01
$340M
TVL operated
Lending markets
Collateral management, interest-rate models, liquidation engines, oracle integration. Risk parameters calibrated against historical stress, with explicit caps and circuit breakers.
Loading…
Blockchain & Web3 · MESH
DeFi Platforms.
AMMs, lending markets, yield strategies, perpetuals, and treasury tooling — engineered with risk-parameter discipline, oracle design that survives stress, and the operational rigor that turns a protocol into a system institutions can hold against their own mandates.
- Practice
- Blockchain & Web3
- Department
- MESH
The problem
DeFi protocols fail at oracle stress, risk parameters, and governance — not at the smart-contract layer.
Post-mortems across DeFi exploits and depeggings consistently surface non-contract failure modes: oracle prices manipulated under low liquidity; risk parameters set during a calm market that broke under volatility; governance designs that looked decentralized but routed through one multisig; emergency pauses that didn't pause what mattered. The smart contracts in most cases worked exactly as written — the architecture around them didn't.
We engineer DeFi protocols against those failure modes. Oracle design that handles extreme conditions, risk parameters calibrated against historical stress, governance and admin patterns that don't centralize through omission, and operating discipline (monitoring, on-call, runbook) that survives a hostile night. Architecture decisions documented in writing, audits scoped to the right code at the right phase, and the institutional-grade discipline regulated markets require.
Where it ships
5 use cases, in production.
Specific applications we’ve built and operated. Not speculative — every example below is grounded in a real shipped engagement.
- 02
AMMs and concentrated liquidity
Constant-product, constant-sum, stable-swap, and concentrated-liquidity pools. Hooks / plugins for fee customization, MEV-aware design, and gas-efficient routing.
- 03
Yield strategies
Vault architectures, strategy contracts with explicit risk envelopes, withdrawal queues, and the operational tooling treasury teams actually need.
- 04
Perpetuals and derivatives
Funding-rate design, liquidation engines, insurance fund mechanics, and the off-chain order-book / matching engine where the workload demands one.
- 05
Treasury and governance
Multisig + timelock governance, snapshot integration, on-chain treasury management, and operational tooling for proposal lifecycle and treasury reporting.
How we engage
4 phases, named in the SOW.
Each phase has a deliverable, an owner, and an acceptance criterion. Not slogans — operating rules.
- 01
Threat model and parameter design
Discovery starts with stress scenarios: liquidity crunches, oracle manipulation, governance attacks. Risk parameters calibrated against historical stress, not against optimistic backtests. Trust assumptions and admin patterns documented up front.
- 02
Engineering with adversarial discipline
Foundry-based development with property-based fuzzing, invariant testing, differential harnesses against reference implementations. Static analysis (Slither, Mythril) in CI. Tests model the failure modes the post-mortem corpus has documented.
- 03
External audits and formal verification
Multiple external audits before mainnet for protocols with material TVL. Formal verification of critical invariants (Certora, Halmos) for the properties whose violation would be catastrophic. Audit reports shipped alongside the contract.
- 04
Operating discipline post-launch
Monitoring on critical invariants, on-call rotation, incident-response runbook, and a pause-and-upgrade plan. Most engagements continue under Managed Services for ongoing parameter tuning, oracle monitoring, and quarterly architectural review.
Capabilities
What’s in scope.
- Lending markets, AMMs, yield strategies, perpetuals, treasury
- Risk parameter design and stress testing against historical data
- Oracle design: Chainlink, Pyth, on-chain TWAPs, custom aggregation
- MEV-aware design: commit-reveal, batched matching, private order flow
- Governance architectures: multisig + timelock, snapshot integration
- Off-chain components: indexers, relayers, matching engines
- Operating runbooks: monitoring, on-call, parameter tuning, audits
Stack
Tools we use in production.
- Smart contracts
- SolidityVyperFoundryHardhat
- Oracles
- ChainlinkPythChronicleRedStoneTWAPs
- MEV protection
- MEV-ShareMEV-BlockerFlashbots ProtectCowSwap
- Off-chain
- The GraphGoldskySubsquidPostgres + Foundry-emit
- Frontend
- Next.jswagmiviemRainbowKitWalletConnect
Selected work
Quantified outcomes, not adjectives.
Common questions
Asked before the first call.
- 01
How do you handle oracle risk?
Design first. Multiple price sources where possible, on-chain TWAPs for manipulation resistance, time-windowed price freshness checks, and explicit fallback behavior when price feeds break. We model stress scenarios (low-liquidity manipulation, oracle outages) and design the protocol to fail safely rather than dramatically.
- 02
What about MEV?
Designed into the architecture, not patched after launch. Commit-reveal patterns, batched matching, MEV-Share / MEV-Blocker / Flashbots Protect integration, and protocol-owned sequencing where the threat model warrants it. We tell you when a workload is fundamentally MEV-exposed and the right answer is a different architecture or chain.
- 03
How do you set risk parameters?
Against historical stress. We backtest against the worst observed market conditions (March 2020, May 2021 LUNA, June 2022 Celsius / 3AC, March 2023 USDC depeg, plus chain-specific events) and design parameters with explicit safety margins. We model the parameter set and present sensitivity analysis to your risk committee — not a single point estimate.
- 04
Do you support multi-chain?
Yes — most modern DeFi protocols ship multi-chain. We design with chain-portable architecture (consistent precision, gas-aware design, deterministic deployment artifacts) and explicit per-chain parameter sets. We tell you when going multi-chain adds attack surface that the workload doesn't justify.
- 05
Can you handle compliance for regulated DeFi?
Yes — KYC-gated transfers under ERC-3643, sanctioned-address screening, jurisdictional access controls, and the audit-trail tooling regulators expect. We've shipped compliant token issuance and KYC-gated DeFi for institutional clients. The compliance frame is part of the protocol architecture, not an after-launch wrapper.
- 06
What does a DeFi engagement cost?
Architecture and parameter design: 6–10 weeks, $100K–$300K. Production protocol development with audits: 6–14 months, $800K–$3M depending on complexity and TVL target. Multi-product DeFi platforms: $2M–$6M+. External audit fees pass through (typically $150K–$500K per audit). Managed Services for ongoing operations: $50K–$200K monthly retainer. Brackets published honestly so visitors self-qualify before the first call.
Within Blockchain & Web3
Other capabilities in this practice.
Talk to us
Bring a defi platforms problem. We’ll bring a senior engineer.
A senior engineer plus the MESH department lead joins the first call. No discovery gauntlet, no junior reps.