Overview##

In February 2025, Tenor Finance engaged Obsidian Audits for a 10-day audit of their core smart contracts. After the initial engagement, Tenor established an ongoing partnership with Obsidian Audits to continue securing their codebase.

Following the audit and fix review, Tenor commissioned a second review from Spearbit, another top-tier security firm.

This case study highlights how Obsidian’s audit identified and helped resolve multiple high severity issues in Tenor’s codebase, resulting in no major vulnerabilities being reported by the subsequent review.

Results##

The following is an extract from Obsidian Audits' report, summarizing the issues identified during the review:###

A total of 13 issues were identified and categorized based on severity:

• • 4 High severity
• • 2 Medium severity
• • 3 Low severity
• • 3 Informational

The high severity issues had the potential to cause significant financial loss or severely disrupt the protocol’s functionality. All high and medium severity issues were addressed, while low and informational issues were acknowledged or fixed where applicable.

---

The following is an extract from Spearbit’s report, conducted after Obsidian's audit and fix review:###

The issues identified (excluding gas optimizations), are categorized as follows:

• • 0 Critical/High severity
• • 1 Medium severity
• • 5 Low severity
• • 2 Informational

No high or critical vulnerabilities were found. The single medium severity issue did not pose a risk to user funds.

Client Testimonial##

Working with Obsidian has been a great experience. Their audit was incredibly thorough, highly professional, and showed deep attention to details. The quality of their security review stood out — two independent follow-up audits found only a small number of additional issues, highlighting Obsidian’s strong coverage and expertise. We’re excited to keep working with Juan and Spearmint for our future security reviews and make them one of our go-to security partner.

• • Pierre-Yves Gendron, Tenor Finance