Weekly Bonzo Bytes 🎙️🐵

bonzo_finance avatar
Bonzo Finance Labs
@bonzo_financeNov 14, 2025

The Spaces covered three blocks: Bonzo product updates, Hedera/community news, and market/industry developments. Brady and Guang confirmed Bonzo Vaults will not launch this week after discovering two critical bugs during post-audit mainnet testing; Halborn is conducting a re-audit, and the team is prioritizing safety and full transparency with updated, versioned reports. Guang detailed the CLM vault bug scenario (backend outage led to ranges going out-of-band and a potential drain vector) and outlined a forthcoming disaster-mitigation plan including a panic pause flow. Stats showed Bonzo and Hedera TVL softening amid a broader market drawdown. Brandon introduced a read-only MCP server indexing the entire Hedera network for LLMs like ChatGPT, with plans to expand price coverage beyond HBAR. Community items included a Bonzo merch contest. On integrations, WBTC arrived on Hedera via LayerZero/BitGo with Bonzo listing contingent on SaucerSwap liquidity, Chainlink feeds, and RE7 Labs risk analysis. The Messari report highlighted strong QoQ growth in active accounts, smart contract usage, and institutional traction. Market talk covered the BTC/ETH selloff on rate-cut repricing, and industry news noted Aave Labs’ Ireland license for compliant fiat on/off-ramps and RWA expansion.

Bonzo Bytes: Vaults launch status, Hedera ecosystem updates, market recap

Hosts, guests, and roles

  • Brady (Bonzo Finance) — co-host, product and risk posture, audits, partner integrations
  • Guang (Bonzo Finance) — co-host, technical deep dive on vaults and incident response
  • Brandon (developer of Hedera MCP server) — guest, presented the new read-only MCP server for Hedera data
  • Brian (community; Crypto School) — Q&A on incident response; merch joke
  • Community member (asked about vaults vs. auto-managed liquidity) — Q&A

Disclaimer

Brady opened with a standard disclaimer: all views are personal, not financial advice; forward-looking statements involve risks; do your own research; neither Bonzo Finance nor speakers are liable for actions taken based on the conversation.

Agenda overview

  • Bonzo updates: Vaults status, audits, timelines, and stats
  • Hedera/community news: agentic AI integration via MCP server, WBTC on Hedera, Messari report
  • Market/industry news: macro pullback and Aave’s regulatory expansion
  • Community: merch giveaway

Bonzo Vaults: status, audits, and launch posture

  • Security-first approach: Both Brady and Guang emphasized prioritizing safety and robustness over deadlines. Two critical issues were found by the team during post-audit mainnet testing, each returned to the auditor for remediation and broader coverage. The auditor (Halborn) is performing a re-audit with added manpower.
  • Impact on timeline: The additional assessment adds time; no date commitment. Informal expectation is “a couple of weeks” if re-audit and fixes complete smoothly, but the team will not set a date. Updated audit artifacts will be published with clear versioning and change logs.
  • Transparency: The initial Halborn audit report is public. All re-audit reports and change memos will be shared to track discoveries and fixes.

Technical detail on the discovered critical bug (CLM vault scenario)

  • Context: Vaults include strategies for concentrated liquidity management (CLM) on SaucerSwap v2, with periodic functions such as moveTicks and harvest to keep liquidity bands around the current price and to realize/compound fees.
  • Conditions that surfaced the bug: During mainnet testing, Bonzo’s backend was down for a couple of days (maintenance/fixes), so moveTicks wasn’t called. Price moved materially, vault positions went out of range, and the vault stopped trading/earning in-range fees.
  • Vulnerability manifestation: In this out-of-range state and without timely rebalancing, tokens sent to the vault could be drained by anyone. This corner case wouldn’t appear under normal operations where moveTicks/harvest are called on a regular cadence (e.g., every 30–60 minutes). The bug was not caught in the initial audit but was surfaced by Bonzo’s live testing. It has been returned to the auditor and is being remediated alongside other medium issues identified in the re-audit.
  • Policy: Only launch when the vault system is demonstrably safe and auditors have signed off.

Planned mitigation/operations (post-launch contingency)

  • Guang outlined an incident response plan being formalized for both Bonzo Lend and Bonzo Vaults, including:
    • Clear, step-by-step internal playbooks: which contract functions to call; how and when to pause strategies/contracts; communication sequencing
    • Panic functionality (Beefy-style) for vault strategies: halts new deposits, withdraws liquidity from external pools, holds assets safely in the strategy/contract, and allows users to withdraw
    • Timely user communication and documentation updates

Strategy design notes (from Q&A)

  • Vault category: Automated liquidity management similar to other ecosystems’ ALMs/vaults (e.g., Beefy CLM-style).
  • CLM mechanics on SaucerSwap v2:
    • Maintains a concentrated band around current price plus a secondary range on the weaker token side; periodic rebalancing via deposits/withdrawals/harvests
    • Trading fees are aggregated and shared among vault participants
    • Pool incentive rewards (from SaucerSwap programs) are auto-swapped back into underlying pool assets and distributed as yield
  • Benefits:
    • For LPs: set-and-forget, range management handled, mitigates common LP errors and operational burden
    • For traders and the DEX: better concentrated liquidity placement reduces slippage/price impact and improves execution (e.g., for limit orders)

