WebacyStablecoin Universe
OverviewAlertsBackingYieldUpcomingEventsVault IncidentsGraveyardSupply FlowsStablecoin BurnsFreeze IntelligenceModelDocsVault UniverseEcosystemVault StatsProtocolsAbout
← Back to vaultsDocumentation

Compound V3 USDC.e Lender

0x1bd173f9a1186a1abe680071e0f57d4d83c18430View on depeg monitor β†’

arbstrategy vault45.8 (medium)Needs attention

Last scored: 6/10/2026, 3:59:51 AM

Low risk45.8/100High risk

Top 3 risk drivers

  1. Upgrade risk70 pts(+7.00 to score)
  2. Strategy50 pts(+2.50 to score)
  3. Protocol risk15 pts(+2.25 to score)

Share price: $1.6068

Score history (30d, 74 snapshots)+38 pts since 2026-03-25
846050100

Alert History

Loading alert history…

⚠ List with caution

Moderate risk β€” recommend disclosing risk tier to users.

What's in this vault

Deposits

USDC

What this vault is exposed to

You deposit USDC. Here's what backs your position.

USDC
100.0%
$76

Source: inferred

Rating breakdown

Sub-scores sorted by contribution. Each bar is relative to the top contributor.

Upgrade70
Strategy50
audit_recency46.7
Webacy code40
Asset25
oracle20
Protocol risk15
Webacy contract5

Score 46 (MEDIUM). Primary drivers: upgradeable contract, complex strategy, external protocol risk. Active signals: prior exploit.

Risk flags

3 audits on record Β· last 2.9yr ago
OpenZeppelin, Trail of Bits
Exploit historyUpgradeable

Recursive lending & looping

Loop exposure

0.0%

Morpho looping markets

ARB β†’ USDC
$0
EZETH β†’ USDC
$0
GMX β†’ USDC
$0
RETH β†’ USDC
$0
RSETH β†’ USDC
$0
TBTC β†’ USDC
$0
WBTC β†’ USDC
$0
WEETH β†’ USDC
$0
WETH β†’ USDC
$0
WSTETH β†’ USDC
$0
wBTC β†’ USDC
$0
wstETH β†’ USDC
$0

Exploit history

via DeFiLlama

Incidents

3

Total lost

$22.8M

Worst incident

$11.5M

EcosystemProtocol LogicFlashloan Misconfiguration ExploitFlashloan Price Oracle Attackmisconfigured Fulcrum sUSD strategy

Funding regime

Perp funding rate data (healthy vs compressed/inverted) will indicate when vault yield is from stable vs stressed conditions. Coming soon.

Webacy code analysis (4 findings)

Security findings from static analysis. Critical issues (reentrancy, unchecked calls, etc.) may require attention.

assembly
552079dc
f428ef68
is proxy
is blacklisted
bbf376b5
External boolean calls without try/catch or validation in '_harvestAndReport'
external function
8d03ea17
ERC20(_token).approve(_contract, _amount)