# Tenor’s Approach to Security

By [Tenor](https://blog.tenor.finance) · 2026-07-15

---

Onchain lending markets are powerful because they're programmatic, verifiable, and rely purely on code. As we approach Tenor’s launch, we want to share the steps we've taken to secure Tenor’s codebase and how we think about security internally. A strong security track record is the biggest moat a platform like ours can build over time as it lowers the cost of capital for all parties involved, that's why we're investing heavily on security.

Built on Morpho
---------------

We have been big fans of Morpho's approach to building onchain lending infrastructure, minimalist codebases, formal verification, and deep attention to details. For those who have looked at Morpho’s code, it’s a work of craftsmanship. This is why Tenor is built exclusively on the Morpho stack.

We have been building Tenor on top of [Morpho Midnight](https://github.com/morpho-org/midnight/tree/main), Morpho’s upcoming fixed-rate, fixed-term lending primitive. Midnight's flexible design lets Tenor extend the protocol’s functionality with custom features while maintaining core protocol guarantees (e.g., position accounting).

Immutable code
--------------

Morpho and Tenor smart contracts are immutable and fully non-custodial. Tenor contracts are modular, such that users can opt-in to a subset of contracts when executing advanced flows or when looking to benefit from custom features. For example:

*   Earn the variable rate on pending lend fixed rate offers
    
*   Programmatic auto-renewal of positions before maturity
    
*   Programmatic market making for lenders
    
*   Create gated markets with custom whitelists
    
*   Create markets with liquidation grace periods for borrowers
    
*   Circuit breakers on price oracles and renewal flows
    

Circuit breakers
----------------

While Tenor’s core contracts are immutable, users can still customize renewal policies and markets to include circuit breakers. For example, users have the ability to opt-in to pausable renewal policies giving more flexibility to guard against cybersecurity incidents while not compromising the protocol’s non-custodiality guarantees.

Multidisciplinary Approach
--------------------------

### Testing, Fuzzing, & Formal Verification

Beyond design, Tenor's contracts have undergone unit and integration testing, as well as fuzzing. Key properties of the contracts have also been formally verified using the Certora Prover. Thanks to [Alex Zoid](https://github.com/alexzoid-eth) for key contributions on Formal Verification.

### Independent Security Reviews

Five leading security firms conducted [independent reviews](https://docs.tenor.finance/security/security-reviews) of the Tenor contracts:

*   **Blackthorn**: [Xiaoming90](https://audits.sherlock.xyz/watson/xiaoming90), [Hyh](https://cantina.xyz/u/dmitriia), [0xSimao](https://audits.sherlock.xyz/watson/0x73696d616f), and [0xApple](https://audits.sherlock.xyz/watson/0xapple)
    
*   **Cantina**: [Saw-mon & Natalie](https://cantina.xyz/u/Saw-mon-and-Natalie) and [Rscodes](https://cantina.xyz/u/rscodes)
    
*   **Obsidian**: [Spearmint](https://cantina.xyz/u/Spearmint) and [0xjuaan](https://audits.sherlock.xyz/watson/juaan)
    
*   **Guardian**: [r0bert](https://cantina.xyz/u/r0bert), [Giraffe0x](https://cantina.xyz/u/giraffe0x), and [Wafflemakr](https://cantina.xyz/u/wafflemakr)
    
*   **TrustSec**: [Trust](https://audits.sherlock.xyz/watson/Trust) and [Holla](https://audits.sherlock.xyz/watson/roguereddwarf)
    

Blackthorn, Cantina, and TrustSec researchers also audited Midnight beforehand, having a strong understanding of Tenor's main dependency.

### AI-Assisted Reviews

Alongside traditional security reviews, Tenor's smart contracts and SDK were analyzed using cutting-edge AI-powered security tools, including Cantina APEX, Zero Cool, and Octane Security.

### Ongoing Monitoring & Bug Bounty

Tenor is launching a bug bounty program with [Sherlock](https://docs.tenor.finance/security/bug-bounty), offering up to $200,000 for critical findings disclosed responsibly. Tenor also uses [Blockaid](https://docs.tenor.finance/security/monitoring) to monitor onchain activity to flag abnormal activity.

Special thanks
--------------

We're grateful to every team that helped us get here: the researchers at Blackthorn, Cantina, Guardian, Obsidian, and TrustSec, as well as Alex Zoid. Also, thank you to the Morpho protocol team for their support.

Tenor is launching (very) shortly. For those interested you can find the smart contract repository [here](https://github.com/tenor-labs/tenor-contracts) and our security documentation [here](https://docs.tenor.finance/security/).

---

*Originally published on [Tenor](https://blog.tenor.finance/tenor-approach-to-security)*
