Perfolio is a gold-backed lending platform. You buy gold (XAUT, where each token equals exactly 1 ounce of real physical gold stored in Swiss vaults), then borrow digital dollars (USDT, each worth exactly $1, convertible to your local currency) against your gold. No credit checks needed. No monthly EMI payments. No repayment deadlines. Your gold stays yours throughout. When you repay the loan, you get your gold back. It works like a modern digital gold pawn shop, but without the middleman, the paperwork, or the fees.

Gold (XAUT) is a digital gold token issued by Tether (the same company behind USDT stablecoins). Each gold token (XAUT) represents exactly 1 troy ounce of real physical gold, stored in LBMA-certified vaults in Switzerland. The gold reserves are independently audited every quarter by BDO Italia. Unlike gold ETFs, gold (XAUT) is redeemable for actual physical gold bars. Think of it as a digital certificate of ownership for gold in a vault: you own the gold, XAUT is your proof.

How does borrowing work?

Borrowing on Perfolio works in four simple steps. First, you buy gold (XAUT tokens) through the Perfolio app using your bank transfer or existing digital dollars (USDT). Second, you deposit your gold (XAUT) into the lending vault; think of this as locking your gold as security. Third, you receive digital dollars (USDT, worth $1 each) instantly, up to 77% of your gold's value. Fourth, you convert those digital dollars to your local currency (Indian Rupees, UAE Dirhams, Euros, etc.) and withdraw to your bank account. Your gold remains safely locked in the vault throughout. When you repay the loan, your gold is returned to you.

What interest rate will I pay?

Perfolio charges a variable interest rate starting from approximately 3% per year (APR, or Annual Percentage Rate). This means if you borrow $1,000 for a full year, you would pay about $30 in interest. The rate is not fixed; it goes up or down based on supply and demand in the lending market. You can see your current rate at any time in your Perfolio dashboard. There are no fixed monthly payments; interest accrues daily on whatever amount you have borrowed.

Are there repayment deadlines?

No. There are no repayment deadlines, no EMIs (equated monthly installments), and no fixed repayment schedule. You repay on your own terms, partially or fully, whenever you choose. You could repay after one week, one month, or one year. The only ongoing cost is interest, which accrues daily on your outstanding loan balance. Your gold collateral is returned to you as soon as the full loan amount plus accrued interest is repaid.

Where is my gold stored?

Your gold (XAUT tokens) represents physical gold bars stored in LBMA-certified (London Bullion Market Association) vaults in Switzerland. These are professional-grade precious metals storage facilities, the same standard used by central banks and institutional investors. The gold is fully insured. Tether, the issuer of XAUT, publishes independently audited reserve reports every quarter, conducted by BDO Italia, confirming that every gold token (XAUT) in circulation is backed by a real ounce of physical gold.

What fees does Perfolio charge?

Perfolio charges interest only on the amount you have borrowed, nothing else. There are no origination fees (fees for creating the loan), no account maintenance fees, no deposit fees, no withdrawal fees, and no hidden charges of any kind. You pay interest daily on your outstanding loan balance at the variable market rate, which starts from approximately 3% APR. If you borrow $1,000 for 30 days at 3% APR, you pay roughly $2.50 in total interest.

Is the lending protocol secure?

Perfolio uses an independently audited smart contract as its lending infrastructure. It is a non-custodial lending protocol deployed on Ethereum, one of the most widely used and tested blockchain networks in the world. Non-custodial means no single company (including Perfolio) can access or freeze your funds. The protocol has been independently audited by multiple leading security firms and handles billions of dollars in assets. All transactions are recorded publicly on the Ethereum blockchain, meaning you can verify every deposit, loan, and repayment yourself.

Is Perfolio a cryptocurrency app?

No. Perfolio is a gold lending platform that uses blockchain technology under the hood, similar to how Uber uses GPS technology, but you don't need to understand GPS to take a ride. You interact with gold and money, not with cryptocurrency. The blockchain ensures your transactions are transparent, secure, and instant.

