ICHI
About
ICHI is a non-custodial DeFi protocol that turns single-token deposits into optimized yield from concentrated liquidity pools across multiple AMMs. It automates liquidity provisioning and rebalancing for token projects, DAOs, asset managers, and blockchain ecosystems, helping them maintain price stability and liquidity depth while reducing impermanent loss risk — all without requiring users to manage paired token ratios or manual position adjustments.
Where Does Yield Come From?
ICHI takes user deposits and puts them into single-sided concentrated liquidity pools (pools where you can deposit just one type of token and it automatically handles the other side) across more than 40 different exchange platforms — like Uniswap v3, PancakeSwap, Thena, and Ramses — spread over 25+ blockchain networks.
The protocol offers two automated approaches:
-
YieldIQ — for volatile or uncorrelated token pairs (tokens that don't move in sync). It tracks how much of each token is in the pool and only rebalances when the mix drifts too far from the target. This avoids unnecessary trades and fees. YieldIQ has five phases (Healthy, Over-Inventory, Under-Inventory, High Volatility, Extreme Volatility) and intentionally widens the price range during market turbulence to reduce risk.
-
Ascend — for stable or correlated pairs (tokens that tend to move together). It keeps liquidity centered around a fixed peg by taking multiple price snapshots over a set time window. This stops the strategy from overreacting to short-term price blips. Any swaps it does execute happen within a single tick (the smallest price increment) to minimize slippage (the cost of moving the price).
Where the yield comes from: In both strategies, the main source is AMM trading fees — the small charges traders pay when they swap tokens inside the vault's liquidity range. Each LP token holder earns fees in proportion to their share of the pool.
How fees are handled: A 10% performance fee is taken from the swap fees earned. Of that, 90% is automatically reinvested (compounded) back into the liquidity position, and 10% goes to the ICHI protocol to cover infrastructure and maintenance costs. For certain vaults (called VE33 vaults), fees are instead sent to voting gauges for additional distribution.
Everything — rebalancing and fee logic — runs 100% on-chain with no special account that can override the system. Users can withdraw their original deposit plus any accumulated earnings at any time by simply returning their LP tokens.
Persons
37 Aces
CTO
Bryan Gross
ICHI Network Steward
Audits
| Audit / Date | Findings | Verdict |
|---|---|---|
Quantstamp22-04-2021 - 24-05-2021 |
| The audit identified four critical-precision/arithmetic High-risk bugs that were all fixed, and the remaining acknowledged items reflect intentional design decisions around decentralized governance and future-use parameters; overall, the code is safe for production use after the resolved remediations. |
Solidified24-05-2021 |
| The audit uncovered a critical oracle implementation flaw in ICHICompositeOracle that would cause incorrect USD pricing, which must be resolved before deployment, alongside several medium and low-severity findings that were acknowledged or addressed by the team. |
CertiK30-11-2021 |
| The CertiK audit identified no critical vulnerabilities in the ICHI smart contracts, though two major centralization/privilege issues were partially resolved, indicating residual design risk from administrative controls. Overall the audit suggests reasonable code security at the time, with no exploitable critical flaws. |
| The CertiK audit of ICHI's farming contract found no critical vulnerabilities and only one major issue, which was resolved; the codebase was deemed reasonably secure for deployment with the remediations applied. | |
Bramah Systems28-10-2020 - 31-10-2020 |
| The audit found no high or medium severity vulnerabilities in the reviewed scope, with most issues relating to best-practice deviations and accepted risks; the protocol's reliance on forked code (SushiSwap/Compound) introduces a supply-chain consideration the team acknowledged. |
| The audit report hosted on Google Drive is behind an authentication wall and could not be accessed for analysis; no findings can be assessed for the ICHI protocol from this link. | |
FYEO Inc.25-09-2023 - 10-10-2023 |
| The report indicates only two low-severity code-quality findings and concludes the reviewed code correctly implements its documented functionality; no critical or high-severity vulnerabilities were identified. |
FYEO— |
| This FYEO quality assessment rates ICHI's codebase at "Advanced Maturity" but is not a full security audit and does not assign severity-graded vulnerabilities; key residual risks include unmonitored incident response and potential economic attacks on automated rebalancing that warrant further dedicated security review. |
Legal
Status and notes
No legal entity name, imprint, terms of service, or privacy policy disclosed on the official website (ichi.org) or docs (docs.ichi.org). The project operates under the brand "ICHI" and its X (Twitter) handle is @ichifoundation, suggesting a foundation structure, but no jurisdiction, registration number, or entity details are provided. The docs contain only a generic DeFi risk disclaimer with no operator/company information. No privacy policy or terms of service were found on any official source.