Skip to content

Why OpenPendle

Pendle V2 is a permissionless protocol, but the way most people reach it is not. This page makes the case for OpenPendle: why a large, fully on-chain part of Pendle has no first-class interface, why a backend-free and self-hostable frontend is the right tool for that gap, and who benefits from it. If you want a plain description of what the app does, read What is OpenPendle first; this page is the argument for why it should exist at all.

Experimental — use at your own risk

Everything below is about reaching permissionless community pools — markets anyone can create, that no one has vetted. OpenPendle verifies a market's provenance; it cannot vouch for the asset or SY contract underneath, and a provenance-valid market can still wrap a broken, malicious, or exotic asset. Community pools are unreviewed, and interacting with them can lose you funds. Read Risks & disclosures before you transact. Not affiliated with Pendle Finance.

The permissionless thesis

Pendle V2 lets anyone deploy a yield market for any compatible yield-bearing asset. There is no whitelist, no application, and no approval step — the factory contracts simply allow it. The right to create a market is baked into the protocol, not granted by a team. That is what "permissionless" means here, and it is not a slogan: the market-creation path is a public function on a deployed contract, callable by any address that pays the gas.

This produces a spectrum of markets, not a catalog. On one end sit the large, well-known assets a team chose to feature. On the other end sits a long tail: markets for newer assets, smaller assets, experimental wrappers, and everything a listing process has not gotten to — or has decided not to carry. Every one of these is equally real on-chain. The tokens mint, the AMM quotes, the router routes, and maturity settles, whether or not any particular app renders the market.

Pendle's own official app surfaces a curated, team-listed subset of that spectrum. Curation is a reasonable choice for a flagship app — it concentrates liquidity, reduces the surface a support team must stand behind, and spares most users the sharp edges of unreviewed assets. But curation is, by definition, exclusion. The markets outside the listed subset are not broken or lesser; they are simply not carried. They remain fully tradeable and completely unreachable through a purpose-built UI.

That is the gap. A market can be:

  • On-chain and live — the PendleMarket contract exists, holds liquidity, and settles at maturity;
  • Fully permissionless — created without anyone's approval;
  • and yet have no first-class interface — nothing that renders its trust panel, quotes its swaps, or walks you through minting, providing liquidity, and redeeming.

To reach such a market without a dedicated frontend, you would be assembling raw calls to Pendle's router by hand, reading token addresses out of a block explorer, and computing your own expected outputs. That is a high bar, and it is a bar the listed markets do not impose. The asymmetry is the whole point: the protocol is open to everyone, but the tooling has been open to a subset.

OpenPendle exists to serve the tail. Paste any Pendle V2 market address, on any of the six supported networks, and it renders the pool and its actions the same way a flagship app renders a listed one — no listing, no curator, no gatekeeper in between. It does not compete with curation; it covers what curation leaves out.

The dashed edge is deliberate: OpenPendle can load a listed market too — a listed market is still just an address. It is simply the only purpose-built way to reach the unlisted ones.

Official Pendle app vs OpenPendle

The two are not rivals; they answer different questions. The official app answers "what has the team curated for me?" OpenPendle answers "let me reach any market I can name, and judge it myself." The table below contrasts what each is for — not which is "better," because the honest answer is that most people should start with the curated app and reach for OpenPendle only when they have a specific, unlisted market in mind.

Official Pendle appOpenPendle
Operated byPendle Financeggmxbt — independent, not affiliated with Pendle
What it is forDiscovering and using the curated, team-listed marketsReaching any Pendle V2 market by address — the long tail curation leaves out
Market coverageThe listed subsetAny market that clears the provenance gate, listed or not
How you find a marketBrowse a curated listPaste an address, or open one from your local saved-pools registry
Curation / reviewTeam-listed; a listing decision stands behind each marketNone by design — no listing, no review; loadable ≠ endorsed
Discovery / searchRich discovery of featured marketsNo global directory; you arrive with an address you already have
Native PENDLE gauge emissions & vePENDLE votingAvailable on team-listed marketsNot available — community pools are ineligible; extra rewards come via Merkl
BackendConventional web stackNone — no server, database, indexer, accounts, tracking, or analytics
Data sourceApp's own infrastructurePublic RPC you point at (reads); DefiLlama + CoinGecko for the header stats ticker only
HostingOperated by the teamStatic + hash-routed — self-hostable on any host or IPFS
Fees added by the interfaceSee Pendle's own termsNone of its own — Pendle's protocol fees still apply, enforced by Pendle's contracts
Best whenYou want a vetted, featured market with the deepest liquidityYou have a specific unlisted market in mind and will do your own diligence

