YieldNest offers a range of incentives that seek to acquire users and encourage retention. The use of NFTs, a Seeds point system (referral and restaking), and partnership rewards point to a long-term goal of growing the protocol's users.

Section 2: Technological Risk

This section covers aspects related to security practices and development activity in the YieldNest Protocol and elaborates on technical risks pertinent to ynTokens.

2.1 YieldNest Protocol Technology

2.1.1 Audits

Multiple audits have been carried out on YieldNest contracts, two by Chain Security and two by Zokyo. A recent Chain Security audit focused on ynLSDe and ynETH. In the initial Chain Security audit, several high, medium, and low-severity issues were identified, all of which were addressed and corrected. The initial Zokyo audit identified a high-severity issue (now resolved) related to a possible inflationary attack in the ynETH contract, which could have allowed attackers to receive an unfair share allocation. Other resolved issues included a deprecated ETH transfer method, which could have prevented validator registration, and a lack of checks for duplicate assets during initialization.

In addition to Zokyo audits, YieldNest performs ongoing in-house security checks with a dedicated audit team. Strategies are also monitored 24/7 by HyperNative, which has real-time threat prevention capabilities, including ejecting from strategies or swapping assets back to the MAX LRT base asset to mitigate risks.

YieldNest’s MAX LRTs also underwent an audit by Composable Security in December 2024, which identified and confirmed the removal of the decimal issue. Additionally, eight medium-severity and five low-severity issues were found, all of which were either resolved or acknowledged.

YieldNest audits related to its various products are well-documented and publicly accessible in the protocol’s documentation.

2.1.2 Bug Bounty Program

ImmuneFi's bug bounty program offers awards of up to 200,000 USD for reports on low-to-critical vulnerabilities across all levels of the YieldNest technology stack, including smart contracts, websites, and applications.

2.1.3 Access Control

YieldNest utilizes a role-based permission model managed by a set of 3/5 and 2/3 multi-signature wallets. All sensitive contract functions (e.g., fee updates, asset management, and unpausing) are protected by roles, limiting access to privileged users.

Role-based access control ensures security and operational clarity, preventing unauthorized access while maintaining administrator flexibility. Role management uses OpenZeppelin's AccessControlUpgradeable.

Roles include:

1. PROXY_ADMIN_OWNER

2. DEFAULT_ADMIN_ROLE

3. STAKING_ADMIN

4. LSD_RESTAKING_MANAGER

5. VALIDATOR_MANAGER_ROLE

6. PAUSER_ROLE

7. ORACLE_MANAGER

8. WITHDRAWER_ROLE

9. LSD_STAKING_NODE_CREATOR_ROLE

Roles such as PROCESSOR_MANAGER_ROLE, BUFFER_MANAGER_ROLE, and ASSET_MANAGER_ROLE allow for granular control over asset management, staking, and operational rules. Addresses with PAUSER_ROLE / UNPAUSER_ROLE may temporarily halt key operations like deposit, mint, withdraw, and redeem to safeguard assets during emergencies or vulnerabilities and resume normal operations after issues are resolved.

2.1.4 Developer Activity

DeFiLlama tracks the YieldNest GitHub for development activity, including the number of daily unique developers and daily commits. Developer activity can be a useful indicator in tracking the pace of development, although it may provide only a cursory view into the diversity of developer contributions and the depth and scope of code commits.

Source: DeFiLlama, January 29th 2025, YieldNest

Activity over the last 6 months has consistently included several dedicated developers producing a high volume of commits.

Section 3: Counterparty Risk

This section further explains governance, access control, and potential centralization vectors. It also elaborates on legal considerations regarding the overall YieldNest Protocol.

3.1 Governance

3.1.1 Governance Scope

YieldNest is currently governed by the YN Security Council and will progressively transition into a DAO. YieldNest plans on incorporating a DAO and sub-DAO structure for community engagement in decision-making. A YND token is intended to be the governance token with a vote-escrow tokenomics (veYND).

3.1.2 Operational Management

As mentioned in section 2.1.3, A role-based permission model manages different protocol functions. Additionally, all contracts have a timelock mechanism, enhancing security. The trust model utilized for ynETH and ynLSDe is described by Chain Security below:

1. PROXY_ADMIN_OWNER

2. Responsible for managing and upgrading all transparent upgradeable proxy contracts. Contract upgrades preserve the contract's address and state.

3. Controlled by YNSecurityCouncil 3 / 5 Multisig.

4. DEFAULT_ADMIN_ROLE

5. General admin of broad permissions, including potentially managing other roles, updating system parameters, and performing critical system functions in the contracts.