What is USDT and how do I use it?

USDT (Tether USD) is a digital currency worth exactly $1. Think of it as digital dollars that you can send anywhere instantly. When you borrow on Perfolio, you receive USDT. You can then convert USDT to your local currency (Indian Rupees, UAE Dirhams, Euros, British Pounds, and more) through Perfolio's licensed payment provider and withdraw to your bank account.

What does 'digital gold' mean?

Digital gold means you own a token that represents real physical gold stored in a vault. Instead of keeping gold bars at home or in a bank locker, you hold a digital certificate (XAUT token) that proves you own that gold. The advantage: you can buy fractional amounts (as little as $10 worth), trade 24/7, and use your gold as collateral for instant loans. These are things you can't do with physical gold.

How does the lending technology work?

Perfolio's loans are powered by an audited smart contract, which is automated banking software that runs on the Ethereum blockchain. Instead of a bank officer processing your loan (which takes days and involves paperwork), the smart contract processes it in seconds with no human intervention. The protocol has been independently audited by multiple leading security firms and handles billions of dollars in loans.

What is LTV (Loan-to-Value)?

LTV stands for Loan-to-Value ratio. It's how much you can borrow relative to your gold's value. Perfolio allows up to 77% LTV. Example: if your gold is worth $10,000, you can borrow up to $7,700. The remaining $2,300 acts as a safety buffer in case gold price drops. A lower LTV means a safer position.

What happens if gold price drops while I have a loan?

If gold price drops significantly, your loan may become under-collateralized (meaning your gold is no longer worth enough to back your loan). In this case, the lending protocol may automatically sell some of your gold to repay part of the loan. This is called liquidation. Perfolio shows your 'health factor' in real-time so you can take action before this happens: either add more gold collateral or repay part of your loan.

Do I need to understand blockchain or crypto to use Perfolio?

Not at all. Perfolio is designed for people who want to use gold as a financial tool, not for crypto experts. You buy gold, you borrow money, you repay when you want. The blockchain technology works in the background to make everything faster, cheaper, and more transparent, but you never need to interact with it directly.

Smart Contract Risk in Gold Lending: How Audits Work

Smart contract risk is the chance that a bug or design flaw in the code running a lending protocol will cause you to lose funds. The risk is real: attackers have stolen more than $1 billion from DeFi protocols via smart contract exploits. But it is manageable if you know how to read an audit report, what red flags to avoid, and which safeguards to demand before you deposit a single ounce of gold.

What Is Smart Contract Risk?

When you use a borrowing vault to collateralise your gold (XAUT) and borrow digital dollars (USDT), you are not dealing with a human loan officer. You are interacting with an automated lending contract (smart contract): a program deployed permanently to the Ethereum blockchain that enforces the rules of your loan automatically.

Because smart contracts execute exactly what the code says, any flaw becomes a flaw in the financial system. Unlike traditional software, a smart contract cannot be patched silently after deployment. Every change requires a new transaction visible to the public, and in the meantime any vulnerability is potentially exploitable by anyone in the world. That combination of immutability, public visibility, and real financial value makes smart contract security a discipline of its own.

Smart contract risk covers three broad categories: coding bugs that allow unintended outcomes; economic design flaws where incentive structures can be gamed even if the code runs perfectly; and dependency risk, where vulnerabilities exist in external components the contract relies on, such as price oracles or governance modules. A comprehensive security programme addresses all three.

What Are the Main Types of Smart Contract Bugs?

Understanding the common attack vectors helps you evaluate whether an audit has actually covered what matters.

Re-entrancy. A contract sends ETH to an external address before updating its own balance. A malicious recipient calls back into the contract before the update completes, draining funds in a loop. The 2016 DAO hack, which cost $60 million, is the canonical example.

