search

Vault

The vault is a standard ERC-4626 tokenized vault with USDC as the underlying asset and USDREFI as the share token. Because yield is distributed as a side-stream via Merkl (rather than accruing into the share price), the exchange rate is always 1:1.

hashtag
Deposit Functions (Active)

Function
Behavior

deposit(assets, receiver)

Accepts USDC, mints USDREFI 1:1. Checks tier and caps. Reverts if tier = 0.

mint(shares, receiver)

Same logic, denominated in shares.

maxDeposit(receiver)

Returns min(globalRemaining, tierCapRemaining). Returns 0 if tier = 0.

maxMint(receiver)

Equivalent to maxDeposit at 1:1 rate.

previewDeposit / previewMint

Identity function (1:1).

hashtag
Withdrawal Functions (Disabled)

Function
Behavior

maxWithdraw / maxRedeem

Return 0 — signals withdrawals unavailable.

withdraw / redeem

Revert with message directing users to Uniswap.

circle-info

The Foundation Safe can call setWithdrawalsEnabled(true) to re-enable withdrawals in an emergency. This toggle can be reversed once the Uniswap pool is restored.

hashtag
Cap System

Parameter
Initial Value
Governance

Global vault cap

$25,000 USDC

setGlobalCap(uint256) via Foundation Safe

Tier 1 per-user cap

$500 USDC

setTierCap(1, uint256) via Foundation Safe

Tier 2 per-user cap

$5,000 USDC

setTierCap(2, uint256) via Foundation Safe

Tier 3 per-user cap

$15,000 USDC

setTierCap(3, uint256) via Foundation Safe

The maxDeposit function enforces both the global cap and the per-user tier cap, returning the lower of the two remaining amounts.

hashtag
ERC-4626 Compliance

The vault is fully ERC-4626 compliant despite disabled withdrawals. The standard explicitly allows maxWithdraw() and maxRedeem() to return 0, signaling to integrators that withdrawals are unavailable. Portfolio trackers (DeBank, Zapper) will correctly display the position, and all deposit-side view functions work normally.

hashtag
Implementation Notes

  • Built on OpenZeppelin's ERC4626 base with overrides for maxDeposit, maxMint, maxWithdraw, maxRedeem, deposit (cap checks), and totalAssets

  • totalAssets() uses an internal counter — not token.balanceOf(address(this)) — to avoid counting dust or direct transfers

  • First-depositor inflation attack is not a risk at fixed 1:1 pricing

  • maxDeposit never overestimates — returns 0 on any overflow rather than reverting

PreviousUniswap Pool