6. Controlled by YNSecurityCouncil 3 / 5 Multisig.

7. STAKING_ADMIN

8. Manages staking-related parameters and operations, including StakingManager and StakingNodes.

9. Controlled by YNSecurityCouncil 3 / 5 Multisig.

10. LSD_RESTAKING_MANAGER

11. Admin of LSD staking nodes, handles restaking-related operations within LSDStakingNode

12. Controlled by YNDelegator 2 / 3 Multisig.

13. VALIDATOR_MANAGER_ROLE

14. Manages validator-specific functions, such as registering or deregistering validators and managing validator sets.

15. Controlled by YNValidatorService 2 / 3 Multisig.

16. PAUSER_ROLE

17. Ability to pause and unpause certain functions within the system. Critical for emergency response or system maintenance, allowing for a halt to operations without affecting the underlying state.

18. Controlled by YNDev 2 / 3 Multisig.

19. ORACLE_MANAGER

20. Manages oracles or data feeds that provide external information to the system.

21. Controlled by a 3 / 5 Multisig.

22. WITHDRAWER_ROLE

23. Allowed to move all Ether and ERC20 tokens out of the RewardsReceiver contract.

24. Multisig control not specified.

25. LSD_STAKING_NODE_CREATOR_ROLE

26. Authorized to create new staking nodes within the system.

27. Controlled by YNDev 2 / 3 Multisig

3.1.3 Unique Features

Hybrid Governance & AI-Powered Strategy Execution

MAX LRTs will be governed through a subDAO architecture designed to adapt and evolve based on market conditions, user needs, and AI-driven enhancements. This hybrid governance model enables the following:

• AI-powered agents to analyze real-time market conditions and automate strategy adjustments for optimal returns.

• Dynamic parameter tuning based on network demand, liquidity depth, and risk factors.

• Permissioned governance mechanisms that allow subDAOs to introduce new assets, yield strategies, and risk frameworks without compromising security.

By integrating AI-driven optimizations, MAX LRTs will function as self-adjusting financial primitives, continuously refining their strategies for maximum efficiency and profitability.

3.2 Legal

YieldNest incorporates a broad limitation of liability and several disclaimers in the Terms and Conditions to minimize its exposure to legal claims:

• disclaimed liability for any type of damages, including direct, indirect, incidental, punitive, or consequential damages arising from the use of the website;

• users acknowledge that they use the website at their own risk, agreeing that their sole remedy is to discontinue use if dissatisfied;

• the website is provided on an “AS IS” and “AS AVAILABLE” basis without express or implied warranties. This includes disclaimers regarding merchantability, fitness for a particular purpose, and non-infringement;

• disclaimed responsibility for third-party content, links, and services that may appear on the website, shifting the liability to the respective third parties.

The risk disclosure within the Terms and Conditions adopts an enumerative structure, broadly listing potential risks without delving into the specifics of individual risk scenarios that users should carefully consider. It places the onus on users to acknowledge their understanding and acceptance of these risks, asserting that users’ prior knowledge and experience will enable them to assess and evaluate the benefits and associated risks of the Website.

In contrast, the Seeds Disclaimer takes a more granular approach, providing a detailed exposition of the incentive program’s attributes. It explains the specific characteristics of the seeds, outlines the formula used for their calculation, and identifies all risks directly associated with the program.

Prohibited Persons (individuals or entities subject to sanctions, based out of sanctioned jurisdictions or affiliated with sanctioned persons) are explicitly barred from accessing or using the website and its services.

The Terms and Conditions are governed by the rules and stipulations set forth by the YieldNest DAO. This implies that the DAO serves as the governing authority for legal and operational matters. The country(ies) where YieldNest has local substance are unidentified; therefore, we cannot assume which national legal regime(s) are applicable. Rather, the DAO has complete authority and jurisdiction in all matters.

The Terms outline that disputes are to be resolved through binding individual arbitration at a specific arbitration location set by YieldNest DAO.

Restaking, as a relatively nascent and evolving concept within the blockchain ecosystem, currently operates outside the scope of significant regulatory oversight. This absence of immediate regulatory scrutiny suggests that YieldNest’s operations, which incorporate restaking mechanisms, face minimal direct regulatory risk at this time.

Nonetheless, it is prudent to consider the dynamic nature of regulatory frameworks, particularly in jurisdictions where staking activities are increasingly drawing the attention of competent authorities. While current regulatory environments may not impose significant restrictions on restaking, YieldNest’s operations in certain markets or interactions with citizens of countries actively examining staking-related activities could face potential regulatory challenges in the foreseeable future.

