Proposal to Fund Global Junior Tranche Security Audit

1

1. Proposal Summary

This proposal requests 27,000 DOLA from the DAO treasury to fund a professional security audit of the Junior Tranche system by Sherlock. The Junior Tranche represents critical infrastructure for DOLA solvency protection, and given the expected TVL, a thorough security review is essential before deployment. An official launch proposal will follow post-audit.

2. Background

The Need for Global Junior Tranche

As Inverse Finance scales its lending operations through FiRM and expands DOLA infrastructure, the protocol faces increasing exposure to bad debt risk. Currently, all bad debt events are absorbed directly into DOLA backing, creating a concentration of risk that limits scalable growth potential.

The Junior Tranche introduces a market-driven insurance layer where users deposit DOLA to earn DBR rewards while absorbing losses before they impact core protocol reserves. This mechanism:

  • Protects DOLA solvency by providing first-loss capital

  • Enables protocol scaling with reduced systemic risk

  • Creates a new yield-bearing product (name TBD) for DOLA holders

  • Establishes a permissionless, automated bad debt resolution system

Development Status

The Global Junior Tranche codebase has undergone extensive internal development and review since July 2025:

  • Core architecture finalized (global pool covering all FiRM markets)

  • Smart contracts implemented with modular design for future expansion

  • Internal testing completed with multiple review rounds

  • Code incorporates learnings from Aave Umbrella and sDOLA implementations

The system is feature-complete and ready for professional security assessment.

3. Project Details

Selected Auditors

Sherlock has assigned two lead auditors specifically matched to scope’s risk profile:

Hash (Vault & Math Specialist)

  • ERC4626 expert with proven track record on accounting corruption and reentrancy issues

  • Specialized experience with slashing-sensitive systems and bad debt scenarios

  • Audited similar auction systems (Olympus RBS, Axis Finance) and vault mechanics

  • Profile: https://audits.sherlock.xyz/watson/hash

Obsidian (Juaan + Spearmint)

  • Deep expertise in Compound-style lending, yield systems, and AMM mathematics

  • Track record identifying yield misallocation, withdrawal DoS, and rounding vulnerabilities

  • Experience with oracle integration and complex fee/reward distribution systems

  • Profile: https://audits.sherlock.xyz/watson/Obsidian

These auditors bring complementary expertise covering all critical aspects of the Junior Tranche system.

Sherlock Shield Coverage

In addition to the audit itself, Sherlock provides post-launch security coverage through Sherlock Shield, offering up to $500,000 in exploit coverage for vulnerabilities discovered in production. This coverage:

  • Activates immediately upon audit completion and continues for the first month post-deployment with options to extend based on a subscription model

  • Coverage amount scales inversely with vulnerabilities found during audit (fewer findings = higher coverage, up to the $500K maximum)

  • Provides additional financial protection during the critical early deployment phase

  • Demonstrates Sherlock’s confidence in their audit quality by putting capital at risk

This additional layer of protection is particularly valuable for the Junior Tranche given its role as DOLA’s solvency backstop. The Shield coverage will help protect depositors and the protocol during the initial launch period before extensive battle-testing has occurred.

4. On-Chain Actions

Action 1: Approve 154,360 DOLA Allowance (+27,000 on top of existing allowance granted for ongoing Monolith audits) to the Bug Bounty Program Multisig