Is Firefish Safe?
Structurally non-custodial — Firefish cannot move your Bitcoin alone. The residual risks are oracle behaviour and operational continuity, not collateral safety.
The short answer
Firefish is structurally safer than custodial CeFi lenders on the one thing that mattered most in 2022 — your Bitcoin collateral cannot be rehypothecated, because it is locked in a 3-of-3 multisig output on Bitcoin's base layer and Firefish never holds two of the three keys. This is enforced by Bitcoin script, not by a policy promise. The platform is registered in the ESMA Interim MiCA Register under Crypto-Asset Service Providers, requires KYC, and ships an open-source protocol with a pre-signed disaster-recovery transaction that gives you a one-month timelocked escape hatch if Firefish becomes unresponsive. The honest residual risks are real but bounded: the price and payment oracles are currently both operated by Firefish (so the model is "trust-minimised," not trustless), the platform is younger and smaller than Aave or Nexo, and there is no proof-of-reserves attestation — but in a non-custodial model proof-of-reserves matters less, because your collateral isn't on a corporate balance sheet to begin with.
Firefish at a glance
What's actually verifiable
Firefish loans use a 3-of-3 multisig output on Bitcoin's base layer with keys held by a Price Oracle (Firefish-operated), a Payment Oracle (Firefish-operated), and the borrower (an ephemeral key the borrower destroys after signing all closing transactions). Because no two of these keys ever exist together, Firefish cannot move client collateral unilaterally — this is enforced by Bitcoin's consensus rules, not by a custodial policy.
Every possible loan outcome (repayment, liquidation, disaster recovery) is pre-signed by the borrower at origination before the ephemeral key is discarded. The universe of where your Bitcoin can travel is fixed and inspectable on-chain at the moment the escrow is funded — there is no path for it to be moved to any address other than the ones in those pre-signed transactions.
The disaster-recovery transaction (txrecover) has a one-month timelock past the loan's maturity date and requires no oracle signatures. If Firefish or its oracles become unresponsive, the borrower can broadcast this transaction independently to reclaim collateral. This is the structural backstop against platform failure that custodial CeFi lenders cannot provide.
Firefish is registered in the ESMA Interim Register of Crypto-Asset Service Providers under the EU's Markets in Crypto-Assets Regulation (MiCA). This adds an EU regulatory layer on top of the protocol-level security guarantees and obliges Firefish to perform KYC on borrowers and investors.
Firefish loans are peer-to-peer — funded by individual investors on the platform, not by a Firefish liquidity pool. Combined with the non-custodial escrow, this means Firefish does not maintain a corporate balance sheet of client collateral, which is the prerequisite for the kind of rehypothecation cascade that brought down Celsius, BlockFi, Voyager, and Genesis in 2022.
The Firefish protocol is open-source and published on GitHub, so the multisig logic, the pre-signed transaction templates, and the recovery mechanics are publicly auditable by security researchers. At the time of writing, the platform reports over $100M in loan volume processed and a 4.8 / 5 rating on Trustpilot.
The risks worth knowing
Oracle trust
The Price Oracle and Payment Oracle are both currently operated by Firefish. A malicious or compromised Firefish could (within the rules of the protocol) trigger an unjustified liquidation by signing a liquidation transaction at an incorrect price, or refuse to co-sign a legitimate repayment. The disaster-recovery timelock and the deterministic nature of the escrow bound this risk — your BTC cannot go to an attacker's address — but they do not eliminate it. Oracle decentralisation is on Firefish's stated roadmap.
Operational continuity (not custody)
If Firefish disappears mid-loan, your BTC is not at risk of being stolen — it is at risk of being temporarily locked. You can recover via the disaster-recovery transaction, but only after the one-month timelock past your maturity date. This is materially better than a Celsius-style bankruptcy where collateral is on the corporate balance sheet, but it is not instant access.
Smaller and younger than Aave or Nexo
Firefish was founded in 2022 and has reported around $100M in cumulative loan volume. That is several orders of magnitude smaller than Aave's TVL or Nexo's reported scale. The protocol has not yet weathered a full Bitcoin bear-cycle stress test at scale. The structural guarantees are independent of platform size, but operational maturity and edge-case experience are not.
No proof-of-reserves attestation
Firefish does not publish a proof-of-reserves report. This matters less in a non-custodial model — there is no corporate balance sheet of client BTC to attest to, because the BTC is in multisig escrows verifiable on-chain individually. But it does mean borrowers do not get the kind of third-party financial-audit signal that platforms like Ledn (Network Firm LLP attestations) provide.
