Instadapp
About
Instadapp is a DeFi middleware platform that aggregates multiple protocols (Aave, Compound, MakerDAO, Uniswap, Morpho, and more) through its DeFi Smart Account (DSA) and DeFi Smart Layer (DSL) infrastructure. It offers a product suite including Instadapp Pro (multi-protocol position management dashboard), Instadapp Lite (simplified vaults), Avocado (non-custodial smart wallet), and Fluid (its own lending, DEX, and liquidity layer protocol). The platform serves both retail users seeking simplified DeFi access and developers building composable, multi-protocol strategies.
Where Does Yield Come From?
Instadapp is a platform that connects you to many DeFi protocols (Aave, Compound, MakerDAO, Uniswap, Morpho, and others) through one dashboard. Its DeFi Smart Accounts let you move money between these protocols and earn yield from them. But Instadapp itself does not create that yield — it just passes it through.
However, Instadapp's own protocol called Fluid does have its own ways of generating yield. Here is how:
1. Shared Liquidity Layer (the base pool)
Fluid collects all the money from the different products built on it into one giant shared pool. This prevents money from being scattered across separate pools. The system uses "Automated Ceilings" — limits on how much can be borrowed or deposited that adjust every block when they get close to the limit, preventing big sudden moves. Interest rates here are set by INST token holders (governance).
2. Lending Protocol (Fluid)
You can deposit assets and earn variable interest, which goes up or down based on how much people are borrowing. Borrowers pay interest according to rate curves that governance sets. A nice feature: if new borrowing products are added later, you don't have to move your money — your deposit stays in the shared Liquidity Layer and benefits automatically.
3. Vault Protocol (Fluid)
This works like a MakerDAO vault (you put in collateral and borrow against it), but it also earns interest on the collateral you deposited, similar to Aave. The way it handles liquidations is different: instead of selling your whole position, it only sells enough to bring things back to safety — usually about 5% of the position, compared to 50–100% elsewhere. The penalty can be as low as 0.1%. Anyone can act as a liquidator through a swap-like interface and get a good rate on their trade. This design reduces panic-selling and costs less in gas (around 150k gas vs 300k to 1M on other protocols). The system uses two price sources (Uniswap time-weighted average price with three checkpoints and Chainlink) to prevent price manipulation. You can borrow up to 95% of your ETH's value.
4. DEX Protocol (Smart Collateral & Smart Debt)
This is where it gets creative. Smart Collateral pools let you put in AMM liquidity (like Uniswap-style trading positions that auto-adjust) that earns three things at once: trading fees, lending yield, and the ability to use it as collateral for borrowing. Smart Debt lets you turn borrowed money into trading liquidity — meaning the trading fees you earn can offset your borrowing costs, potentially making borrowing cheaper than the interest you pay. With matching pairs (for example, wstETH/ETH used as both Smart Collateral and Smart Debt at 95% loan-to-value), you can get up to about 20x effective leverage on the same capital. Revenue comes from a share of trading fees, borrowing demand from Smart Debt pools, and possible extra charges on Smart Vaults (like 1% extra on USDC/USDT Smart Debt).
5. Protocol Fees and Token Emissions
All fee settings — lending spreads, DEX trading fees, vault surcharges — are controlled by INST token holders through on-chain voting. The INST token can also be given out as rewards to attract people to supply or borrow on the Lending and Vault Protocols. The FLUID Reserve is a buyback mechanism that takes protocol revenue and uses it for growth and buying back tokens, as decided by governance.
Persons
Samyak Jain
Co-founder
Sowmay Jain
Co-founder
Georges KABBOUCHI
Lead Developer
Thrilok kumar
Blockchain Developer
Audits
| Audit / Date | Findings | Verdict |
|---|---|---|
PeckShield16-03-2021 |
| The DSAv2 codebase was found to be well-designed and organized, with only two lower-severity issues identified, both of which were promptly confirmed and addressed (the medium-severity master-account risk mitigated via planned DAO governance). The audit indicates that no critical or high-severity security flaws existed at the time of review. |
PeckShield18-03-2020 |
| The audit confirms that InstaDApp Smart Accounts were well-engineered overall, with one high-severity front-running vector and several medium/low issues that were mostly resolved in the patched code, reducing residual risk before deployment. |
| No critical or high-severity issues were identified, and all medium and lower findings were resolved or satisfactorily explained, indicating a solid security posture for the audited contracts at the time. | |
Statemind20-07-2023 - 28-09-2023 |
| The audit identified 36 issues across all severity bands, with the critical and high-severity findings fully remediated before deployment, indicating a thorough security review and responsible fix cycle by the Instadapp team. |
PeckShield12-06-2023 |
| The audit found no critical or high-severity vulnerabilities; the two low-severity issues (ordered-signer assumption and admin-key trust) and the informational recommendation were all promptly acknowledged or mitigated by the team, indicating a well-structured codebase that was safe to proceed with deployment. |
Statemind30-10-2023 - 29-12-2023 |
| The audit uncovered 3 critical and 8 high-severity vulnerabilities, all of which were either fixed or explicitly acknowledged by the client, resulting in a materially improved security posture before deployment. Residual accepted risks (e.g., stETH bad debt, reward funding via off-chain automation, stale oracle data) represent conscious design trade-offs rather than unaddressed exploits. |
PeckShield14-01-2023 |
| The audit found no critical or high-severity issues; the one medium-severity finding (admin key trust) was mitigated by adopting multi-sig control, and the low and informational items were fixed, indicating a well-structured codebase suitable for deployment with proper key management. |
PeckShield18-02-2023 |
| The audit found no critical or high-severity vulnerabilities; the two medium-severity issues were either fixed or mitigated via multi-sig controls, and the codebase is described as well-structured, indicating a generally sound security posture for the Avocado V2 protocol. |
Statemind08-04-2024 - 10-04-2024 |
| The audit found zero critical, high, or medium severity vulnerabilities; the sole informational issue was fixed, and the codebase was deemed ready for deployment across 16 networks. |
Backers
Instadapp raised a $2.4 million seed round announced in October 2019. The round included participation from Pantera Capital, Naval Ravikant, Balaji Srinivasan, Coinbase Ventures, IDEO Colab, Robot Ventures (Robert Leshner of Compound Finance), and Loi Luu (Kyber Network), among others. The company earlier received a grant from Kyber Network to begin development. Advisors included Edward Moncada (CEO of Blockfolio) and Ming Ng. In the INST token governance launch (June 2021), 12.07% of the 100 million INST supply was allocated to investors with 4-year vesting, and 1.27% to advisors with 4-year vesting. No subsequent funding rounds (Series A or later) are documented in official Instadapp sources.
Legal
Legal form
Limited Liability Company (LLC)
Registration jurisdiction
United States (likely California, based on Terms of Service venue in San Francisco County, California)
Status and notes
The operating entity is InstaDApp Labs LLC, as stated in the Terms of Service (“a binding contract between you and InstaDApp Labs LLC”). Contact email: [email protected]. Privacy Policy, Cookie Policy, and CCPA disclosures are published at instadapp.io/privacy, /cookies, and /ccpa respectively. The Terms of Service were last updated 01/08/2020. No registry number or specific incorporation details are disclosed on the website. Imprint page not available (404 on /imprint and /legal).