Diligence Verdict

In terms of code security, we deem the Convex project safe to use given that it applies the latest security principles and has a very strict layer of access control applied across all publicly available functions of the project. A large portion of the codebase is based on battle-tested contract code, such as that of SushiSwap, and as such is expected to be safe to use.

With regards to centralization, we believe that the Convex team can enhance their operational security by firstly strengthening the thresholds in their Gnosis multi-signature wallet implementation and lastly by correcting the role assignments in a portion of their deployed contracts as we believe them to currently be improperly assigned.

The tokenomics of the Convex Finance system indicate that while it should be part of a diversified portfolio there are better alternatives to it when it comes to yield farming with better risk-adjusted rewards. Additionally, if Convex needs to be part of the portfolio it should be done so with care based on the recommendations outlined in the tokenomic analysis.