Yield protocols are brutal to audit. Share accounting, strategy routing, oracle trust, ERC4626 integrations — any single miscalculation can drain a vault. BakerFi's Code4rena 2024-12 contest put all of these in one codebase: 2,028 lines of Solidity, seven high-severity bugs confirmed by human wardens, a $72K bounty pool.
We ran our AI audit engine against it and caught all seven HIGHs plus 15 of 16 MEDIUMs.
ℹ️Scope and Ground Truth
Comparison is against the official Code4rena 2024-12-bakerfi report — 7 HIGH and 16 MEDIUM findings as published. QA / Low and out-of-scope items are not part of this comparison.
The Results
100%
HIGH Detection (7/7)
94%
MEDIUM Detection (15/16)
2,028
Lines of Solidity
~45m
To Full Attack-Path Report
BakerFi is the kind of protocol where automated tools miss almost everything important. Vault share math lives in one contract, strategy accounting in another, and the exploits hide in how they interact. This benchmark is about whether an AI can follow that cross-contract thread.
The Target: BakerFi Yield Vaults
BakerFi is a multi-strategy yield vault protocol built around ERC4626. Users deposit into a vault, the vault routes capital across strategies, and a router contract lets users interact with the system via multicalls. That design surface includes:
Protocol Surface
ERC4626 share accounting
Two places compute share prices — the vault itself and the strategy adapter. When those disagree, value leaks.
Strategy routing
MultiStrategy contract deploys and undeploys capital across sub-strategies based on configured weights. Allowances and balances track across both.
Pull-style approvals
VaultRouter takes user permission to move tokens. Any validation gap in the router becomes an allowance drain for the entire user base.
Oracle-dependent strategies
Leverage strategies rely on oracle reads. Mismatched freshness between read paths creates share-price manipulation windows.
Every High-Severity Finding
C4 High Finding
- •H-01: Users may encounter losses on ERC4626 deposits via StrategySupplyERC4626
- •H-02: Anyone can call StrategySupplyBase.harvest — fee evasion
- •H-03: _deployedAmount not updated on undeploy, preventing fee collection
- •H-04: Decimal conversion issues between vault and strategy
- •H-05: pullTokensWithPermit allows attackers to steal tokens via signature replay
- •H-06: VaultRouter allowance exploit for ERC20 tokens
- •H-07: VaultRouter allowance exploit for ERC4626 tokens
RedVolt Detection
- •DETECTED
- •DETECTED
- •DETECTED
- •DETECTED
- •DETECTED
- •DETECTED
- •DETECTED
All seven HIGHs caught, including the nuanced cross-contract exploits: fee evasion via an unprotected harvest entry point, decimal-conversion drift between vault and strategy, and the EIP-2612 permit-signature replay in pullTokensWithPermit that drains approvals the user never authorized.
The Attack Path That Matters Most
The top-ranked attack identified on BakerFi was oracle manipulation via flash loan to inflate a leverage position — estimated profit around $500K per exploit. The sequence: flash-loan a large ETH position, skew the oracle read via a manipulation window, inflate vault share price, deposit, wait for oracle snapback, withdraw at the true price. This is exactly the kind of cross-contract thread that human wardens spend days chasing, and it mapped directly to several of the HIGH findings above.
Medium-Severity Coverage
15/16
MEDIUM Findings Detected
M-04
MultiStrategy DoS on revert
M-12
Oracle Freshness Mismatch
M-16
First-Depositor Share Inflation
Notable mediums detected include the classic first-depositor share inflation attack (M-16), oracle freshness mismatch enabling share-price manipulation in leverage strategies (M-12), and a DoS vector in MultiStrategy.deploy when a sub-strategy reverts (M-04). The single MEDIUM we didn't catch was an edge-case rounding mismatch in a specific strategy weight rebalance path.
Why This Benchmark Matters
BakerFi isn't a toy protocol. It's 2,028 lines of production Solidity with ERC4626 share math, cross-contract strategy routing, and oracle-dependent leverage — exactly the class of codebase where simple pattern matchers fail. Getting 100% of the HIGHs and 94% of the MEDIUMs on a protocol like this is a real capability claim, not a theoretical one. Our published detection rates are measured, not marketed.
The Honest Comparison
What We Caught
- •Cross-contract fee-evasion via unprotected harvest
- •Router allowance exploits for ERC20 + ERC4626
- •Decimal conversion mismatches between vault and strategy
- •Oracle manipulation + flash-loan leverage exploits
- •EIP-2612 permit-signature replay
What We Still Don't Catch
- •Exotic DAI-style permit variant signature incompatibility (edge case)
- •Reentrancy in multicall execution where the guard is disabled mid-call
- •Specific rounding edge cases in strategy weight rebalance under adversarial markets
- •Some governance timelock bypass patterns requiring multi-proposal sequencing
- •Upgrade storage-slot collision detection in non-standard proxy layouts
We publish what we find and what we still need to grow into. That's the only way benchmarks mean anything.
Try It Yourself
100%
HIGH Severity (7/7)
94%
MEDIUM Severity (15/16)
2,028
SLOC Audited
PoC
Every HIGH Verified
Upload your contracts, get a verified audit with runnable PoCs. We publish the detection rates so you know exactly what you're paying for.
ℹ️Want Independent Verification?
We can pair this benchmark with a manual expert review on your specific deployment — full audit output, side-by-side comparison against the C4 report, and verifier sign-off on each PoC. Request an expert proof report →
Related reading
veRWA (8/8 HIGH) · Wildcat Protocol (6/6 HIGH) · VTVL Vesting (5/5 findings) · Karak Restaking · Ethernaut + DVD (7/7) · Jito Restaking on Solana. For our full methodology see RedVolt benchmark results.