Conservative 50% LTV and BTC-only collateral
These are by-design product limits rather than safety risks, but they shape who Firefish is the right product for. If you need to extract more than 50% of your collateral value, or if you hold altcoins, the safety profile is structurally different at platforms that accept those — and worse, on average.
No USD fiat rail (relevant for US borrowers)
US residents are not on Firefish's ineligible-countries list and can use the platform — but Firefish does not currently support a direct USD bank payout. US borrowers receive their loan in USDC or USDT (Circle and Tether stablecoins on Ethereum) rather than US dollars. This is a workflow constraint rather than a safety issue, but if you specifically need USD wired to a US bank account, a CeFi competitor with a USD rail (Ledn, Unchained Capital) will be a simpler fit.
Firefish safety — frequently asked questions
Is Firefish safe in 2026?
Yes, by the most important safety question — can your collateral be rehypothecated, stolen by a platform insolvency, or commingled with corporate assets — the answer is no. The 3-of-3 multisig escrow on Bitcoin L1 means Firefish never holds the keys to your Bitcoin alone, and there is no corporate balance sheet of client collateral. The residual risks are oracle behaviour (price and payment oracles are Firefish-operated), operational continuity (the disaster-recovery transaction has a one-month timelock), and the platform's relative youth. These are real but materially smaller than the rehypothecation risks of custodial CeFi.
Can Firefish steal my Bitcoin?
No. Firefish only holds two of the three keys in the multisig escrow (the Price Oracle key and the Payment Oracle key), and Bitcoin script requires all three signatures to move the collateral to any address other than the ones in the pre-signed closing transactions. Those closing transactions only allow the BTC to go to the borrower (on repayment or disaster recovery) or to the lender / liquidator (on default or liquidation). There is no path in the protocol that lets Firefish send your Bitcoin to itself.
What happens if Firefish goes bankrupt or disappears?
You recover your Bitcoin via the disaster-recovery transaction. This transaction is pre-signed by you at origination, has a one-month timelock past your loan's maturity date, and requires no oracle signatures to broadcast. If Firefish (or its oracles) become unresponsive, you broadcast it yourself — your BTC returns to your wallet. The one-month delay is the cost of the model; instant access during a Firefish outage is not available. The trade-off is that there is no bankruptcy proceeding to wait through, no creditor priority queue, and no commingled balance sheet — because there is no corporate balance sheet of client BTC.
Does Firefish have proof of reserves?
No, and in a non-custodial model the question doesn't quite apply in the same way. Proof of reserves is a tool for verifying that a custodial platform actually holds the assets it claims to hold on behalf of clients. Firefish doesn't hold client BTC at all — each loan's collateral sits in its own multisig escrow, individually verifiable on-chain. The thing proof-of-reserves attestations exist to prove is structurally not in question for Firefish.
How does Firefish compare to custodial CeFi lenders on safety?
Structurally, Firefish removes the single biggest risk that brought down Celsius, BlockFi, Voyager, and Genesis: rehypothecation of client collateral. Custodial CeFi lenders take your BTC onto their balance sheet and re-lend or re-deploy it; Firefish cannot, because there is no balance sheet. The trade-off is that Firefish does not provide the kind of full-service product (open credit line, instant repayment, USD rails, mobile app, customer support staff) that mature custodial platforms do. For Bitcoin holders whose first question is 'where is my collateral right now?', Firefish has a structurally better answer.
Is Firefish regulated?
Yes. Firefish is registered under the EU's Markets in Crypto-Assets Regulation (MiCA) and listed in the ESMA Interim Register of Crypto-Asset Service Providers. This obliges KYC on borrowers and investors, EU-level consumer protections, and reporting under MiCA. The regulatory layer is on top of the protocol-level security guarantees, not a substitute for them.
Does Firefish require KYC?
Yes. As a MiCA-registered Crypto-Asset Service Provider, Firefish is required to perform identity verification on every borrower and investor. If you specifically need a no-KYC option, see our /best-no-kyc-crypto-loans/ comparison — DeFi protocols like Aave are the structural fit there, with the trade-off that you take on smart-contract risk instead.
Sources
Compare and dig deeper
Firefish full review
Rates, LTV, custody model, pros and cons in one place.
Our methodology
How we score crypto lenders across rates, security, features, and transparency.
Best CeFi crypto loans
Side-by-side comparison of the safer centralised lenders we cover.
How crypto lending works
Custody models, rehypothecation, proof of reserves — the safety language explained.