Dinero
About
Dinero is a multi-phase protocol suite that scales yield for chains, users, and institutions. Its current flagship product is pxETH, an Ethereum liquid restaking token that implements a two-token model separating principal and yield components. The protocol also offers branded LST infrastructure for L1/L2 chains and is developing a stablecoin (pxUSD) and permissionless RPC as part of its phased roadmap.
Where Does Yield Come From?
Dinero's pxETH earns yield through several layers.
Base Ethereum staking rewards: When users deposit ETH, Dinero stakes it using its own validator network. This earns the standard rewards for helping secure the Ethereum network.
Restaking yield: Through an exclusive partnership with EigenCloud, the staked ETH is also restaked. This earns extra rewards from other services (called Actively Validated Services).
Two‑token model: The protocol splits the deposit and the yield into two separate tokens. pxETH represents your original deposit, while apxETH accumulates the yield. This lets you hold or trade the yield token separately.
Protocol fees: The protocol takes a portion of the staking and restaking rewards as fees.
Extended DeFi opportunities: Users can use pxETH and apxETH in over 40 other DeFi protocols, including Curve, Balancer, Aura, Convex, Pendle, and Morpho. There, you can provide liquidity, use leverage, or trade yield tokens to earn additional rewards.
Beyond pxETH, Dinero's architecture also supports branded liquid staking tokens for partner chains—like orbETH for Arbitrum Orbit and superETH for Optimism Superchain. These tokens work the same way, inheriting the yield mechanics while offering utility on their respective chains.
Audits
| Audit / Date | Findings | Verdict |
|---|---|---|
Nethermind19-07-2024 |
| Nethermind's security review found no critical or high-severity issues, with one medium-severity vulnerability fixed and several informational improvements acknowledged, indicating a relatively safe migration implementation with minor residual risks. |
Spearbit19-09-2023 |
| The audit identified significant protocol risks including critical reward handling and high-severity slashing/validator management issues, but all critical and high findings were reportedly fixed during the engagement, leaving the protocol with addressed security concerns prior to deployment. |
Pashov01-10-2023 |
| This audit by Pashov uncovered one medium-severity vulnerability in emergency withdrawal logic and several low-severity design issues, with most addressed by the protocol team before deployment. |
Spearbit19-12-2023 |
| The audit identified one critical network exposure that was promptly fixed, along with multiple medium and low-risk infrastructure hardening issues, most of which were addressed before deployment. Overall, the review demonstrates thorough attention to operational security in the node deployment architecture. |
Nethermind29-05-2024 - 04-06-2024 |
| The audit revealed no critical or high-severity vulnerabilities, with three medium issues addressed through fixes or mitigations, indicating a generally secure codebase for institutional staking with appropriate attention to edge cases and operational logic. |
Renascence01-04-2024 - 09-04-2024 |
| The audit revealed one critical funds-at-risk bug that was fixed, alongside several medium-severity logic flaws, indicating the protocol had meaningful implementation errors but all were addressed before deployment. |
Spearbit24-04-2024 |
| The audit uncovered critical design flaws in the initial institutional integration that would have caused protocol insolvency, but the team addressed these through a comprehensive architectural redesign separating retail and institutional systems, significantly improving safety. |
Renascence07-06-2024 - 12-06-2024 |
| The audit uncovered multiple high-severity vulnerabilities in the Dinero branded LST implementation, but all 14 identified issues were resolved prior to report publication, indicating effective remediation of critical concerns. |
Renascence05-08-2024 - 09-08-2024 |
| The audit uncovered several critical flaws including reentrancy and accounting errors, but all were addressed before deployment, resulting in a codebase that appears secure following the recommended fixes. |
Nethermind29-07-2024 |
| This comprehensive audit uncovered multiple critical vulnerabilities in cross-chain state synchronization and accounting, but the development team addressed all critical and high-severity findings before finalization. The resolved issues significantly improve the safety of Dinero's Pirex extension for L2 liquid staking. |
Nethermind06-09-2024 - 09-09-2024 |
