Organization
- @morpho-org
Engagement Type
Spearbit Web3
Period
-
Repositories
Lending Pool Optimization Security Review of Morpho Av3
Morpho is a peer-to-peer lending optimizer that improves capital efficiency by matching supply and borrow positions within existing lending pools like Aave. The protocol offers users improved APYs without sacrificing pool-level liquidity and maintains compatibility with Aave’s risk and collateral parameters.
To strengthen its risk model and ensure reliable integration, Morpho engaged Spearbit via Cantina for a security audits review of its Morpho Aave v3 implementation. The engagement focused on LTV edge cases, isolation mode risks, oracle fallbacks, and reward distribution mismatches to align user experience with expected lending outcomes.
Cantina supports lending protocol security through layered solutions like bug bounty programs, crowdsourced security competitions, and multisig security, helping to secure core infrastructure as systems evolve and scale.
Findings
Critical Risk
4 findings
4 fixed
0 acknowledged
High Risk
5 findings
3 fixed
2 acknowledged
Medium Risk
7 findings
5 fixed
2 acknowledged
Low Risk
4 findings
3 fixed
1 acknowledged
Informational
13 findings
7 fixed
6 acknowledged
Gas Optimizations
3 findings
3 fixed
0 acknowledged