Skip to main content

What is Tenor

Tenor is a non-custodial platform for borrowing and lending onchain. It builds on the Morpho protocol (Morpho Midnight for fixed-rate, fixed-term markets, Morpho Blue for variable-rate, open-term markets, and Vaults V2) and extends it with modular smart contract features (auto-renewal, gated markets, liquidation with grace periods, etc). Tenor also offers an interface and additional tools such as notifications.

The Tenor platform is non-custodial

Tenor is fully non-custodial: all logic executes onchain and is controlled by users from their own wallets. Collateral and lent funds remain in the Morpho smart contracts, never in Tenor. The Tenor platform provides the tools and interface for accessing this functionality; it never takes custody of user assets.

How is Tenor expanding on the Morpho protocol?

The Morpho protocol supports new functionality without changes to its core: callbacks, ratifiers, oracles, and gates to build features on top. Tenor builds on these extension points to deliver a platform and interface for fixed-rate, fixed-term borrowing and lending, along with advanced functionality:

  • Auto-renewal of positions at maturity, including programmatic borrower debt repayment using an onchain auction system and collateral migration
  • Composability between fixed-rate markets and variable-rate markets
  • Advanced execution, including ladders, multi-market offers, earn-while-you-wait lend offers, and deposit-collateral-only-on-fill borrow offers
  • Programmatic strategy tools such as market making
  • Creation of custom markets, including gated markets and markets with liquidation grace periods
  • Offchain tools that improve UX for institutional asset managers, including the creation of gated Vault V2 as a role-based access control system to manage onchain actions, notifications, SDK, and API

Security

Users interact directly with the Morpho and Tenor smart contracts from their self-custodial wallets. Both sets of contracts are immutable: the Morpho contracts hold collateral, enable liquidations, and keep the accounting between lenders and borrowers, while the Tenor contracts add opt-in gates, callbacks, and ratifiers on top of Morpho Midnight.

Tenor uses a multidisciplinary approach to security:

  • External security reviews by independent researchers across multiple engagements. See Security Reviews.
  • Formal verification of key properties of the Tenor and Morpho contracts using the Certora Prover.
  • Stateless and stateful fuzzing of the Tenor contracts to validate that key invariants hold across a wide range of states.
  • Bug bounties of up to $100,000 on the Tenor contracts and up to $2,500,000 on the Morpho contracts for responsible disclosures. See Bug Bounty.
  • Continuous monitoring of onchain activity through Blockaid, with the ability to pause select functions in response to abnormal behavior. See Pausable Functions.

See Security section for the full overview.