Audits
NestJs Backend & Session Key Smart Contracts
The backend that handles all rebalancing between your DeFi positions, the executor module and the target registry has been audited by Sherlock in December 2025.
| Name | Audit Report |
|---|---|
| NestJs Backend & Session Key Smart Contracts | Report - 20.12.2025 |
Smart Account
Regarding smart account deployment, Zyfai Smart Accounts product are build using Rhinestone, leveraging SmartSession, Safe7579 and Core modules.
| Name | Audit Report | Contract Repository |
|---|---|---|
| Smart Session | Report - 25.12.2024 | Repository |
| Safe7579 | Report - 5.07.2024 | Repository |
| Core modules | Report - 3.10.2024 | Repository |
All rhinestone audits are stored here.
Paymaster
Under the hood, to ensure you enjoy the best gasless experiences, we utilize the Pimlico paymaster for specific transactions. This facilitates gasless transactions for any on-chain actions associated with Smart Accounts, including Deposits, Withdrawals, Swaps, etc.
| Name | Audit Report | |
|---|---|---|
| Pimlico ERC20 Paymaster | Report - 28.03.2024 |
RZFI
rZFI is the reward token contract used to incentivize users to deposit into the Zyfai protocol and create their own agents. It is a fork of the evk-periphery repository from Euler Finance, which has been in use since this governance proposal.
| Name | Audit Report |
|---|---|
| rZFI | Report - 06.07.2025 |