The Problem With Real-Time Vaults 

Every vault share represents a claim on underlying assets. The question is whether the price being used to mint and redeem those shares is actually correct.

In traditional finance, NAV(1) moves slowly. Most funds use forward pricing, where deposits settle later through queued entry windows, naturally limiting stale pricing risk.

DeFi changes that entirely. For vault shares to remain composable across lending markets, leverage loops, and on-chain financial systems, deposits need to happen atomically while the underlying strategies and accounting systems update asynchronously across chains, venues, and execution environments.

That creates a dangerous gap between what the vault actually owns and what the vault believes it owns.

The moment capital can move continuously, NAV stops being a reporting function and becomes core infrastructure. Every deposit, redemption, rebalance, and settlement depends on the integrity of the price being used at that exact moment. A stale NAV is not a cosmetic issue; it is a value-transfer event.

If deposits are priced against outdated balances, new users subsidize existing holders. If redemptions settle against stale pricing, users withdrawing extract value from the vault. And if a strategy incurs losses before NAV updates catch up, new deposits can unknowingly buy impaired inventory at pre-loss pricing. None of these failures appear in headline APY, but they matter.

This is the hidden infrastructure problem behind institutional DeFi, and it is exactly why Concrete built a real-time NAV management system designed for asynchronous, on-chain finance.

Most vault systems were built around this assumption: strategies were fully on-chain, and yield generation was programmatic. Capital moved through smart contracts, positions updated deterministically, and accounting could be hard-coded directly into the vault itself. As long as strategies lived entirely on-chain, NAV remained relatively straightforward to calculate because the vault always had immediate visibility into its underlying positions and balances.

That assumption breaks the moment vaults evolve beyond smart contract strategies.

Modern vault systems increasingly rely on active execution, curator-driven allocations, cross-chain deployment, and off-chain yield sources that cannot be reflected on-chain in real time. Strategies now operate across bridges, perpetual venues, money markets, restaking systems, and liquidity pools, all with different settlement times, reporting delays, and liquidity characteristics. In some cases, the relevant position state may depend on custodian records, venue data, cross-chain settlement, or off-chain execution records that cannot be reflected on-chain at the same speed as a simple token balance.

The result is that capital moves continuously while the underlying state of the vault updates asynchronously, creating a dangerous gap between what the vault actually owns and what the vault believes it owns.

In that gap, value leaks.

Pricing latency is not operational friction,it is hidden risk transfer.  The faster DeFi moves, the more important accounting integrity becomes.

NAV Management for On-Chain Finance 

Concrete approaches NAV as a systems problem rather than a single oracle or accounting update. The architecture combines smoothing models, dynamic risk thresholds, independent verification, deposit controls, and automated pause mechanisms into a unified framework designed to keep vault pricing accurate even during volatile market conditions.

The first challenge is noise. Raw pricing data is inherently imperfect. Bridge delays, stale APIs, temporary liquidity dislocations, and asynchronous settlement events can all distort short-term accounting. Concrete smooths NAV observations using an exponentially weighted moving average (EWMA), allowing recent observations to carry more weight while filtering isolated spikes and transient anomalies.(2) The objective is not to suppress volatility; it is to limit the influence of isolated data irregularities on vault pricing.

But smoothing alone is not enough because every vault behaves differently. A delta-neutral carry strategy has a completely different volatility profile than a leveraged restaking vault. A 50 basis-point move may be insignificant for one strategy and catastrophic for another. Concrete calibrates every vault independently by tying pause thresholds to rolling volatility measurements derived from a two-week standard deviation model.(3) Thresholds tighten automatically during stable periods and widen during volatile environments, allowing risk management to adapt dynamically to the behavior of the underlying strategy instead of relying on static assumptions.

Verification Before Settlement 

Even then, speed without verification is not institutional infrastructure. Every NAV update inside Concrete passes through a three-party verification process. A Transaction Proposer calculates the proposed update using strategy and accounting data. An Independent Signer validates the update against a separate accounting source. Finally, the smart contract itself rejects updates outside predefined accounting bounds.(4) By design, no single operator, including Concrete, can unilaterally modify vault accounting outside the bounds enforced by the smart contract. The purpose of the system is not simply operational redundancy; it is to reduce the risk that bad data, stale reporting, or operator mistakes directly affect the pricing layer users transact against.

Pricing integrity, however, is only half the problem. Even perfectly verified accounting systems cannot eliminate latency between market events and settlement updates.

Verification ensures the reported NAV is correct. Settlement integrity ensures users transact against that NAV fairly while the underlying state of the vault continues updating asynchronously.

The goal is not to eliminate latency entirely. The goal is to prevent temporary uncertainty from becoming permanent value leakage.

Protecting the Next Depositor 

This becomes most important during material loss events, which is where most DeFi pause systems are fundamentally misunderstood. Pause mechanisms are often framed as operational safeguards that protect protocols or operators. In reality, they exist to protect the next depositor.