Two rows deserve emphasis. First, incentives: community pools are not eligible for native PENDLE gauge emissions or vePENDLE voting — those are reserved for team-listed markets. A community pool's only route to extra rewards is a Merkl campaign its creator sets up. That is a real, structural difference in the economics of an unlisted pool, not a UI detail. See Community pools & incentives and Incentivizing with Merkl.

Second, curation vs review: the official app's listing is a signal — a team chose to carry that market. OpenPendle offers no such signal, on purpose. Its provenance gate confirms a market is a genuine Pendle deployment; it says nothing about whether the asset is safe. The absence of a listing is a feature of reach and a cost in assurance, and you should treat it that way.

Why backend-free and self-hostable matter

A frontend for a permissionless protocol should be as hard to take away as the protocol itself. If the interface can be switched off, filtered, or quietly altered by whoever runs the server, then the protocol's permissionlessness stops one layer short of the user. OpenPendle's architecture is a direct answer to that problem. The mechanics are covered in How OpenPendle works; here is why they are worth the constraints they impose.

Censorship resistance

There is no server between you and Pendle's contracts, so there is no server that can decide which markets you may see or use. OpenPendle reads market state directly from the chain through public RPC endpoints, and it connects to your wallet directly — injected-only, with no WalletConnect and no third-party relay. The set of markets you can reach is determined by what exists on-chain and passes the provenance gate, not by an allow-list a host maintains.

Because the app is a static site with hash-based routing (URLs look like openpendle.com/#/...), it needs no server rewrite rules and runs anywhere static files can be served — including IPFS. If any single deployment becomes unavailable, the same build can be hosted elsewhere by anyone, and it behaves identically. A frontend you can copy and rehost is far harder to censor than one that lives at exactly one address someone else controls.

The Content-Security-Policy reinforces this posture: script-src 'self' 'wasm-unsafe-eval' blocks JavaScript eval() and Function, permitting only WebAssembly (used for cryptography), and fonts are self-hosted so there are zero external font requests. The only outbound requests are the blockchain RPCs you point it at — plus, for the header stats ticker alone, Pendle metrics from the DefiLlama and CoinGecko public APIs. Fewer external dependencies means fewer parties who can interfere with, observe, or break the interface.

Longevity

Backends rot. Servers need funding, credentials expire, databases need migration, and indexers drift out of sync with the chain. A frontend that depends on all of that has a lifespan bounded by whoever keeps the lights on. OpenPendle has no server, no database, no indexer, and no accounts to maintain — it is a bundle of static files that reads a public blockchain. As long as the chain is live, a public RPC exists, and someone is serving the files, the app works. That is a dramatically longer and more resilient lifespan, and it does not depend on the original author staying involved.

Self-hosting is what makes this concrete. Because anyone can host a copy, the interface's survival is not tied to a single operator's continued attention or ability to pay a bill. The build outlives its deployment. If you care about being able to exit a long-dated position years from now — after maturity, PT is still redeemable and an LP position can still be exited (see Maturity & redemption) — an interface with no perishable backend is the safer bet for still being usable when you need it.