Section 4: Risk Disclosures Summary

This section compiles pertinent risk considerations that may be inherent to the YIeldNest Protocol, defining their unique risk profile.

4.1 General Risk Disclosures

4.1.1 Collateral Risk

Operators running validators are subject to slashing (i.e.collateral penalized) if Operators do not properly run RA services. Improper running of services can include faults like incorrect computation and liveness failures. Using EigenLayer as an example, the introduction of ELIP-002, makes slashing a more active possibility (Mainnet deployment proposed for late Q1 2025).

To mitigate this, we support delegation on the basis of comprehensive evaluations being conducted on operators and RAs.

Additionally, comprehensive risk assessments of DeFi strategies and DeFi protocols should be introduced and disclosed given the utilization of user assets in different protocols to generate risk-adjusted yields.

4.1.2 Contract Risk

Given the complex nature of the YieldNest protocol and its reliance on external rate providers and multiple strategies, we identified 4 potential risk areas to remain aware of:

Depeg Risk in LSDRateProvider

While incident response tooling is used to monitor depeg events, additional price sources would reduce the reliance for accuracy on a single price feed.

Upgradeable Contracts

An Upgradeable Beacon pattern such as the one that manages TokenStakingNodes ensures that the protocol can adapt to new conditions or vulnerabilities. However, this also introduces risks associated with improper upgrades or bugs in new implementations. As noted in section 3.1.2, all contracts have a timelock mechanism therefore creating a buffer against such risks.

Rebase Token Handling

By using wrapped non-rebasing versions of tokens, the protocol avoids many potential issues associated with rebasing tokens. However, the process of unwrapping these tokens for deposit into external protocols should be carefully managed to prevent loss or misuse.

Vault Risks

Includes logic errors and the complexity of strategy integration. For instance, errors in the share issuance mechanism could lead to inflation attacks, while reentrancy vulnerabilities may arise from interactions with external protocols.

4.1.3 Governance and Access Control

The YieldNest Security Council controls the protocol's permissions, parameters, upgrades, and important functions like withdrawals and the ability to pause/unpause operations. While this is necessary for the focused development of the platform and offers measures that enable the protection of user funds in the event of an emergency, access controls managed solely by core team members with the multisigs create centralization risk.

Thus, given the wide scope of the role-based permission model described in section 2.1.3, the protocol should consider the security council's composition and access in the future as DAO governance is established.

4.1.4 Dependencies

A brief overview of the ynBNBx dependencies is given in the following sub-sections. The remainder of this report will be devoted to further examination of these dependencies.

3rd Party Protocols

MAX LRTs and LRTs integrate with different restaking/shared security and DeFi protocols across different chains to maximize yield generation e.g. EigenLayer, Curve, Kernel, and Thena among others. Risks include smart contract risks, validator performance, and protocol-specific operational risks related to access control and governance.

Underlying Assets

Accepted collateral for each product introduces varying risk profiles based on their respective protocols: Each liquid staking token brings unique characteristics influenced by their underlying protocol's architecture, validator selection, and governance mechanisms.

Operators

Operator selection for different shared security protocols directly impacts the performance of integrated RAs. Their performance across different protocols determines yield generation and potential slashing outcomes

4.2 Conclusion

This report provides a structured assessment of the YieldNest Protocol, its MAX LRTs and LRTs, and the underlying risk considerations associated with these next-generation DeFi assets. YieldNest introduces a modular, AI-enhanced framework designed to optimize restaking strategies, manage capital efficiency, and enhance security through automated governance mechanisms.

YieldNest strives for modularity and composability with a diverse range of DeFi protocols. Lending platforms could restake loan collateral across multiple protocols, AMMs could facilitate cross-chain liquidity provisioning, and decentralized money markets could integrate restaking to enhance capital utilization. Diversification across many third-party protocols creates layers of dependencies that should be thoroughly reviewed to understand the risk exposure of YieldNest products.

YieldNest addresses such risk by proactively identifying emergency scenarios, monitoring systemic vulnerabilities, and securing capital flows. These mechanisms involve automated risk assessment, real-time strategy execution, and adaptive parameter tuning, aiming for sustainable and efficient capital management. Furthermore, the protocol’s cross-chain liquidity infrastructure strives to establish MAX LRTs as a unifying layer across multiple blockchain ecosystems, maintaining L1 settlement guarantees while integrating with diverse DeFi applications.

YieldNest combines restaking, AI governance, and cross-chain composability to create scalable, risk-adjusted yield solutions. This report serves as a foundational reference for understanding the protocol’s architecture and risk management framework while supporting future assessments for third-party collateral integrations and protocol users.