Integer overflow and underflow. Early Solidity versions used fixed-size integers with no bounds checking. Adding 1 to the maximum value wrapped around to zero, letting attackers manufacture token balances. Solidity 0.8.0 (released 2020) made overflow checks automatic, but older contracts remain at risk if not patched.

Oracle manipulation. Most lending protocols rely on an external price feed to value your collateral. If an attacker can briefly distort that price using a flash loan, they can borrow more than the collateral justifies, then let the distortion reverse. Chainlink and other decentralised oracle networks reduce this risk but do not eliminate it entirely.

Governance attacks. Protocols governed by a token let large holders vote on system changes. An attacker who temporarily acquires a majority of governance tokens can push through a proposal that drains the treasury. Because voting windows typically run 24 to 48 hours, a well-resourced attacker with flash loan access can sometimes complete the attack within a single Ethereum block.

What Have Major Exploits Actually Cost?

Fortified digital smart contract with security shield protecting gold collateral — Smart contract risk is mitigated through formal audits, bug bounties, and non-upgradeable contract designs.

History is the best argument for taking smart contract security seriously.

The DAO (2016): $60 million drained via re-entrancy. Triggered the Ethereum hard fork that created Ethereum Classic.
Parity Multisig (2017): $300 million in ETH permanently frozen when a user accidentally triggered a self-destruct on a shared library contract. No theft, but complete and irreversible loss.
BadgerDAO (2021): Approximately $120 million stolen via a front-end compromise that injected malicious transaction approvals, bypassing the smart contracts and exploiting the user approval mechanism.
Ronin Network (2022): $625 million lost when attackers compromised private keys controlling the bridge's validator nodes. A key management failure that a thorough audit should flag as operational risk.
Wormhole (2022): $325 million exploited via a signature verification bug in the Solana side of the bridge. The attacker minted wrapped ETH without providing real ETH as backing.

Across these five events alone, over $1.4 billion in user funds were lost or frozen. Smart contract exploits are not a theoretical edge case; the DeFi ecosystem held approximately $180 billion at its 2021 peak, meaning exploit losses represent a material fraction of total value locked.

How Does a Smart Contract Audit Work?

A professional audit is a structured review of a protocol's source code by specialist security researchers. Reputable audit firms charge $50,000 to $500,000 for a full review, depending on codebase complexity. The process typically runs three to six weeks and combines four techniques.

Manual code review. Auditors read every line of Solidity and compare the implementation against the specification, looking for the bug classes above plus logic errors specific to the protocol's design. Manual review catches nuanced issues that automated tools miss.

Automated static analysis. Tools like Slither and MythX scan bytecode and source code for known vulnerability patterns in minutes, generating a starting list for human reviewers to triage.

Fuzzing. Auditors write property tests that bombard the contract with thousands of random inputs. If any input violates a property (for example, total borrows exceeding total deposits), the fuzzer reports a failing case. Echidna is the dominant Solidity fuzzing tool.

Formal verification. The most rigorous technique: auditors encode the intended behaviour as mathematical proofs and verify the code satisfies them under all possible inputs. Increasingly used for the core accounting logic of large protocols, though not economically justified for every module.

The audit firm publishes a report listing every issue found, categorised by severity: Critical, High, Medium, Low, and Informational. The protocol team addresses each finding and the firm issues a final report with remediation status.

Which Audit Firms Are Most Respected?

Not all auditors are equal. The industry has consolidated around a few firms with deep track records.

OpenZeppelin: Audited Aave, Compound, Uniswap, and dozens of other major protocols. Also maintains the most widely used library of secure Solidity primitives. Broadly considered a gold standard.
Trail of Bits: Deep expertise in formal verification and low-level analysis. Audited Aave, MakerDAO, and Chainlink. Known for rigorous manual review and finding novel vulnerability classes.
Halborn: Specialises in blockchain security with particular strength in Solana and cross-chain bridges. Has completed more than 500 security assessments across multiple chains.
ChainSecurity: Academic spin-out from ETH Zurich focused on formal verification. Audited Compound, PoolTogether, and others.
Quantstamp: One of the earliest dedicated blockchain security firms, with thousands of contract reviews and pioneering automated tooling.

