Primitive

DeFi Portfolio Protocol Audit for Primitive

Cantina Security Report

Organization

@primitivefinance

Engagement Type

Spearbit Web3

Period

-


Smart AMM Infrastructure Review of Primitive

Primitive is a DeFi protocol for structured portfolio management using programmable liquidity and automated market-making strategies. Its design enables capital-efficient yield generation via tokenized liquidity pools, offering composable and on-chain asset exposure with minimal overhead.

To verify the soundness of this system, Primitive engaged Spearbit through Cantina for a security audits review of its Portfolio contracts. The engagement examined invariant logic, swap correctness, decimal handling, reserve modeling, and LP accounting—surfacing critical fixes related to fee distribution, reserve safety, and MEV-resilient liquidity operations.

Cantina also helps secure high-performance DeFi infrastructure through bug bounty programs, crowdsourced security competitions, and multisig security, supporting safe execution of complex capital strategies.


Findings

Critical Risk

3 findings

2 fixed

1 acknowledged

High Risk

5 findings

4 fixed

1 acknowledged

Medium Risk

8 findings

7 fixed

1 acknowledged

Low Risk

2 findings

2 fixed

0 acknowledged

Informational

16 findings

14 fixed

2 acknowledged

Gas Optimizations

4 findings

4 fixed

0 acknowledged