Syntetika is a vault-based protocol designed to deliver enterprise-grade, structured yield products to institutional and consumer users. Through its collaboration with Hilbert Group, it offers access to yield-bearing products in a modular and transparent way, aligned to local regulatory requirements while preserving composability and decentralization.
Syntetika is a vault-based protocol designed to deliver enterprise-grade, structured yield products to institutional and consumer users. Through its collaboration with Hilbert Group, it offers access to yield-bearing products in a modular and transparent way, aligned to local regulatory requirements while preserving composability and decentralization.
The protocol’s design bridges traditional and decentralized finance (DeFi): Bitcoin holders can deposit BTC or wrapped BTC (wBTC) and receive hBTC, a tokenized representation of BTC or wBTC operating in Hilbert Group’s quantitative trading strategies. Users can then stake hBTC into an ERC-4626 vault to receive shBTC and earn rewards from trading profits.
This innovative model creates a true “real yield” use case for Bitcoin but introduces a complex security surface: Multiple tokens, moving parts, and interactions between on-chain components and off-chain actors. Compliance requirements around user permissions add further risk dimensions. For Syntetika, ensuring strong security before launch is critical to protecting users, maintaining trust, and ensuring market readiness.
Syntetika selected Cyfrin to conduct a pre-launch audit based on our expertise in on-chain security, proven track record, and ability to execute under tight timelines.
Our engagement was structured around Syntetika's security priorities: Securing staking logic, ensuring mathematical consistency in staking price calculations to prevent frontrunning and sandwich attacks, and secure asset custody within the Minter Contract. Having worked with various security firms previously, Syntetika understood the importance of thorough preparation and seamless collaboration.
Syntetika's technical team invested significant effort in pre-audit preparation, developing comprehensive documentation, unit testing, and stateless fuzzing capabilities. Their smart contract developers were designated as primary points of contact for our security engineers, with clear instructions to prioritize responsiveness and rapid implementation of audit recommendations.
Cyfrin's track record in on-chain security, combined with a deep understanding of complex DeFi protocols and institutional requirements, made it an ideal partner for Syntetika. The team's expertise in vault-based protocols and compliance-required security assessments aligned perfectly with Syntetika's unique architecture and focus.
Cyfrin’s methodology for handling multi-component protocols with off-chain dependencies gave Syntetika confidence that we could thoroughly evaluate their Bitcoin-DeFi mechanisms, taking into account critical interaction patterns and edge cases. And, that our familiarity with similar risk vectors from previous audits could be applied to anticipate and detect subtle vulnerabilities.
Cyfrin’s audit process is designed for collaboration. Syntetika’s lead developer was granted access to our private audit repository where findings were logged in real-time. This approach resulted in rapid interaction between Cyfrin auditors and Syntetika’s engineers who could comment on issues, offer clarification, and implement fixes. Cyfrin was then able to validate remediations during the audit itself.
This collaborative model proved highly effective, as confirmed by Syntetika: "Both the communication and feedback loops helped a lot to make the process flow and complete everything according to plan." Constant communication ensured any blockers, assumptions, or design decisions were clarified quickly.
This high-touch, iterative, transparent working style reduced time to market and enabled the final report to reflect both issues identified and mitigations completed.
The audit began with a risk assessment of Syntetika’s architecture, specifically: Staking logic security, mathematical consistency in pricing mechanisms, and asset custody within the Minter Contract.
We also conducted compliance reviews to ensure proper implementation of black/whitelisting functionality and regulatory alignment. And researched prior vulnerabilities using Solodit and similar sources to inform our testing strategy.
Execution combined manual code review with custom-built tools and automated testing. Researchers conducted line-by-line analysis of Syntetika’s code, paying particular attention to complex interaction patterns between tokens and off-chain components.
We also built a protocol-specific invariant fuzz testing suite focused on staking vault solvency. It was designed to stress-test the protocol's most sensitive components and ensure vault solvency remained intact even under extreme conditions or unusual transaction patterns. It allowed the team to verify critical protocol invariants held under all conditions and was provided to Syntetika as an artifact of the audit.
The audit uncovered 34 issues:
Most critically, we discovered a depeg vulnerability similar to one found in the Ondo Finance 2024 audit contest. Here, improper handling of asset depegging events could allow malicious actors to mint excessive hBTC tokens and drain liquidity pools, a catastrophic risk scenario.
If a depeg event occurred and wasn't handled correctly, malicious actors could mint more hBTC than appropriate and use those excess tokens to drain x/hBTC liquidity pools.
The Medium finding concerned an edge case where unvested yield could become permanently stuck in the vault. While unlikely, resolving it ensured capital efficiency and increased user trust.
Low-severity issues primarily involved compliance inconsistencies, such as irregular applications of blacklisting/whitelisting that could create regulatory challenges.
Beyond vulnerability remediation, Cyfrin offered defensive hardening recommendations for the StakingVault contract. For example, implementing transaction pattern validation to reject input/output combinations used in previous vault exploits which would never be performed by legitimate users. Proactive measures like these removed potential attack vectors from the blackhat playbook, providing protection against potential future exploits.
As a result, Syntetika approached launch with mitigated vulnerabilities and a strengthened security posture.
We prepared a comprehensive audit report detailing all findings and recommendations. It included technical specifications for each vulnerability, clear mitigation strategies, and implementation guidance to ensure proper resolution. Syntetika credited the report with surfacing edge cases they had not previously considered, enabling improvements to both security and developer processes.
Of the 34 total issues identified, 28 were fully resolved during the audit period and six were acknowledged. Our team’s collaborative approach enabled Syntetika’s developers to implement fixes in real-time as issues were discovered and validated, demonstrating their commitment to the highest security standards.
Key mitigations included:
As an additional value-add deliverable, we offered the custom invariant fuzz testing suite to Syntetika, which they integrated into their repository for ongoing use. This testing infrastructure enables monitoring of vault solvency and other critical properties.
Syntetika notes: "We felt that the Cyfrin team was focused on ensuring the best outcome for the audit and addressing all the security aspects of the product—to provide a comprehensive security report and address all discovered vulnerabilities."
This audit demonstrates Syntetika’s commitment to security and our ability to support complex, multi-ecosystem protocols on the cutting edge of DeFi.
By identifying critical vulnerabilities before launch, implementing collaborative remediation processes, and providing ongoing security tooling, we’re helping Syntetika bring their institutional and consumer clients novel, yield-generating Bitcoin use cases.
Syntetika notes: "[We are] Highly likely to recommend Cyfrin to other parties interested in securing their on-chain architecture."
Their confidence reflects Cyfrin’s commitment to delivering comprehensive security solutions that enable innovation while maintaining the highest security standards.
Leading protocols trust Cyfrin to secure the future of TradFi and DeFi. If you’re a team or institution looking for a security partner or a smart contract audit, contact us today and learn how Cyfrin can help support your security needs.
