Frankencoin
About
Frankencoin is a decentralized, over-collateralized stablecoin (ZCHF) that tracks the Swiss franc 1:1 on Ethereum and several other chains. Users mint ZCHF by depositing crypto assets (e.g. ETH, WBTC) into collateralized debt positions, while a savings module lets ZCHF holders earn governance-set interest and an equity token (Frankencoin Pool Shares, FPS) represents a claim on the protocol's reserve pool. The system uses oracle-free automated auctions for liquidations and a veto-based governance model where any FPS holder with ≥2% of voting power can block proposals.
Where Does Yield Come From?
Yield in Frankencoin comes from three main sources.
1. Borrowing fees (seigniorage). When someone mints ZCHF stablecoins by depositing collateral like ETH or WBTC, they pay a one-time, non-refundable interest fee upfront. Part of the minted amount is also held back as a backup reserve. All these fees flow into the protocol's reserve pool, which boosts the value of the equity token (Frankencoin Pool Shares, or FPS).
2. Savings module. If you hold ZCHF, you can deposit it into a separate savings contract and earn a simple interest rate. That rate is set by FPS token holders (governance), and any rate change can be enacted after seven days — unless an FPS holder with enough voting power blocks it. Interest is paid from the protocol's equity pool. There's a three-day waiting period before interest starts accumulating, and the interest does not compound (it's simple interest only). Your deposited ZCHF is not lent out or re-used elsewhere — it just sits in the savings module.
3. FPS equity value. FPS holders benefit from all the protocol's fee revenue plus any extra value from liquidation auctions. The pricing of FPS follows a "continuous capital corporation" model: the total market value is always kept at 3× the equity capital. Investors can buy FPS at that valuation, or sell them back after holding for at least 90 days.
Bonus: referral rewards. Through the SavingsReferral module, wallets and apps can earn up to 25% of the savings interest generated by users they refer. These rewards are paid out automatically, in real time, whenever the referred user claims their interest.
Persons
Audits
| Audit / Date | Findings | Verdict |
|---|---|---|
Code4rena12-04-2023 - 19-04-2023 |
| The audit uncovered six high-severity and fifteen medium-severity vulnerabilities, including critical issues such as CHALLENGER_REWARD abuse that could drain reserves and frontrunning attacks against challengers, all of which were confirmed by the sponsor and slated for remediation. |
Decurity16-09-2024 - 25-09-2024 |
| The audit identified several critical and high-severity vulnerabilities, most of which were remediated before the final review; the acknowledged items involve edge cases gated by governance-enforced parameters or accepted design trade-offs, resulting in a reasonable residual risk profile for the protocol. |
ChainSecurity07-08-2023 - 27-10-2023 |
| The audit concludes that the Frankencoin codebase provides a satisfactory level of security, with all critical and the majority of high- and medium-severity issues resolved; residual risks, such as the absence of a bridge failure recovery mechanism, are explicitly accepted by the team. |
ChainSecurity22-10-2024 - 27-11-2024 |
| The audit found no critical issues and resolved all two high-severity and four medium-severity findings before final review, with the report concluding that the codebase provides a high level of security. Residual low-severity and informational items were acknowledged or risk-accepted by the Frankencoin team and do not materially undermine the system's safety. |
ChainSecurity04-05-2025 - 14-05-2025 |
| The audit found no critical or high-severity vulnerabilities; the single medium-severity issue was corrected and the three low-severity items were acknowledged or accepted as risks, supporting the conclusion that the Frankencoin CCIP Bridge codebase provides a good level of security for its cross-chain extension. |
BlockBite06-02-2023 - 10-02-2023 |
| The audit found three critical-severity vulnerabilities (one leading to positions being unrepayable, two enabling unrestricted minting and fund drainage) all of which were fixed, while medium and low risks were either resolved, acknowledged, or addressed via governance guidelines; overall the contract set has been materially strengthened, though residual design risks around vote manipulation and bridging DoS remain acknowledged. |
ChainSecurity30-10-2023 |
| The ChainSecurity audit found that the Frankencoin codebase provides a satisfactory level of security, with all critical and most high/medium issues resolved before report finalization; the main residual risk is the accepted lack of automatic recovery from a bridge stablecoin collapse, which the team plans to address via DEX swap facilities. |
BlockBite06-02-2023 - 10-02-2023 |
| The audit uncovered three critical-class logic flaws (all fixed) that could have led to loss of user funds or unrestricted minting, and several medium-severity governance manipulation issues (also fixed); the residual low and informational items were either acknowledged or addressed via governance guidelines, and do not present immediate on-chain risks for the deployed protocol. |
BlockBite Audits06-02-2023 - 10-02-2023 |
| The audit uncovered several high-impact vulnerabilities in Frankencoin's core minting and challenge mechanisms, all of which were resolved by the client; the remaining medium and low issues were either fixed or acknowledged, leaving the protocol in a reasonably secure state for deployment with residual governance-level risks noted. |
Code4rena (C4)12-04-2023 - 19-04-2023 |
| The Code4rena audit uncovered critical economic and logical flaws in Frankencoin's challenge and auction mechanism, including six high-severity issues that could lead to loss of funds or DoS; the sponsor confirmed and fixed all high-severity findings before deployment, significantly improving the protocol's security posture. |
ChainSecurity22-10-2024 - 27-11-2024 |
| The audit found two critical issues that were corrected before finalization, and the remaining open findings are low-severity or acknowledged risks; overall, the codebase provides a high level of security for the Frankencoin v2024 extension modules. |
Decurity16-09-2024 - 25-09-2024 |
| The Decurity audit of Frankencoin V2 uncovered 3 critical and 3 high-severity vulnerabilities, all of which were either fixed or acknowledged, indicating that the most impactful attack paths have been addressed before deployment. Residual acknowledged issues (e.g., small challenge times and reward forfeiture under depleted equity) represent accepted design trade-offs that should be monitored post-launch. |
Legal
Legal form
Association (Swiss Verein / non-profit organization)
Registration jurisdiction
Switzerland, Canton of Zug
Status and notes
The Frankencoin Association is a Swiss non-profit organization based in Zug, Switzerland that serves as a point of contact and supports the ecosystem but does not control the protocol itself. ZCHF is classified as a payment token under Swiss FINMA guidelines and as a crypto-asset under EU MiCAR, with no identifiable issuer due to the protocol's decentralized nature. No separate imprint (Impressum), terms of service, or privacy policy pages are published on the website; the main site serves as the sole information source. Legal assessments were conducted by LEXR Law Switzerland AG and LEXR Germany Rechtsanwalts GmbH.