Multipli TVL adapter should be replaced with on-chain accounting or disabled

[MikeeI]

The current DeFiLlama Multipli adapter does not compute TVL from on-chain balances. It calls Multipli's own API and returns data.payload[api.chain] for each chain. The API payload includes large self-reported balances, including protocol-issued tokens and off-chain/custodial claims that are not backed by observed on-chain assets at the reported addresses.

This is a TVL/adapter-integrity issue, not a confirmed external money-moving exploit.

Confirmed observations

Adapter problem

Observed source URL: https://raw.githubusercontent.com/DefiLlama/DefiLlama-Adapters/main/projects/multipli/index.js

Observed adapter logic:

const axios = require('axios')
const API = "https://api.multipli.fi/multipli/v1/external-aggregator/defillama/tvl/"

const tvl = async (api) => {
  const { data } = await axios.get(API)
  return data.payload[api.chain]
}

This means DeFiLlama currently trusts https://api.multipli.fi/multipli/v1/external-aggregator/defillama/tvl/ rather than deriving balances from chain state.

Selected API payload values observed

Chain	API-reported asset	Raw API amount	Human amount, if 6 decimals
Base	base:0xd74FB32112b1eF5b4C428Fead8dA8d85A0019009	110010150000000	110,010,150
Ethereum	ethereum:0xa39986f96b80d04e8d7aeaaf47175f47c23fd0f4	125000010000000	125,000,010
Ethereum	ethereum:0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48	34336717542621	34,336,717.542621 USDC
Ethereum	ethereum:0xdAC17F958D2ee523a2206206994597C13D831ec7	15273129519386	15,273,129.519386 USDT
Arbitrum	arbitrum:0xA39986F96B80d04e8d7AeAaF47175F47C23FD0f4	25000000000000	25,000,000
Pharos	pharos:0xA39986F96B80d04e8d7AeAaF47175F47C23FD0f4	30000000000000	30,000,000

Read-only RPC observations

Observed through read-only eth_call/eth_getBalance against Base, Ethereum, Avalanche, and Monad.

Base

Address	Role	Observed balance / call result
0xd74FB32112b1eF5b4C428Fead8dA8d85A0019009	API-reported Base token / rwaUSDi	totalSupply() = 110,010,150 units, 6 decimals
0xd74FB32112b1eF5b4C428Fead8dA8d85A0019009	Same token contract	USDC balance = 0; native balance = 0 wei
0xed5AA9b6eb62298492c7246FE724ee088A760155	afiRwaVault	asset() = 0xd74FB32112b1eF5b4C428Fead8dA8d85A0019009
0xed5AA9b6eb62298492c7246FE724ee088A760155	afiRwaVault	totalAssets() = 100,010,150 units of the same protocol token
0xed5AA9b6eb62298492c7246FE724ee088A760155	afiRwaVault	rwaUSDi balance = 100,010,150 units; USDC balance = 0; native balance = 0 wei

Interpretation: the Base API TVL is dominated by a protocol token whose vault asset() is the same protocol token, not observed external collateral.

Ethereum

Address	Role	Observed balance / call result
0xa39986f96b80d04e8d7aeaaf47175f47c23fd0f4	API-reported Ethereum rwaUSDi	totalSupply() = 125,000,010 units, 6 decimals
0xa39986f96b80d04e8d7aeaaf47175f47c23fd0f4	Same token contract	USDC = 0; USDT = 0; WBTC = 0; native = 0 wei
0xfa5b3614A7C8265E3e8c4f56bC123203BD155ff2	Ethereum treasury checked	USDC = 9.000000; USDT = 0; WBTC = 0; native = 96 wei

Interpretation: the observed Ethereum rwaUSDi contract does not custody the USDC/USDT/WBTC amounts reported in the API payload.

Avalanche and Monad real-fund context

These balances show that some real vault funds exist, but at tiny scale relative to the API-reported TVL.

Chain	Address	Role	Observed balance / call result
Avalanche	0xCF0Eb4ac018C06a16ED5c63484823C7805e7599D	xUSDC vault	USDC balance = 2,501.375940; asset() = USDC; totalAssets() = 13,244.821433
Avalanche	0x01e676EAA0C9780A88395c651349Cf08Fe52368e	xUSDC fund manager	USDC balance = 10.132299
Avalanche	0x468BbabAEf852C134b584382C0fef83F2954Cd5c	xBTC.b vault	BTC.b balance = 0; native = 0 wei
Avalanche	0x62c2181618833b202e68b5addc4279542978Ef47	xBTC.b fund manager	BTC.b balance = 0.00010663
Monad	0xd74FB32112b1eF5b4C428Fead8dA8d85A0019009	xUSDC vault / reported token address	USDC balance = 4,582.140837; asset() = Monad USDC 0x754704bc059f8c67012fed69bc8a327a5aafb603; totalAssets() = 5,006.085630
Monad	0xE1824bF952bB2E8414d12de8A9fc2cBc666D6758	fund manager	USDC balance = 700.770905

Risk classification

Confirmed: DeFiLlama TVL integrity issue / self-reported adapter issue.

Confirmed: reported TVL includes protocol-issued tokens and API-only claims not matched by observed collateral at the checked contracts.

Confirmed: small real vault balances exist on Avalanche and Monad, so the protocol is not purely empty; however, observed on-chain funds are orders of magnitude below the API-reported TVL.

Not proven: unauthorized external withdrawal, mint, redeem, bridge release, vault share theft, liquidation abuse, or user-level execution of value-moving admin logic.

Not proven: that the protocol has stolen funds or that all API-reported USDC/USDT/WBTC is nonexistent. The unobserved amounts may be off-chain/custodial or in contracts not identified here. They should not be counted as DeFiLlama TVL unless independently verifiable on-chain.

Requested remediation

1. Disable the current Multipli adapter or mark it as misreported until TVL can be computed from on-chain balances.
2. Replace the API-trusting implementation with explicit on-chain balance accounting per vault and per chain.
3. Exclude protocol-issued/self-minted assets such as rwaUSDi from TVL unless independently backed by verifiable, non-recursive collateral.
4. Exclude off-chain/custodial strategy balances unless DeFiLlama policy permits them and the proof source is independently auditable.
5. Require Multipli to provide a complete list of vault/fund-manager/custody addresses for each chain before re-enabling full TVL.