Neutrl Protocol - Risk Assessment by BA Labs
Executive Summary
BA Labs proposes moving Neutrl protocol as a yield source to a SIP stage within strictly Higher-Risk fleet with conservative parameters due to high counterparty and operation risk. While a firm backing transparency/verifiability (independent, zk proof of solvency) and good-grade custody solutions and security measures of the protocol are present BA Labs believes it’s crucial to acknowledge that this ARK would fall under the most risky collaterals currently available within SummerFi protocol considering the closed nature of OTC deals and the execution/operation risks involved.
TLDR: Neutrl is a protocol behind a synthetic yield-bearing dollar asset called NUSD which uses stablecoins deposited into the system to generate yield through basis arbitrage, OTC carry, and on-chain reference yield pools. The dev team, Neutrl Labs, is a Panama-based company with Behrin Naidoo as CEO (background in finance and institutional investing).
The Neutrl Labs, as per publicly available information, has raised $5m seed funding (in 2025) from investors including STIX, Accomplice, Amber Group, SCB Limited, Figment Capital and Nascent, indicating it is an independent venture backed by crypto-focused venture capital. The protocol currently stands at $206m, while launching publicly on November 10, 2025 (predeposits were opened earlier, in October, 2025).
NUSD codebase has undergone 3 different audits, all done in 2025, coming from Spearbit and Sherlock with no critical or high risk issues found. The protocol has had no major exploits or loss of funds since launching in October 2025 (NUSD token deployment on Oct 3, 2025).
While having a verifiable backing powered by Accountable’s Data Verification Network and extensive auditing of onchain components of the protocol, which we find as a crucial segment of risk assessment, we note that Neutrl protocol comes with non-negligible counterparty, operational/management, and liquidity risks, as main ones, with the former ones being tied to offchain operations lacking formal type of the assessment.
Based on these points, we deem Neutrl as a suitable ARK for Higher-Risk Fleets only, with conservative risk parameters put in place.
Protocol Integrity & Security Assessment
This section evaluates the trustworthiness and robustness of the protocol by examining its operational, developmental, and security foundations.
Team, Backers, & History
The core development team behind the Cap Protocol operates under Neutrl Labs.
- CEO: https://x.com/behrin
- Marketing: https://x.com/0xTAY_
- The broader team is not fully public, while Neutrl team claims the core team includes two 15+ year London career bankers and a 9 figure retired hedge fund manager as an advisor.
Note: The team is actively hiring (remote) quantitative researchers, trades, and trading infra/systems engineers.
Track Record & Experience:
- Founder & CEO: Behrin Naidoo — Founder and CEO of Neutrl Labs. Behrin has over a decade of experience in finance, banking, and digital assets and leads the protocol’s strategic vision to democratize institutional-grade delta-neutral yield strategies in DeFi..
- @0xTAY_: responsible for marketing, communications, and ecosystem engagement for the Neutrl protocol.
Most of the information related to the Neutrl’s trading infrastructure and team is not currently publicly available.
Here we’d also note that the operations of their trading team do not have significant history of actions to be relied upon any risk decision as of now, hence BA Labs deems it as low-lindiness simply due to the fact of < 3 month operational time.
Funding & Venture Capital
- As of April 2025, Neutrl Labs raised $5 million in funding to build its yield-bearing stablecoin engine.
- The seed round was led by STIX and Accomplice, with participation from Amber Group, SCB Limited, Figment Capital, and Nascent, as well as angel investors including Ethena founder Guy Young, derivatives trader Joshua Lim (Arbelos Markets), Steven Shi of Ethena, DCF Capital, and Flood (Insilico Trading).
Protocol Longevity
- The protocol officially launched in October 2025.
- The protocol had undergone multiple audits in July-September 2025.
- On the integration side, NUSD is integrated on the Pendle platform for yield-trading opportunities, and Curve protocol as the main DEX for NUSD liquidity. As of now, no NUSD or its derivatives were identified with collateral usage among DeFi protocols.
- TVL: Currently, NUSD TVL sits at about $226m, while being bootstrapped with a pre-deposit phase with ~$120m initially.
