Security

When you interact with the Tenor platform, you are interacting with the Morpho protocol and the Tenor smart contracts. The Morpho smart contracts hold collateral, enable liquidations, and handle settlement between lenders and borrowers. The Tenor smart contracts are opt-in modular extensions that add gates, callbacks, and ratifiers to Morpho Midnight. Tenor takes a multidisciplinary approach to security, combining:

External Security Reviews

The Morpho and Tenor smart contracts have been reviewed by independent security researchers across multiple engagements.

More →

Formal Verification

Key properties of the Tenor and Morpho smart contracts are formally verified using the Certora Prover.

More →

Fuzzing

The Tenor smart contracts have been tested using stateless and stateful fuzzing to validate that key invariants hold across a large combination of states.

More →

Bug Bounty

The Tenor and Morpho smart contracts are covered by bug bounties for responsible disclosures: up to $100,000 for critical findings on Tenor, up to $2,500,000 on Morpho.

More →

Onchain Monitoring

Tenor uses Blockaid to run continuous monitors on smart contract state and onchain activity to surface abnormal behavior.

More →

Non-custodial, Immutable contracts

Tenor smart contracts are non-custodial and immutable (non-upgradable). Pause functionality is limited in scope and only used for cybersecurity purposes.

More →

No process eliminates risk entirely. Onchain protocols can carry inherent smart contract and economic risks. For a full overview of the risks associated with using the platform, see the Tenor Risk Disclosures.

Reporting a Vulnerability

If you believe you have found a vulnerability in the Tenor contracts, submit it through the Tenor bug bounty program on Sherlock. For issues in the underlying Morpho contracts, use the Morpho bug bounty program.