Critical or high findings
+Internal audit summary reports no critical or high severity findings.
+Internal audit summary reports no critical or high severity findings.
+Three medium and two low findings are listed with resolution commits.
+The roadmap targets an external audit before mainnet launch.
+| ID | +Severity | +Finding | +Resolution | +
|---|---|---|---|
| {finding.id} | +{finding.severity} | +{finding.title} | +{finding.resolution} | +
+ YieldLadder keeps review notes and bounty scope in the public repository so users can inspect the protocol status before interacting with contracts. +
+Default view shows testnet contract identifiers from the deployment manifest.
+| Contract | +Address | +Role | +Explorer | +
|---|---|---|---|
| {contract.name} | ++ {contract.address} + | +{contract.role} | +
+ {network === 'testnet' ? (
+ |
+
Testnet deployment slots are reserved in the manifest and should be verified on Stellar Expert when concrete contract IDs are published.
+Mainnet deployment remains pending until audit, formal verification, and final launch controls are complete.
+{eyebrow}
+{lead}
+Choose a vault tier, connect a Stellar wallet, and deposit USDC into the non-custodial Soroban contracts.
+Each deposit mints internal accounting shares. Longer lock tiers receive a higher multiplier and therefore a larger claim on harvested yield.
+Harvests realize trading-fee yield from the underlying Stellar AMM strategy and compound it back into vault accounting.
+A 100 USDC Flex deposit uses a 1.00x multiplier, so it receives 100 share units.
+A 100 USDC 12-month deposit uses a 1.40x multiplier, so it receives 140 share units.
++ If a harvest distributes 24 USDC across 240 total share units, the Flex position receives 10 USDC and the 12-month position receives 14 USDC. Both deposited the same principal, but the longer lock receives the larger yield allocation because it contributed more weighted shares. +
+Harvesting costs time and network fees. A small 10 bps bounty gives any keeper a reason to execute harvests promptly instead of relying on a single operator.
+Locked tiers can include an early-exit fee. The fee is redistributed by the protocol rules instead of becoming a discretionary protocol revenue stream.
+Contracts are not marked as mainnet deployed in the repository manifest. Users should treat YieldLadder as pre-launch until final deployment addresses and audit outcomes are published.
+Mainnet readiness depends on verified contract deployment, external review, and clear risk communication for depositors.
+