APR5.5-16.5%(Fixed)
Risk score90Critical
Total risk score90Critical
Collateral
0/10
What are you pledging? Native BTC is safest; wrappers, bridges, or paper IOUs add redemption risk.
Native BTC (on-chain UTXO).
Rehypothecation
0/10
Will your BTC be re-used? More hidden leverage → bigger blow-up chance.
Non-rehypothecable collateral.
Custody
0/10
Who can move the coins? Scores quorum design, recovery paths, and (for CeFi) bankruptcy-remote segregation.
3-of-3 on-chain multisig plus a pre-signed, timelocked tx_recover means the borrower can broadcast that file and unilaterally sweep the funds if Firefish or the oracles go down.
Security & Governance
10/10
How battle-tested are code and ops? Counts audits, bug-bounty, certs, and hardware key isolation.
The borrower client is open-source with deterministic builds. Firefish’s in-house Price and Payment oracles each hold a signing key and co-sign almost every PSBT. Notably, the Payment Oracle has unilateral power to mark a default and liquidate the BTC. Because these keys see every transaction and can’t be blinded like DLC oracles, they effectively function as admin cosigners (not independent feeds) and the role can’t be outsourced or given plausible deniability.
Platform
0/10
Is the chain or bridge robust? Rates consensus security and smart-contract attack surface.
Native Bitcoin script.
Oracle
10/10
How is price fetched and signed? Independence, on-chain proofs, refresh speed, circuit breakers.
Besides a Price Oracle, Firefish also has a Payment Oracle. Firefish runs both internally. The Price Oracle claims a nine-exchange feed, but the list isn’t disclosed.
Liquidation Buffer
2/10
How much room and time before liquidation? Combines LTV gap, grace window, and flash-crash guards.
45 pp buffer (50% → 95%); no formal margin-call mechanism, Firefish proactively sends email notifications at 80%, 85%, and 90% LTV.
Rate & Term
2/10
Can interest spike mid-loan? Looks at fixed vs variable APR and funding duration match.
Interest is fixed for 3-18 mo.
Transparency
4/10
Can outsiders verify code & solvency? Rewards open-source + live PoR; punishes black boxes.
Each borrower can see their escrow UTXO. Firefish has open-sourced only the borrower WASM client (not the full platform) and provides deterministic build instructions so technical users can reproduce the binary. The docs caution the live platform may differ from the reference; back-end/oracle code remains closed, and the repo says the code is published for review/auditing, not development. In practice, most users can’t easily verify the web app serves the same build, so transparency is improved but still partial.
Loan Currency
4/10
What asset do you borrow? Native-BTC best; fiat stables graded on reserves, audits, censorship risk.
EUR, CHF, CZK, USDC.
Privacy
7/10
How exposed is your identity? Scores KYC depth, data storage, and breach history.
Full KYC.
History
4/10
Have they proven themselves? Measures years in production, audit/OSS footprint, and incident track record.
Launch 2024.
Jurisdiction
2/10
Which legal system backs you? Rates clarity of licensing, creditor rights, and enforcement.
Czech Republic.