Beraborrow
About
Beraborrow is a native CDP platform on Berachain that enables users to deposit collateral assets to mint NECT stablecoin, unlocking liquidity while maintaining exposure to underlying assets. The protocol features managed vaults for auto-compounding yield and leverages Proof of Liquidity (PoL) to enhance returns through automated synthetic leverage management.
Where Does Yield Come From?
Yield comes from several connected steps in Beraborrow.
First, users deposit collateral assets into special vaults called Dens. This allows them to create NECT stablecoins, while paying a small minting fee (between 0.5% and 5%). The newly minted NECT can then be placed into the Liquid Stability Pool (LSP). In exchange, users receive sNECT tokens, which represent their share of the pool. Holding sNECT entitles them to a portion of the liquidation rewards that the pool collects.
The protocol also offers auto-compounding vaults. These vaults automatically take any Proof of Liquidity (PoL) incentives (rewards for providing liquidity) earned from the Infrared system and reinvest them back into the user’s position. This continuous reinvestment compounds the rewards over time.
Another option is managed vaults. These combine an open borrow position with yield-earning strategies that use the minted NECT. The vault automatically adjusts its holdings to keep the collateral ratio at 200% or higher, which helps avoid forced liquidations. A performance fee of 5% on the yield generated is charged by the protocol, which also contributes to the overall yield ecosystem.
Through this structure, users can keep their exposure to the price movements of their original collateral, while earning yield from three main sources: PoL emissions, liquidation rewards distributed via the LSP, and automated leverage management inside the managed vaults.
Audits
| Audit / Date | Findings | Verdict |
|---|---|---|
Halborn09-10-2024 - 06-11-2024 |
| The audit found no critical vulnerabilities, with all three high-severity issues resolved; the majority of findings were informational or low-risk, indicating a comprehensive security review and effective remediation that enhances protocol safety. |
| The audit revealed several design‑level risks, particularly around oracle manipulation and liquidation ordering, but the team has proposed mitigations for the most critical issues; overall security depends on implementing the recommended fixes before production use. | |
Sherlock01-01-2025 |
| The audit identified several critical design and implementation flaws in the Beraborrow CDP protocol, including TCR calculation errors and redemption rate manipulation, all of which were addressed via GitHub pull requests prior to the report's publication. |
Cantina08-07-2025 |
| The audit found no critical or high-risk vulnerabilities, with all 14 medium-severity issues addressable through code fixes; the protocol's security posture appears manageable with proper remediation of the identified rounding, liquidation, and calculation logic flaws. |
| The audit identifies multiple high-severity vulnerabilities that could allow attackers to trigger recovery mode and liquidate positions, alongside medium-severity design flaws; Recon recommends significant code simplification and at least 4 more weeks of testing before considering the protocol production-ready. | |
| The audit uncovered several medium-severity logic flaws and improper access controls in BoycoVault's implementation, particularly around fee calculations, oracle mappings, and liquidation handling, which were addressed or acknowledged by the protocol team during the engagement. | |
Cantina01-02-2025 - 04-02-2025 |
| The audit identified several operational risks but no critical or high-severity vulnerabilities, with the most serious medium-risk issues already addressed before deployment, though residual low-risk edge cases and informational deviations from standards remain. |
Santipu27-02-2025 - 28-02-2025 |
| The audit found only low-risk issues with one fixed and two acknowledged, indicating the oracle-less vault design is relatively secure but has minor operational inefficiencies that developers have accepted. |
| The audit revealed multiple logic and integration issues in the vault's debt management and withdrawal flows, with several fixes already implemented in commits, though the corrupted document prevents precise severity quantification. | |
Sherlock19-05-2025 |
| This private audit by Sherlock uncovered multiple functional and economic risks in Beraborrow's periphery contracts, with particular attention to integration challenges with Balancer pools and potential fund lock-up scenarios that require careful remediation before production use. |
Legal
Legal form
Limited Company (Ltd)
Registration jurisdiction
British Virgin Islands
Status and notes
Operating entity disclosed as Base Zero Labs Ltd in Terms of Service. Terms governed by laws of British Virgin Islands. Legal information available at beraborrow.com/legal (updated March 2025). Contact: [email protected].