Trust minimization

The less the interface can do, the less you have to trust it. OpenPendle is built so that the honest answer to "what could this frontend do to my funds?" is "almost nothing":

  • It ships no smart contracts of its own. It calls Pendle's already-deployed contracts with hand-written ABIs. There is no OpenPendle contract in the path of your funds.
  • It is non-custodial. It never holds your keys or your assets. Every transaction is signed in your own wallet, and the app can move nothing on your behalf.
  • Approvals are exact-amount. Token approvals are scoped to the precise amount of the current action — never unlimited — so what any contract can pull from your wallet is limited to what that single transaction needs.
  • Every transaction is simulated before you sign. You see the expected outcome against the live chain before committing gas, so a failing action is caught before it costs you.
  • It takes no fee of its own. OpenPendle adds nothing on top of a trade; Pendle's own protocol fees still apply, charged and enforced by Pendle's contracts, not by this interface.
  • It is open source, GPL-3.0-or-later. The exact code you run is public and auditable — a claim a closed frontend cannot make. Verify contract addresses independently against pendle-finance/pendle-core-v2-public.

Trust minimization is not the same as safety. It narrows what the interface can do to you; it does nothing about what the asset or SY underneath a community pool can do to you. Those are separate risks, and the second one is entirely on you to assess.

The provenance gate validates; it does not endorse

Before you can save or transact against a market, OpenPendle checks that it was created by a Pendle factory it recognizes. Because Pendle's factories are governance-mutable, the active factory is resolved live at runtime; the hardcoded factory set is used only for this provenance check. This proves the market descends from a genuine Pendle factory and is not a look-alike contract. It proves nothing about whether the wrapped asset is solvent or the SY is well-behaved.

Who it is for

OpenPendle is a specialist tool for people who have a reason to step outside the curated set. It is deliberately not the easiest way to start with Pendle — the official app is. You are likely to want OpenPendle if you are one of the following:

  • Someone with a specific unlisted market in mind. You already have a market address — from the pool's creator, a shared ?import= link, or your own research — and you want a real interface for it instead of raw router calls.
  • A pool creator. You want to permissionlessly deploy a community pool (and, optionally, the SY it wraps) in a single transaction, then have a usable surface to trade, seed, and share it. See Create: overview and Deploying the market.
  • A liquidity provider chasing the tail. You are comfortable diligencing an unreviewed asset and want to provide liquidity where the curated app does not reach — accepting that rewards, if any, come through Merkl rather than native gauge emissions.
  • Someone who wants a censorship-resistant, self-hostable frontend. You would rather run a copy of the interface yourself — on your own host or over IPFS — than depend on any single operator staying online. See Self-hosting.
  • A privacy-conscious user. You want an interface with no accounts, no tracking, and no analytics, where the pools you save and any custom RPCs stay in your own browser and nothing leaves it unless you export or share.

If you are new to Pendle, or you just want the deepest liquidity on a well-known asset, the curated app is the better starting point — and reading How Pendle works first will make either interface far easier to use. OpenPendle assumes you can already tell a good market from a bad one.

Loadable is not endorsed

This is the single most important thing to internalize about why OpenPendle works the way it does. The absence of a listing is the entire point of the tool — and it is also the entire risk.

A market loading in OpenPendle means one thing: it is a genuine Pendle V2 deployment that cleared the provenance gate. It does not mean anyone reviewed it, that the underlying asset is sound, that the SY behaves correctly, or that the pool is worth your money. There is no whitelist here, no curator, and no team standing behind any particular market — by design.

Loadable ≠ endorsed

OpenPendle validates market provenance, not the asset or SY beneath it. A provenance-valid market can still wrap a malicious, broken, or exotic asset and lose you everything you put in. Community pools are permissionless and unreviewed — anyone can create one, and interacting with them can lose you funds. Read the trust panel on every pool, do your own diligence on the asset and the SY, and never interact with a market unless you trust whoever created it and what it wraps. See Risks & disclosures and Community pools & incentives.

The trade is explicit and worth stating plainly: OpenPendle buys you reach — any market, no gatekeeper — at the cost of assurance — no listing, no review, no safety net. That is the right trade for the long tail, but only if you carry the diligence the curated app would otherwise carry for you.

Next

Released under the GPL-3.0 License. Not affiliated with Pendle Finance.