ERCs, Solved
the standard · since December 2021
// standard · proposed dec 2021 · defi adapter layer · ready

What is ERC-4626?

The vault standard that made yield-bearing ERC-20 shares composable — without standardizing the strategy inside.

ERC-4626 ·EIP-4626 ·by Joey Santoro + t11s + Jet Jadeja + Alberto Cuesta Canada + Senor Doggo

updated · 3 min read · by ercs-solved maintainers

ERC-4626 is boring in the best way. Before it, every yield vault looked familiar but integrated differently. Deposits, shares, withdrawals, previews, fees, and total assets were all named and modeled differently enough that aggregators wrote adapters for every protocol. ERC-4626 standardized the adapter layer.

It did not standardize yield strategy. That is the right boundary. It is also why integrators still have work to do.

[ jump to what's broken ]
on this page
  1. What is ERC-4626?
  2. At a glance
  3. Origin story
  4. The spec
  5. What's broken
  6. vault is still a black box
  7. Rounding and donation attacks are implementation risks
  8. Preview functions are not price oracles
  9. Approve/deposit keeps the ERC-20 allowance UX
  10. Fees and withdrawal constraints are not uniform
  11. LUKSO alternative
  12. ERC-4626 vs LSP stack
  13. When to use which
  14. FAQ
  15. Sources
  16. Keep reading
at a glance

The standard, in one card.

Standard
ERC-4626 / EIP-4626
Created
22 December 2021
Requires
ERC-20 + ERC-2612
Core abstraction
shares over one underlying asset
Primary users
vaults · lending markets · aggregators · yield tokens
Canonical spec
eips.ethereum.org / EIP-4626
Implementation docs
OpenZeppelin ERC-4626
how the standard came to be

The origin story.#

ERC-4626 was created on 22 December 2021 by Joey Santoro, t11s, Jet Jadeja, Alberto Cuesta Canada, and Senor Doggo. The context was DeFi maturity: vaults, lending wrappers, aggregators, and interest-bearing tokens had become core infrastructure, but each one exposed slightly different deposit and withdrawal semantics.

The standard made vault shares ERC-20 tokens and added the missing vault verbs: quote, preview, limit, deposit, mint, withdraw, redeem. That gave integrators one shape to code against while preserving each vault's right to implement its own strategy.

  1. Dec 2021 ERC-4626 is created to standardize tokenized vault integration across DeFi.
  2. 2022 Vault adapters and libraries converge around the standard as DeFi protocols seek one interface for yield-bearing shares.
  3. 2023+ Implementation-level issues like empty-vault inflation attacks become part of standard ERC-4626 audit checklists.
the spec, end to end

What ERC-4626 actually is.#

ERC-4626 EIP-4626 interface solidity 
// EIP-4626 — tokenized vault over one ERC-20 asset
function asset() external view returns (address assetTokenAddress);
function totalAssets() external view returns (uint256 totalManagedAssets);

function convertToShares(uint256 assets) external view returns (uint256 shares);
function convertToAssets(uint256 shares) external view returns (uint256 assets);

function maxDeposit(address receiver) external view returns (uint256 maxAssets);
function previewDeposit(uint256 assets) external view returns (uint256 shares);
function deposit(uint256 assets, address receiver) external returns (uint256 shares);

function maxMint(address receiver) external view returns (uint256 maxShares);
function previewMint(uint256 shares) external view returns (uint256 assets);
function mint(uint256 shares, address receiver) external returns (uint256 assets);

function maxWithdraw(address owner) external view returns (uint256 maxAssets);
function previewWithdraw(uint256 assets) external view returns (uint256 shares);
function withdraw(uint256 assets, address receiver, address owner) external returns (uint256 shares);

function maxRedeem(address owner) external view returns (uint256 maxShares);
function previewRedeem(uint256 shares) external view returns (uint256 assets);
function redeem(uint256 shares, address receiver, address owner) external returns (uint256 assets);

event Deposit(address indexed sender, address indexed owner, uint256 assets, uint256 shares);
event Withdraw(address indexed sender, address indexed receiver, address indexed owner, uint256 assets, uint256 shares);
ERC-4626 interface, grouped
asset: asset · totalAssets
quote: convertToShares · convertToAssets
preview: previewDeposit · previewMint · previewWithdraw · previewRedeem
limits: maxDeposit · maxMint · maxWithdraw · maxRedeem
mutate: deposit · mint · withdraw · redeem

The mental model is a vault with one underlying asset and one ERC-20 share token. asset() names the underlying token. totalAssets() reports managed assets. convertToShares and convertToAssets provide average conversion estimates. preview* functions estimate specific operations. max* functions expose current limits. The mutable functions move assets and shares: deposit, mint, withdraw, and redeem.

The canonical specification is at eips.ethereum.org/EIPS/eip-4626. OpenZeppelin's implementation docs are especially useful for the inflation-attack and virtual-offset discussion.

the integration tax

What's broken about ERC-4626.#

ERC-4626 is not broken in the same way ERC-20 approvals or ERC-721 metadata are broken. Its boundary is mostly correct. The remaining risks come from what the interface intentionally does not specify: strategy, fees, liquidity, implementation math, oracle policy, and user authority around the vault call.

  1. The vault is still a black box.#

    ERC-4626 standardizes the interface, not the strategy. It does not tell integrators where assets are deployed, how risk is priced, whether the strategy can be paused, what oracle it uses, or whether withdrawals depend on an async queue. The spec explicitly leaves accounting and allocation details to vault implementations.