Bonzo and Hedera stats snapshot

  • Bonzo Finance TVL:
    • USD: down w/w from ~$31.0M to ~$29.6M
    • HBAR: down w/w from ~191M HBAR to ~186M HBAR
  • Lending protocol ranking (all chains): ~55, down from 54
  • Hedera protocol ranking: Bonzo at # 3 by TVL
  • SaucerSwap TVL: ~$57M (about 2x Bonzo’s TVL)
  • Hedera network TVL: reported as down w/w (speaker numbers indicated 91M last week; this week lower)
  • All-chain TVL ranking for Hedera: improved to ~# 47 from # 49
  • USDC on Hedera: up to ~$132M from ~$122M
  • HBAR price: retraced from a local peak (~$0.195) to around ~$0.16

Ecosystem news and integrations

Read-only MCP server for Hedera (AI agents + on-chain data)

  • Guest: Brandon introduced a read-only Model Context Protocol (MCP) server indexing the Hedera network so LLMs/agents (e.g., ChatGPT, Claude) can query on-chain data safely.
  • Safety model: Read-only; no wallet connections or transaction signing; lowers risk while enabling discovery/analysis.
  • Example usage: “What happened on Hedera yesterday?” — agents can summarize on-chain events; supports deep drill-down via indexed data.
  • Current limitation: Token-specific price feeds (beyond HBAR) are not yet available via the server; HBAR price is indexed by minute from five centralized exchanges. Team plans to add non-mirror-node data sources (e.g., token prices) over time.
  • Goal: Provide a safe, familiar interface to Hedera data inside mainstream AI apps; encourage rapid experimentation ahead of more advanced agentic capabilities.

Wrapped BTC (WBTC) live on Hedera (BitGo + LayerZero)

  • Launch: WBTC is now bridged to Hedera in collaboration with BitGo/Trust and LayerZero (bridge).
  • Bonzo listing pathway (mirrors prior wETH onboarding):
    • Adequate on-chain liquidity on SaucerSwap — now present (WBTC pools live)
    • Oracle support — Chainlink price feeds for WBTC on Hedera are live
    • Third-party risk analysis — RE7 Labs to produce a full report and change memo with recommended parameters and justifications
  • Once prerequisites are met, Bonzo intends to enable WBTC for lending/borrowing. No dates committed.

Messari Hedera report highlights

  • QoQ growth metrics noted in the report:
    • HBAR market cap: up ~43% to ~$9.1B
    • Hedera TVL (USD): up ~53%
    • Active accounts: up ~16%
    • Smart contract usage: up ~30%
  • Enterprise and infra notes: mention of a U.S. state-issued stablecoin (Frontier Stable Coin, FRNT) selecting Hedera; wrapped ETH launch; Swarm Markets’ RWA on Hedera; and Circle’s CCTP enabling native USDC transfers.
  • DEX activity: trading volume reportedly doubled, indicating momentum in on-chain trading.

Market and industry news

  • Broad crypto selloff: BTC and ETH saw sharp declines; ETH briefly under ~$3,100. Speakers cited shifting rate-cut odds (no cut expected next week) and forced deleveraging as drivers. ETF inflow momentum also slowed. Sentiment cautious.
  • Macro nuance: Markets are pre-pricing rate path changes; speakers noted the magnitude of crypto’s reaction may feel outsized relative to incremental rate expectations.
  • Aave Labs regulatory expansion:
    • Secured a crypto license in Ireland, enabling bank-linked fiat on/off-ramps to stablecoins for Irish users
    • Strategic orientation toward regulated, consumer-facing and institutional products
    • Noted initiatives: an institutional RWA lending platform (Horizon) and acquisition of a consumer savings app (Stable Finance), signaling diversification beyond core lending

Community: Bonzo merch giveaway

  • How to enter (no purchase necessary):
    • Post an original photo on X featuring Bonzo merch in a creative/original way and tag Bonzo Finance; or
    • Post original Bonzo-themed content (photo/meme/art/artwork) and tag Bonzo Finance
  • Deadline: December 29 (year stated as 2025 in the space)
  • Prizes: Three winners, each receiving a Desert Bonzo NFT
  • Selection and notification: Winners chosen by Bonzo Finance Labs based on creativity/presentation; announced on X and contacted via DM within 7 days of contest close

Q&A highlights

  • Are vaults like “injected liquidity”/auto-managed LP positions?

    • Brady: Yes—automated liquidity management akin to CLM vaults elsewhere. The strategy maintains a concentrated band around current price plus a secondary range on the weaker side, rebalances with deposits/withdrawals/harvests, and shares fees among participants. Pool incentive rewards are auto-converted into underlying assets and distributed as yield.
    • Benefits accrue to LPs (hands-off range management, less operational burden) and to traders/DEX (tighter spreads, lower slippage).

  • If a bug is found after launch, what happens?

    • Guang: A formal incident response runbook is being finalized, including how to pause/disable affected strategies, how to invoke panic (halts deposits, withdraws external liquidity to the contract, and enables user withdrawals), and how/when to communicate with users. This plan will be documented and shared.

  • Merch joke: Brian asked about Bonzo underwear; hosts took it in good humor and reaffirmed openness to future swag options.

Closing and next steps

  • Bonzo will continue publishing updated audit reports (versioned) covering discoveries and remediations for Vaults.
  • No launch date until auditors sign off and the team is satisfied with safety. Security remains paramount.
  • Expect further updates in the coming weeks and ongoing transparency on status. Hosts thanked the community for patience and participation.