Aave has been audited by Trail of Bits, OpenZeppelin, Peckshield, Certora, SigmaPrime, and others across its V1, V2, and V3 deployments. Compound has a similar roster. Multi-firm coverage is the benchmark for protocols handling billions in deposits.

How Do You Read an Audit Report?

Audit reports are public documents. Any serious protocol posts them to its documentation site or GitHub. Check these five things before committing funds.

Scope. Confirm the audit covered the exact code deployed on mainnet. Reports include a git commit hash. If the deployed contract hash does not match, the report does not apply.

Issue count and severity. Scan the summary table. How many Critical and High issues were found? One unresolved Critical finding should stop you from depositing.

Remediation status. For every Critical and High finding, confirm the status is "Resolved" or "Mitigated", not "Acknowledged" or "Open".

Number of firms. A single audit from a reputable firm is necessary but not sufficient. Two or more independent audits from different firms offer substantially better coverage: each firm brings different tools and mental models.

Date of most recent audit. Every upgrade, parameter change, or new module needs its own review. A two-year-old audit on a protocol with three major upgrades since then offers limited assurance.

What Protections Go Beyond Audits?

A mature protocol layers multiple defences on top of code review.

Bug bounties. Public programmes that pay independent researchers to find vulnerabilities in live code. Aave runs a bug bounty of over $1 million for critical findings; MakerDAO's programme pays up to $10 million. Large bounties attract elite researchers and create continuous review that no single audit can match.

Protocol insurance. Platforms like Nexus Mutual allow users to purchase cover against smart contract failure. Coverage costs roughly 2 to 5 percent of the insured amount per year. An active insurance market for a protocol is itself a positive signal: underwriters do their own risk assessment before offering cover.

Time-lock governance. A time-lock imposes a mandatory delay (most major protocols use 24 to 48 hours) between when a governance vote passes and when the change executes. This gives the community time to detect and respond to malicious proposals before harm occurs.

Multisig admin keys. Emergency pause functions and upgrade capabilities should require signatures from multiple independent parties (a 4-of-7 multisig is common), never a single key that could be compromised or misused.

How Do Audited Protocols Compare to Alternatives?

Feature	Well-Audited DeFi Protocol	Unaudited DeFi	Custodial CeFi (Celsius-style)	Traditional Bank
Code publicly verifiable	Yes	Yes	No	No
Independent security audit	Multiple firms	None	Partial / internal	Regulatory exam (not code audit)
Bug bounty programme	$1M+ typical	None	Rarely	Not applicable
Time-lock on upgrades	24-48 hours standard	Often none	Not applicable	Not applicable
On-chain transparency	Full: every transaction visible	Full	None	None
Deposit insurance	Optional (Nexus Mutual, etc.)	Rare	None (Celsius proved this)	Government-backed (FDIC/FSCS)
Counterparty custody risk	None (non-custodial)	None	High (CeFi holds your keys)	Low (regulated)
Historical exploit risk	Low to moderate	Very high	High (operational failure risk)	Very low

A well-audited DeFi protocol combines open-source transparency with layered security controls. Custodial CeFi platforms obscure their operations and offer no code-level guarantees, as the collapse of Celsius demonstrated when $4.7 billion in customer funds became inaccessible in 2022.

How Does Perfolio Approach Smart Contract Security?

Perfolio's borrowing vault integrates with audited Ethereum lending infrastructure rather than deploying novel, unreviewed contracts. The core lending logic you interact with when you take an XAUT loan has been reviewed by multiple independent security firms and has processed billions of dollars in loans over multiple years.