| The audit found no critical or high-severity vulnerabilities, with only minor implementation issues that were promptly fixed, indicating robust security for the Dinero Branded LST Arbitrum deployment. |
Cantina09-04-2024 - 15-04-2024 |
| The audit identified one high-risk insolvency vulnerability alongside several medium and low-severity issues, with most findings reportedly addressed in subsequent fixes as indicated by commit references in the report. |
Renascence18-09-2024 - 23-09-2024 |
| This Renascence audit identified significant cross-chain bridging vulnerabilities in Dinero's Stargate integration, including two high-risk issues that could disrupt fund transfers between L2 and L1, highlighting critical areas requiring remediation before production deployment. |
| The audit revealed moderate security concerns including a race condition that remains unaddressed, but most issues were remediated before deployment with the team accepting residual risk for controlled minter accounts. | |
Code4rena15-02-2022 - 17-02-2022 |
| The audit found no critical or high-severity vulnerabilities, with 18 medium issues primarily related to admin privileges and validation logic that require careful implementation to ensure user trust and system integrity. |
Kebabsec31-08-2023 |
| This partial audit uncovered only code quality and gas efficiency improvements, with no security vulnerabilities identified in the BribeBase, BribeVault, and HummusBribe contracts reviewed. |
Keyko01-03-2022 |
| The audit revealed medium-severity design concerns including re-entrancy and denial-of-service risks, with recommendations for protective measures and code improvements to enhance contract security. |
SPEARBIT05-07-2023 |
| The audit revealed serious vulnerabilities including token locking and centralization risks, but the team addressed the critical and most high-severity issues before deployment. Residual centralization and operator trust assumptions remain acknowledged design trade-offs. |
SPEARBIT19-09-2023 |
| The audit identified one high-risk rate limiting vulnerability that was fixed, alongside several medium and low-risk issues in the off-chain reconciliation services. Most findings were acknowledged or addressed, leaving residual low-severity concerns for future improvements. |
Verilog Solutions10-11-2023 |
| The audit identified critical logic flaws in reward distribution and fee handling, all of which were resolved prior to deployment, resulting in a robust security posture for the Marionette veNFT wrapper. |
Verilog Solutions22-01-2024 |
| The audit found no critical vulnerabilities, with all High and Low severity issues resolved, though one Medium recommendation for more frequent reward collection remains acknowledged but unimplemented. |
| The audit uncovered several high-severity vulnerabilities in reward redemption and staking mechanisms that could lead to denial of service and fund theft, requiring critical fixes before safe deployment. While informational findings were noted, the high-risk issues demand immediate attention to ensure protocol security. | |
Keyko01-03-2022 |
| The audit identified moderate functional issues requiring attention, particularly around reward distribution and fee handling, but no critical vulnerabilities were explicitly reported, suggesting the core locking mechanics were reasonably secure. |
| The audit uncovered one critical flaw in reward distribution mechanics alongside several medium-risk issues, all of which were addressed or acknowledged by the team, resulting in a codebase that incorporates security improvements but retains some acknowledged design trade-offs around centralization and migration controls. | |
Code4rena21-11-2022 - 28-11-2022 |
| This comprehensive audit identified significant security risks in the Redacted Cartel protocol, particularly around reward distribution logic and vault implementation, though the contest format enabled thorough community review and remediation guidance before mainnet deployment. |
Kebabsec22-08-2023 |
| The audit revealed several medium-risk issues around fee assumptions, approval management, and access control that could impact swap calculations and compound functionality, but no critical vulnerabilities were found. |
Verilog Solutions03-02-2023 |
| The audit identified and resolved critical distribution and migration issues, with the majority of lower severity findings addressed, indicating effective remediation during the engagement. |
Legal
Status and notes
Terms of Use and Privacy Policy available at terms.dinero.xyz. Terms state that Panama law governs. Protocol governance described as DAO-based with DINERO token holders deciding protocol aspects. Contact: [email protected] for legal matters.