Introducing Solv Guard: Enhancing Security for Yield Vaults
Solv Protocol has specialized in yield vaults since our founding in 2021. Over the past three years, we have observed the constant evolution of the DeFi industry, requiring continuous iteration of our yield vault products to meet market and user demands for safer management and higher-quality returns.
TL&DR
- DeFi Evolution Stages:
- Early DeFi: Complex UX, limited yields (e.g. Uniswap, Compound)
- Aggregators: Simpler UX, but yields still constrained (e.g. Yearn)
- Active Asset Management: Easier UX, higher yields, increased risk (e.g., Lido, Solv, Ethena, Bouncebit)
2. Solv Guard acts as an extra security layer to secure assets on the Solv platform
3. Solv Guard is an industrial-grade security solution with:
- Robust transaction and fund flow controls
- Separated governance for upgrades/modifications
- Customizable security for broad adoption
Evolution of DeFi
The DeFi industry has progressed through three main stages. The 2020 DeFi summer introduced pure algorithmic protocols like Uniswap and Compound, providing the first trustless on-chain experience. However, yield sources were limited, and users had to interact with each pool individually. Aggregator protocols, such as Yearn, simplified asset management by distributing user assets across multiple liquidity pools to optimize yields, though the yields remained constrained by the underlying pools.
The current DeFi cycle is characterized by yield-bearing assets and diverse yield sources. Products like LSDs and USDe have introduced new yield generation opportunities within DeFi, such as staking and CEX arbitrage. Users no longer need to manage all complexities themselves, as “asset managers” can help manage these yield-generating activities. This evolution highlights the growing sophistication and user-friendliness of DeFi, with Solv continuously iterating its decentralized asset management product to meet changing market and user needs.
This model of “active asset management,” where users entrust their assets to professional asset managers to generate higher yields, has emerged as a trend in DeFi. However, it also introduces new security challenges:
- Complexity of Assets: Managed assets are now more complex, featuring a multi-layered structure. At the base layer include “native” cryptocurrencies like BTC, ETH, and USDT, which are managed through multi-sig wallets or centralized third parties. On the upper-layer include derived assets like stETH, USDe, and on top of that LRTs.
- Human Intervention: Sophisticated yield-generating strategies involve human intervention by asset managers, unlike purely algorithmic protocols of the past. This raises the need for effective monitoring and constraints on asset managers to protect user funds.
Understanding Solv Guard
Solv Guard is an intermediary layer that sits between underlying assets and users’ assets, adding an extra security mechanism on top of smart contracts. It can be customized for individual trading strategies and asset pools, allowing tailored permission controls and restrictions for asset managers.
Mechanism
Solv Guard is built on top of the Smart Contract Wallet “Safe”, which inherently has multi-signature capabilities. Solv Guard’s key role is to constrain the multi-sig functionality of Safe within a specified scope.
Solv Guard configures a Vault Guardian for each Vault, specifying the target address and permissions for that target address. The Safe and Solv Guard then work together to verify the validity of any transaction.
As shown in the diagram, three key elements need to be configured for the Vault’s permissions:
- Specifying the allowed contracts
- Defining the allowed function operations
- Specifying if the contract functions require ACL verification.
Using Uniswap as an example, if an asset manager wants to perform market-making on Uniswap, Solv Guard should configure:
- Restrictions on who has the authority to invest and redeem the funds.
- Restrictions on the smart contract addresses where funds can be sent, allowing only the specific Uniswap contract address(es) for liquidity provision.
- Permitted LP pool contracts and authorized token addresses (e.g., ETH, USDT) for providing liquidity, while preventing interaction with other tokens.
The asset manager could also invest the funds in other assets like U.S. Treasuries or use them for contract trading. Solv Guard already supports authorization integrations with protocols like Uniswap V3, GMX V2, Compound, Lido, Ethena, PancakeSwap, and more.
Governance Mechanism
To ensure security and upgradeability, Solv Guard has a governance mechanism separated from the operation mechanism. The Solv Vault Guardian is responsible for execution, while the Governor controls governance powers, which can be managed by the community and asset managers. This includes features like Time Lock to ensure user transparency and choice.
The Governor has broad powers, including upgrading the Guardian, adding or removing authorizations, managing native token transfers and whitelisted addresses, transferring Governor powers, and permanently disabling the governance rights.
The benefit of this approach is that even if there are issues with the Guardian, the Governor can still take timely remedial measures to maximize the protection of user assets.
Solv Guard is an industry-leading security mechanism built to address the evolving needs of DeFi asset management. While centralized third parties play a vital role in the DeFi ecosystem, we cannot fully entrust them with our most valuable assets. As a pioneer in decentralized asset management, Solv Guard represents Solv’s innovative contribution to the industry — empowering DeFi users to capture new yield opportunities without compromising the safety of their funds.