Our team at Eleven Finance take security very seriously. Admittedly, we have been suffered in the past, when our platform was unaudited, however all funds from this exploit were recovered. Fortunately, we have came a long way since. We are more determined than ever to make sure user's funds are 100% secure.

That's why Eleven Finance was audited twice by two different security teams. All of our vaults, our lending protocol and the leveraged yield farming were all audited. We fixed every risk found in the audit before deploying our lending & leveraged yield farming protocol to ensure maximum security.

To further ensure that funds deposited in our vaults are secure, we only list trusted farms on our website. We also charge a 0.1% security withdrawal fee to prevent attackers from profiting from flash loans and draining the funds from our vaults.

Audits

CertiK

Solidity Finance

These are all smart contracts that were fully audited:

• addstrat.sol‌ (CertiK)

• bankConfig.sol‌ (CertiK)

• borrow.sol‌ (CertiK)

• borrowconfig.sol‌ (CertiK)

• eleUSD.sol‌ (CertiK)

• interestmodel.sol‌ (CertiK)

• liqstrat.sol (CertiK)

• addStrat.sol (Solidity Finance)

• bigfoot.sol (Solidity Finance)

• bigfootConfig.sol (Solidity Finance)

• liqStrat.sol (Solidity Finance)

• oracle.sol (Solidity Finance)

NRV vaults exploit

On June 22nd 2021, a hacker was able to exploit unaudited NRV vaults on Eleven Finance using a flash loan attack. To understand how this exploit was executed in detail, we encourage you to read the article made by rekt.news explaining the exploit in detail.

Thankfully, on 30th September 2021, Eleven Finance was able to retrieve all exploited funds back from the hacker. This was possible thanks to a great effort by the Peckshield and Binance team. A sincere thank you goes out to both teams.

To read about our previously planned recovery plan of lost funds, click here. However note this plan was not executed as funds were returned to users in full.