- Neutrl claims: “Neutrl follows a rigorous vetting and due diligence process for every DeFi protocol we interact with. Any protocol exposure included within our strategy undergoes a comprehensive risk assessment prior to deployment”.
Security Audits & Exploit History
The protocol has undergone three comprehensive security audits conducted by reputable blockchain security firms - Spearbit and Sherlock, between July and September 2025, followed by one follow-up assessment of minor changes by Spearbit.
Completed Audits
1. Spearbit Security Audit
Report Date: August 4, 2025
Lead Auditors: 0xRajeev, Kurt Barry, Chinmay Farkya
Firm Reputation:
Spearbit is a well-regarded Web3 security and smart contract auditing firm, distinguished by its decentralized audit model and curated network of specialist security researchers. Founded in 2021, the firm raised $7 million in 2023, bringing total funding to approximately $8.5 million, with backing from notable investors including Framework Ventures, Nascent, 1kx, Volt Capital, Breed VC, and Robot Ventures—reflecting strong confidence in its marketplace-driven security approach.
Spearbit has conducted security reviews for major Web3 protocols across multiple ecosystems, and its Cantina platform further expands audit depth by engaging top researchers through competitive review processes. The firm is frequently referenced alongside other leading auditors and is trusted by teams building on prominent blockchains, earning a reputation for targeted, high-signal security assessments rather than generic, checklist-based audits.
Key Findings:
The audit identified no critical or high risk vulnerabilities.
2. Spearbit Cantina Audit
Report Date: July 17, 2025
Lead Auditors: Anurag Jain, Ladboy233
Cantina:
Cantina is a security services marketplace that connects top security researchers and solutions with clients.
Key Findings:
The audit identified no critical or high risk vulnerabilities.
3. Sherlock Competitive Audit
Report Date: August 24, 2025
Lead Auditors: xiaoming90
Firm Reputation:
Sherlock is a well-established competitive audit platform with a strong track record in DeFi security. The bug bounty format incentivizes comprehensive coverage and creative attack vectors, while the participation of 29 researchers provides exceptional analytical breadth.
Key Findings:
The audit identified no critical or high risk vulnerabilities.
4. Spearbit follow-up Review
Report Date: September 11, 2025
Lead Auditors: Kurt Barry
Firm Reputation: Stated above.
Key Findings:
The review identified no critical or high risk vulnerabilities.
Governance Model
Smart contracts implement all core logic (minting, redemption, yield allocation, locking duration periods, etc.), as seen in the next section. This implies non governance voting per se at this stage of protocol development, similarly to the approach Ethena had initially, governance-wise.
Based on the information provided in the official documentation, the team plans to introduce a transparent governance model for onchain voting for certain parameters, those including max exposure per exchange venue or type of position, buffer ratios, etc., with “emergency escalation paths for rapid response in adverse scenarios”.
Here we’d note having a (public acting) Risk Committee for such higher-level decisions, such as Reserve Fund capitalization (none present as of now in Neutrl), NUSD allocation caps per collaterals and strategy types, exchange venue shares/limits, would result in reducing centralization/counterpary risk from the perspective of underwriting NUSD, as the status quo implies all actions done under the discretion of the Neutrl team, requiring full trust.
The access control is done via dedicated roles (related to parameter changes), while the key contracts are immutable.
Smart Contract Architecture (Upgradeability & Admin Control)
Neutrl protocol demonstrates a mixed upgradeability architecture with both upgradeable and immutable components. The system involves multiple admin roles with significant control over critical protocol parameters and user funds.
The core smart contracts of the Neutrl protocol provide 2 main functionalities - mint and redeem. The NUSD minting and redemption system employs a modular architecture centered on Router as the primary interface (non-upgradeable) .Specialized Minter and Redeemer contracts (not upgradable) handle asset-specific logic, while the AssetReserve contract (non-upgradable) is used for securing assets (from which designated custodian wallets can settle assets offchain for trading execution).
- Control over Upgrades and Parameters
The protocol implements OpenZeppelin’s AccessControl pattern with multiple privileged roles.
