Dependency graph (protocols depended upon)
Beefy Finance's assessment for RD-F-050 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Dominant dependency: each vault wraps one external protocol (hundreds across ~34 chains: Aave, Curve, Balancer, Uniswap v3, Compound, Convex, PancakeSwap, etc.). Failure of any wrapped protocol impairs that vault but not others — diffuse aggregate risk with isolation by design. BeefySwapper depends on BeefyOracle sub-providers. BIFI token depends on four bridge adapters and XERC20Lockbox. Dependency graph is architecturally sound in isolation design but scale (hundreds of protocols) creates aggregate exposure. Yellow because at least one confirmed upstream failure causing partial user impact (Sonne Finance 2024).
Sources #
- DocsBeefy SAFU PracticesSAFU practices: 'projects and protocols that we build on top of will naturally use functionality susceptible to abuse'retrieved 2026-05-16
- Beefy strategy directory — external protocol integrationsbeefy-contracts strategies directory — 20+ subdirectories of external protocol integrationsretrieved 2026-05-16
- Beefy protocol profile — external dependencies section00-profile.md §7 — External dependencies and §10 Sonne Finance 2024 incident (Beefy suspended 9 vaults; partial losses)retrieved 2026-05-16
Methodology #
List all external protocols whose failure would directly impair this protocol (LST providers, bridges, stablecoin issuers, keepers).
See the full factor methodology and distribution across all protocols →