If a strategy incurs a material loss before NAV fully updates, the worst possible outcome is allowing new deposits to continue entering the vault at stale pricing. Those users are effectively buying impaired inventory without realizing it. Concrete’s pause architecture is designed specifically for this scenario. When deviations between the live observation layer and the smoothed pricing model breach volatility-adjusted thresholds, the system is designed to halt deposits until pricing integrity is restored.(5) The purpose is not operational convenience; it is to reduce the risk that losses are unintentionally socialized across participants.

Withdrawals introduce the same problem in reverse. If capital remains deployed after a withdrawal request is initiated, it is still generating returns and still exposed to risk. Treating users as exited before positions are actually unwound creates a mismatch between economic exposure and accounting reality.

Concrete’s async vault architecture uses ERC-4626-compatible epoch withdrawal queues that settle redemptions against the NAV at settlement, not the NAV at request time.(6) The principle is simple: if funds are still exposed to strategy risk, they must also remain exposed to the resulting NAV changes. Anything else creates arbitrage opportunities and unfair value transfer between participants.

The Product Is the Stack 

What matters is not any individual control layer, but how the layers reinforce each other. Smoothing without adaptive thresholds becomes too rigid. Thresholds without verification introduce operational risk. Verification without deposit controls still exposes users during latency windows. Deposit caps without pause systems still allow impaired pricing events. And pause systems without a coherent withdrawal architecture still leak value on redemption.

The product is not EWMA. The product is not deposit caps. The product is not automated accounting.

The product is the stack.

Institutional allocators do not evaluate vaults solely on yield. They evaluate accounting integrity, operational controls, pricing accuracy, and loss-mitigation design. This is the infrastructure layer required for DeFi to mature beyond speculative capital flows and evolve into programmable financial infrastructure capable of supporting institutional-scale capital.

Concrete’s system is designed so that NAV updates are independently verified, pricing anomalies are filtered before settlement, deposit exposure is dynamically bounded, material loss events trigger pause mechanisms on new inflows, and withdrawals settle against live accounting states rather than stale snapshots. These systems are not optional features layered onto vaults after the fact. They are foundational requirements for making programmable finance trustworthy at scale.

The Future of Vault Infrastructure 

DeFi solved transparency before it solved accounting. That is now changing.

As vaults evolve into programmable financial infrastructure operating across chains, strategies, and liquidity layers, infrastructure quality becomes more important than headline APY. The next phase of DeFi will not be defined by who reports yield fastest. It will be defined by who can make those numbers trustworthy.

Real-time NAV is not simply a UX improvement. It is foundational infrastructure for institutional capital. Because the faster capital moves on-chain, the more important accounting integrity becomes.

Vaults are no longer passive yield wrappers. They are programmable financial systems, and programmable financial systems require programmable trust.

This article is for informational purposes only and does not constitute investment, legal, tax, financial advice, or an offer or solicitation of any kind. Descriptions of Concrete’s architecture,controls, and design objectives are illustrative; they do not eliminate risks associated with smart contracts, DeFi protocols, market conditions, oracle or data failures, operational failures, third-party infrastructure, or counterparty performance. Concrete does not guarantee that any target yield, NAV accuracy, pause behavior, or other system outcome will be achieved. Forward-looking statements reflect Concrete's current expectations and are not guarantees of future results. Participation in Concrete vaults involves risk, including risk of total loss. For full risk disclosures, see https://concrete.xyz/disclaimers. 

--------------------

1. In this article, “NAV” refers to the operational accounting value used to price vault shares, deposits, redemptions, and strategy-level settlement. It may differ from financial-statement NAV, custodian records, or third-party protocol values, and may be subject to vault-specific methodology and timing.
2. An exponentially weighed moving average gives more weight to recent observations while still incorporating older data. Specific parameters, including decay rate and observation windows, are calibrated per vault and may be updated by Concrete over time based on strategy characteristics, market conditions, and operational data. EWMA smoothing reduces the influence of short-term pricing anomalies but does not eliminate pricing risk.
3. Volatility windows, threshold widths, and pause parameters are calibrated per vault, are subject to change at Concrete's discretion, and depend on the accuracy of input data. No threshold model can anticipate every market condition.
4. The roles described (Transaction Proposer, Independent Signer, and on-chain validation) operate within Concrete's vault smart contracts and are subject to multisig and timelock controls. Verification reduces but does not eliminate the risk of incorrect NAV updates, including risks arising from compromised keys, faulty input data, or smart-contract vulnerabilities. Concrete's audit history is available at docs.concrete.xyz/audits.
5. Pause behavior depends on accurate threshold calibration and on the accuracy of the underlying observation layer. Pauses may not be triggered in all loss scenarios, and the design is intended to reduce, not eliminate, the risk that new depositors transact at stale pricing.
6. Concrete's vaults are built to the ERC-4626 vault standard, with epoch-based asynchronous withdrawal queue extensions implemented at the contract level. Settlement timing depends on the underlying strategy's liquidity profile and may be subject to vault-level gates, suspension events, and other terms set forth in the applicable vault documentation.