DEFAULT_ADMIN_ROLE:
- Critical Power: Can manage all other roles and perform high-privilege operations
- Key Risk: The admin can indirectly extract value from the system through functions like redistributeLockedAmount(), which allows moving locked amounts to admin-controlled addresses to receive sNUSD
- Mitigation Gap: While recoverToken() prevents direct NUSD extraction, alternative paths exist for admin value extraction
FULL_RESTRICTED_STAKER_ROLE (Blacklist Function):
- Purpose: Blacklists suspicious users to restrict their access
- Critical Vulnerability Identified: Blacklisted users can bypass restrictions if they initiated cooldownAssets/cooldownShares before blacklisting
- Attack Vector: User calls cooldown → Gets blacklisted → After cooldown period, calls unstake() which doesn’t verify blacklist status → Successfully withdraws funds
- Impact: Security control can be bypassed through timing manipulation
Redeem Whitelist:
- Admin controls who can redeem NUSD for backing assets
- Currently limited to KYC/KYB approved counterparties
- Creates dependency on admin actions for user exits
Other admin-controlled parameters include:
- Cooldown duration for sNUSD (sNUSD)
- Vesting period (sNUSD)
- Custodian address setting (AssetReserve)
- Mint/Redemption limits (maxRedeemPerBlock, maxMintPerBlock)
Economic & Strategic Risk Analysis
This section analyzes the financial products offered by the protocol, the inherent economic risks of using them, and the market conditions that could impact user positions.
Core Financial Primitives
Neutral’s trading protocol utillizes stablecoins deposited into the system to generate yield through basis arbitrage, OTC carry, and on-chain reference yield pools. The main value proposition and long-term focus of Neutrl is to capture the OTC arb yield (buying tokens at discount via OTC desks, hedging via derivatives, and potentially capturing funding as well), while the NUSD exposure is mostly in liquid stables (~96.3%), with OTC accounting for only 1.8% ($4.2m).
- NUSD is a synthetic asset aiming to keep market-neutrality and to follow the USD by tapping into new yield opportunities in OTC and altcoin markets. NUSD holders do not receive any yield (if not staked, nor locked).
- sNUSD is a staked version of NUSD token, representing a yield-bearing asset with yield reflected as price appreciation relative to the underlying (NUSD).
Neutrl also executes delta-neutral positions as part of their yield strategies. Example of NUSD allocation from documentation:
NUSD collateralization (Transparency/Verifiability)
Current supply of NUSD token stands at ~$226m, while ~70% ($158.7m) of that is being staked in the form of sNUSD. This represents an ATH in staking ratio since deployment.
All NUSD supply is minted on Ethereum Mainnet, with USDC, USDT, and USDe as eligible deposit tokens. Currently NUSD minting is via a permissionless process, while it can also be bought on the secondary markets.
NUSD token is overcollateralized by having 103.6% CR ($226m NUSD supply with $233.7m in protocol reserves), with over 87% of the reserves (~$204m) custodied via Fireblocks, while the remaining mostly sitting on CEXs like Bybit ($7.1m) and Hyperliquid ($1.7m).
We note that NUSD backing is verifiable via Accountable’s Data Verification Network (DVN), including independent proof of solvency. The dashboard allows anyone to verify that every NUSD in circulation is fully backed by verifiable assets by leveraging zero-knowledge attestations to confirm balances directly from custodians, exchanges, and smart contracts.
While we find it encouraging (being able to verify the collateralization, delta-neutrality, types of positions being managed, and not rely on self-reported data), we note that the risks related to counterparties, CEXs, ADLs, redemptions still persist in those types of assets and are non-negligible.
Operational and counterparty risks being at the forefront, alongside ADL risks which have shown to potentially leave multiple projects running DN strategies on CEXs vulnerable due to unpredictable events like general uncertainty on the market resulting in MMs massively pulling their inventory out of precaution, leaving CEXs with no other option than to force-close open positions, potentially resulting in losses for some actors due to breaking the delta-neutrality of their strategies (e.g. by closing the short-side of the position(s)). Considering Neutrl’s plans to execute both DN strategies and OTC strategies, the hedging risk can be applied to all the mentioned strategies except funds kept idle for redemptions.
