Security
1. Audit
2. Deployments
Mainnet Contracts
🐻 Berachain (Chain ID: 80094)
pUSD Vault
BoringVault 0xF4e20B420482F8bEd60DDc4836890b3c4eCFD3E5
Accountant 0xd0E9563E2e77a3655Fa765c9aFA51d7898DCce1B
Teller 0x04004e0F6Ca848D65E38ceF738843E8b78F02a2a
Distributor 0xde760341e4db7a25785313ca90eeb4c65bdb4672
DelayedWithdraw 0xaEd96044999e6Ffad529F2Ffb1780d3c696cF76a
Manager 0xf0Fc03AaD781a4345e5eA7CF689d7360f0974774
pWBTC Vault
BoringVault 0xd57C84F393B01ec01E1F42a9977795b2bca95837
Accountant 0x7c6c4554eC10b4BdA09d7a6fa9Be423896942A31
Teller 0x8176e31cd227Ffa6d78907521FFe0C077095D94b
Distributor 0x01867f25a7a285de5a19c2a3655ded09609b82a8
DelayedWithdraw 0xF52405364695e068467c66dfc4e042536756F8Cb
Manager 0xAA8233a76fbFc9Ee42305bfd50bDa28a6e00D9af
pWETH Vault
BoringVault 0xccee5D9125Dcb41156e67C92a92BC0608D720660
Accountant 0x71A8166096F86EACa45AD97b9B4F34Bc97FfC47c
Teller 0x1936A74692D3d71653dE7D03299310B203654e96
Distributor 0x96a9c45af704e1a64129ebf624a40074655d38f6
DelayedWithdraw 0xFb714e4A32d617c502b1A79c835B7a1396B14c09
Manager 0x0C9169E670141D2787C9D7d0811E4Fc074F349E8
pWBera Vault
BoringVault 0x3AF6CBd76FDb0C6315B7748Ba11243830565e783
Accountant 0x1d7e0B3070d80899bCd61A9c484780F54B1543D6
Teller 0x8198239B55c79a5E4E5460241C89EB11B53Eb2Ed
Distributor 0xac1ff4889255e581463fb9854c4e85122653f655
DelayedWithdraw 0xdb1f0F4bc8DA11fb71FB18D432d4A3d1F2a53D56
Manager 0xf2aDcb4EAa365312Bbc591De471EC4386ca114D3
Shared Infrastructure
PrimeRBAC 0x19311BbB6F8E8b7FD5305F5B07bA1200854a4E53
PrimeTimelock 0x8C256f131D86b7301106F943221f749157B1FeF3
DecoderAndSanitizer 0xdE5608924Cd4fd63387c556B19F73F39A503Ef3d
PrimeStrategist 0x8BA75fd32c9275de224Dd3E035D21FF17EE048A7
PrimeExecutor Deployments
Same address across all chains below
🟨 BNB Smart Chain (Chain ID: 56)
PrimeExecutor 0x6b5a6B402F984FCd4175C43b642800920873cbC5
🔷 Ethereum (Chain ID: 1)
PrimeExecutor 0xb2f865041e3F7De4576FB5B30ac8e9fbDA82e29d
🔵 Arbitrum (Chain ID: 42161)
PrimeExecutor 0xb2f865041e3F7De4576FB5B30ac8e9fbDA82e29d
🟠 CoreDAO (Chain ID: 1116)
PrimeExecutor 0xb2f865041e3F7De4576FB5B30ac8e9fbDA82e29d
3. Role & Permission
Prime Vaults employs a minimal yet robust permission framework that ensures protocol security, operational integrity, and clear separation of responsibilities. The system defines two primary roles with strictly bounded privileges: Admin and Curator.
Admin Role
The Admin is the highest-privileged role within the protocol, responsible for managing configuration, lifecycle control, and permission boundaries across StakingVaults and the Strategy Layer. Importantly, the Admin does not interact directly with user funds but governs the system-level permissions that determine which operations are allowed.
Admin Responsibilities
Manager Control: Updates the Merkle tree stored in each vault’s Manager module, defining the whitelist of permitted operations.
Strategy Registry Administration: Assigns, updates, or revokes Strategy Registry roles responsible for strategy lifecycle operations. Admin ensures that only compliant, audited strategies can be registered and activated.
Protocol Configuration: May update global parameters such as fee rates, strategy limits, or reward configurations where necessary.
Admin Restrictions
Cannot trigger allocations
Cannot execute harvests
Cannot move user funds
Cannot bypass Manager proof validations
Admin governs permissions, not capital.
Security Features
🔒 Share Locks
1-day lock on deposits prevents flash loan attacks
⏱️ Withdrawal Delays
3-day delay allows emergency response
🌳 Merkle Verification
All DeFi operations must be pre-approved
⏸️ Pause Mechanism
Emergency pause for all critical contracts
🛡️ Reentrancy Guards
Protection against callback exploits
📊 Supply Invariants
Prevents share dilution attacks
Last updated