• Sec. Infra Overview
  • Past Audits
  • Code Structure
  • Centralization
  • Exposure to other Defi
  • Recommendation
  • User Rating
  • Back
protocol logo

Teller Finance

Rating

A

Score73.00

Lending

Sec. Infrastructure Overview

Current Bug Bounty:

No Bug Bounty

Bug Bounty Max Payout: 0 $
Has paid White Hats before:
Date of Last Audit: 1 Jan 1

Recent Security Incidents

  • Incident

    Amount Lost

    Date

Secured By

The Protocol is secured by

  • Name

    Type

    Website

  • logo of list item
    0
    View

Past Audits

Number of Audits

3

Number of Vul. Found

41

Date of Last Audit

1 Jan 1

Past Audit Reports

Last codebase change was on: 1 Jan 1

Show Code Locations
Show all Vulnerabilities

Vulnerabilities reported in past audits

Code Structure

Lines of Code

0

Amount of Contracts

165

External Integrations

0

Code Summery

Teller is a non-custodial lending protocol that facilitates time-based loans using any ERC20 tokens or ERC721/ERC1155 NFTs as collateral, eliminating margin call liquidations. It operates on Ethereum, Base, Arbitrum, and Polygon, allowing customizable liquidity terms set by lenders. Borrowers can leverage various digital assets without the risk of price-based liquidation, while liquidity providers earn passive income by lending under predetermined conditions. The protocol offers flexible loan structures, including over-collateralized and under-collateralized options, with clear default recourse mechanisms. Overall, Teller enhances DeFi by broadening the collateral options and minimizing liquidation risks.

Show Dependency Graph

Code Structure & Dependency

Show Codefile metrics

Centralization

Decentralization Score

18 out of 20

Contract Upgradability

No upgradability

Frontend

Go to Dapp

Maintenance Score

2.00

Poor

Excellent

Admin / Governance Functions

Timelocks

Uses Timelocks

Pauseability

Can be paused

Admin Wallet

The owner of TellerV2.sol (TRUSTED) is able to pause or unpause the protocol. When paused, new loans cannot be submitted or fulfilled via submitBid or via lenderAcceptLoan as those fn calls will revert. The LenderGroup_Smart contract will not only be deployed once, but will be deployed in many iterations since it is a 'l'he owner (RESTRICTED) of any given LenderGroup_Smart contract is able to freeze or unfreeze borrowing (the capability to borrow money from) the smart contract.

Can be paused

No Timelocks

Recommendations

We chose to ignore MEV in the lender group contract for now as it was too difficult to design out and because other pools such as Uniswap exist with MEV. In this context, MEV means that a lender that is depositing / withdrawing shares to and from the lender group contract can deposit and withdraw in such a way as to do it in a sandwich effectively playing around the valuation of a share. As far as I know, this MEV 'xploit'also exists in uniswap pools and is largely insignificant for general intents and purposes.

User Rating

Avg. User Rating

No ratings

No ratings yet

Submit your review

Protocols on SCAS can't offer incentives to hide reviews

Disclaimer:

SCAS conducts security assessments on the provided source code exclusively. Conduct your own due diligence before deciding to use any info listed at this page.

In case you find any information on this report is incorrect, please fill out following form:Feedback

About UsPrivacy Policy
SCAS Oy 2025All rights reserved.