Counterparty Risk Mitigations
- Exchange Risk: Off Exchange Settlement (OES) Solutions
Counterparty exposure to centralized exchanges represents a material risk for delta-neutral and basis arbitrage strategies, particularly under stress scenarios involving exchange insolvency, security breaches, or operational disruptions. Neutrl mitigates this risk by materially limiting hot-wallet exposure and employing Off-Exchange Settlement (OES) arrangements through established third-party custodians.
Custody and Settlement Controls:
Neutrl utilizes OES solutions provided by Fireblocks, Copper, and CEFFU, under which assets remain under independent, segregated custody while still being eligible for trading on centralized venues. These structures allow collateral posting and trade settlement to occur directly from custodian-controlled accounts, thereby reducing direct balance exposure to exchange wallets.
Operational Risk Mitigation:
Capital is transferred to exchanges only at the point of trade execution, with idle funds retained in cold or otherwise segregated custody. This workflow limits the duration and magnitude of exchange exposure, materially reducing loss severity in adverse exchange-level events.
- OTC/SAFT Risk: Smart Contract Vesting and Custodial Escrow
OTC and SAFT transactions introduce counterparty and settlement risk, particularly where token delivery is deferred or contingent on future events. Neutrl mitigates these risks through a combination of on-chain controls, third-party custody arrangements, and contractual safeguards.
On-Chain Vesting Mechanisms:
Where feasible, Neutrl requires discounted token allocations or SAFT settlements to be implemented via audited smart contract vesting structures. These contracts enforce predetermined release schedules through immutable code, materially reducing reliance on manual processes and limiting counterparty discretion, thereby mitigating non-delivery and operational risk.
Custodial Escrow Arrangements:
In cases where smart contract vesting is impractical, Neutrl mandates escrow through qualified institutional custodians such as BitGo, Anchorage, and CEFFU. Under these arrangements, assets remain under independent custody and are released strictly in accordance with predefined vesting or settlement terms, providing an additional layer of operational and legal protection.
Counterparty Due Diligence and Legal Structuring:
All OTC and SAFT counterparties are subject to comprehensive KYC, financial, and reputational due diligence. Transactions are governed by enforceable legal agreements designed to establish clear settlement obligations and provide recourse in the event of default, dispute, or non-performance.
NUSD and sNUSD Locking
To further increase the capital allocated to longer terms thus reducing the risks of forced selling, mainly referring to OTC deals, Neutrl allows for locking of deposits while offering higher returns.
Users can lock NUSD and/or sNUSD for 6, 9, or 12 months for boosted rewards and points.
As of now, ~$71.8m is locked in total (32%), while noting that both NUSD and sNUSD are lockable.
NUSD Redemptions
Redeeming NUSD is available only to approved KYB/KYC counterparties for backing assets (USDC, USDT, USDe) at a 1:1 USD value basis.
The protocol employs a dynamic liquidity management system through the AssetReserve contract. The AssetReserve maintains a dynamically calibrated liquid buffer designed to serve immediate redemption requests. When the requested redemption amount falls within the available buffer capacity, transactions are processed instantly with no delays.
Aside from instant redemption, for redemption requests exceeding the current liquid buffer, the protocol generates a redemption request and adds it to the processing queue aimed to be processed within 48h, with no guarantees.
Note: All the above is relevant to SummerFi only if SummerFi-related addresses are to be approved for redemption (KYC/KYB-ed).
sNUSD Unstaking
We note that sNUSD has a 30-day unstake window during which stakers earn no rewards. The cooldown period ensures that there is enough time to unwind the collateral to meet the redemption.
Market & Liquidity Analysis
As for secondary markets, the biggest NUSD pool is a Curve NUSD/USDC pool with $5.2m in TVL at the moment and almost perfect 54% & 46% token shares, allowing for 2.3m of NUSD to be exchanged for USDC within 2% slippage window.
We acknowledge that sNUSD liquidity is almost non-present on DEXs, implying a mandatory unstaking window set by Neutrl during the redemption process.