    ERC-4626 totalAssets() + previews
    interface only strategy opaque off-chain review
    LSP4 + ERC-725Y typed metadata + risk disclosures
    discoverable structured attached to asset/account
    workarounds tried
    • vault due diligence
    • strategy adapters
    • risk registries
    • off-chain monitoring

  2. Rounding and donation attacks are implementation risks.#

    The standard defines share/asset conversion behavior, but an empty or low-liquidity vault can be vulnerable if the implementation lets an attacker donate assets and skew the exchange rate before a user's deposit. OpenZeppelin documents virtual shares/assets and precision offsets as defenses, but the ERC itself is not the defense.

    ERC-4626 convertToShares(assets)
    rounding donation risk empty vault hazard
    implementation virtual shares/assets + slippage checks
    must be designed not solved by LSP audit required
    workarounds tried
    • virtual offset
    • dead shares
    • seeded initial liquidity
    • minimum deposit checks
    • first-deposit guards

  3. Preview functions are not price oracles.#

    previewDeposit and friends should approximate same-transaction outcomes, but the spec warns that preview values can be manipulated by on-chain conditions. convert functions are allowed to be inexact and can be implemented more robustly, but integrators still need to know which view function they are using and why.

    ERC-4626 previewDeposit / previewRedeem
    manipulable not oracle context-sensitive
    LSP20 inline call verification
    policy checks preconditions account-side guards
    workarounds tried
    • TWAP-style convert functions
    • slippage parameters
    • same-block simulation
    • vault-specific quote adapters

  4. Approve/deposit keeps the ERC-20 allowance UX.#

    Depositing the underlying asset usually means approving the vault, then calling deposit or mint. ERC-4626 can use ERC-2612 permit when supported, but it inherits the underlying token's approval model and the share token's allowance model.

    ERC-4626 asset.approve(vault) + deposit
    two-step UX allowance risk token-dependent
    LSP6 + LSP25 scoped controller + relayed call
    account permissions gasless batched intent
    workarounds tried
    • EIP-2612 permit
    • Permit2
    • multicall routers
    • smart account batching
    • allowance revocation

    read the deep-dive

  5. Fees and withdrawal constraints are not uniform.#

    The interface has max functions and preview functions, but fee policy, withdrawal queues, cooldowns, locks, and emergency states remain implementation-specific. Two ERC-4626 vaults can both be compliant while presenting very different liquidity guarantees.

    ERC-4626 maxWithdraw(owner)
    underestimates limits policy-specific not a guarantee
    ERC-725Y standardized disclosure keys
    metadata layer indexable wallet-readable
    workarounds tried
    • max* checks
    • fee-aware previews
    • strategy disclosures
    • vault-specific UI warnings
the LUKSO alternative

LUKSO designed it differently.#

The honest LUKSO framing is complement, not replacement. A vault still needs ERC-4626-style accounting if it wants to compose with DeFi. What LSPs add is the surrounding account and asset system: scoped controllers through LSP6, relayed execution through LSP25, metadata through LSP4, and receiver hooks through LSP1.

Put differently: ERC-4626 solves "how does an integrator talk to a vault?" LSPs solve "how does a user account safely authorize, understand, receive, and automate vault interactions?"

spec to spec, at a glance

ERC-4626 vs LSP stack in one table.#

row ERC-4626 LSP account + asset layer
core job standardize vault share accounting standardize account, metadata, permissions, and receiving
asset movement ERC-20 approve + deposit/mint controller-permitted calls + LSP25 relay
strategy risk implementation-specific black box can be disclosed in ERC-725Y/LSP4 metadata
receiver awareness inherits ERC-20 transfer behavior LSP1 notifications for LSP assets
best framing keep ERC-4626 for vault math wrap the UX and account layer with LSPs
be honest about scope

When to use which.#

people also ask

FAQ.#

  • What is ERC-4626? #

    ERC-4626 is Ethereum's tokenized vault standard. It extends ERC-20 share tokens with a common API for deposits, mints, withdrawals, redemptions, share/asset conversion, limits, previews, and vault events.

  • Is ERC-4626 an ERC-20 token? #

    Yes. ERC-4626 vault shares are ERC-20 tokens. The standard adds vault-specific functions on top of the ERC-20 share interface.

  • Does ERC-4626 support more than one underlying asset? #

    No. The standard is for a vault with a single underlying ERC-20 asset returned by asset(). Multi-asset vaults need another interface or adapters.

  • What is the ERC-4626 inflation attack? #

    It is a first-deposit or low-liquidity attack where an attacker manipulates the share/asset exchange rate, often by donating assets to the vault, so a victim's deposit mints too few shares. Defenses are implementation-level, such as virtual offsets, seeded liquidity, and minimum output checks.

  • Do LSPs replace ERC-4626? #

    No. ERC-4626 is the right vault accounting interface. LSPs complement it by improving account permissions, token metadata, receiver hooks, and relayed execution around vault interactions.

glossary 4 terms used on this page
asset
The underlying ERC-20 token managed by the vault.
share
The ERC-20 token representing a claim on a fraction of the vault's managed assets.
preview
A view function that estimates the output of the corresponding mutable function in current conditions.
inflation attack
A manipulation of the vault exchange rate, often through donation to a low-liquidity vault, that causes a victim deposit to mint too few shares.
primary sources

Where this page draws from.#

  1. EIP-4626: Tokenized Vaults
  2. OpenZeppelin ERC-4626 guide
  3. LUKSO LSP6 Key Manager
where to go next

Keep reading.#