The how it works architecture deliberately avoids the riskiest category of smart contract exposure: novel, recently deployed, single-audited code. A protocol with three years of mainnet history and zero successful exploits has demonstrated something no audit alone can prove.

For gold-backed lending specifically, your gold (XAUT) is a liquid, exchange-traded asset with price feeds from multiple oracle sources. That high-quality collateral reduces the incentive for oracle manipulation attacks compared to protocols backed by illiquid or synthetic assets.

Red Flags to Watch for in 2026

With DeFi expanding rapidly and new lending protocols launching weekly, knowing what to avoid matters as much as knowing what to seek.

No audit at all. Any protocol handling significant user funds without an independent audit should be treated as experimental. "We are getting audited soon" is not a security posture.

Single audit from an unknown firm. A firm with no public track record charging $5,000 for a review that reputable firms price at $100,000 or more is producing a marketing document, not a security guarantee.

Outdated audit reports. If the most recent audit predates a major upgrade by six months or more, the report does not cover the deployed code. Always check the git commit hash against the verified source on Etherscan.

No bug bounty and no time-lock. A zero-dollar bounty gives researchers little reason to disclose vulnerabilities responsibly. No time-lock on governance means a successful attack can drain a protocol before anyone responds. Both are non-negotiable for a protocol worth trusting with your gold.

Frequently Asked Questions

Can a smart contract audit guarantee my funds are safe?

No audit can guarantee safety. Auditors review code at a point in time; they cannot predict every future interaction or upgrade. What multiple audits from reputable firms provide is a significantly reduced probability of the known vulnerability classes and independent verification that the code does what the specification says. Think of it as a thorough safety inspection, not a lifetime warranty.

How much does a professional smart contract audit cost?

Reputable audit firms charge $50,000 to $500,000 for a full engagement. A simple protocol may cost $30,000 to $80,000; a complex multi-contract system with formal verification requirements can exceed $500,000. A $5,000 quote for a full DeFi protocol review is a red flag.

What is the difference between an audit and a bug bounty?

An audit is a time-boxed engagement where a fixed team reviews code before or around deployment. A bug bounty is an ongoing programme paying independent researchers for vulnerabilities found after launch. The two are complementary. Aave's $1 million bounty and MakerDAO's $10 million bounty attract some of the best security talent in the industry on a continuous basis.

What is a time-lock and why does it matter?

A time-lock imposes a mandatory delay (typically 24 to 48 hours) between when a governance vote passes and when the change executes on-chain. This prevents attackers who temporarily acquire governance control from immediately draining funds, and gives the community time to respond to malicious proposals before they cause harm.

What is oracle manipulation and how does it affect gold lending?

Oracle manipulation distorts the price feed a protocol uses to value collateral. For gold-backed lending, the risk is lower than for illiquid assets because XAUT trades on multiple deep markets and Chainlink's gold feed aggregates dozens of sources. Moving all of those markets simultaneously is economically prohibitive at current liquidity levels.

Is DeFi lending safer than keeping gold on a centralised exchange?

They carry different risk profiles. Non-custodial DeFi concentrates risk in the code; centralised custody concentrates it in a company's solvency and honesty. The Celsius and FTX collapses showed custodial risk can be catastrophic and opaque, while smart contract risk is at least publicly auditable. Read non-custodial vs custodial gold lending for a full comparison.

Where can I find audit reports for a DeFi protocol?

Most reputable protocols publish reports in their official documentation or in a dedicated security section of their GitHub repository. Aave's audits from Trail of Bits, OpenZeppelin, Certora, and others are publicly available in the Aave GitHub organisation. If you cannot find reports after a short search, that absence is itself a warning sign.

How is Perfolio's lending vault different from an unaudited DeFi protocol?

Perfolio integrates with established, audited Ethereum lending infrastructure rather than deploying novel smart contracts. The core lending logic has been reviewed by multiple security firms and has processed billions of dollars in production. Explore the details on the borrowing vault page, or start with the DeFi lending explained guide for background.