Risks & disclosures
The main risks users and integrators should understand.
Smart contract risk
Any DeFi protocol involves smart contract risk. Even audited code can have unknown vulnerabilities.
Cross-chain risk
Cross-chain operations add additional risk surfaces, including messaging assumptions and bridge dependencies.
Market risk
Price movements, volatility, and liquidity conditions can affect execution outcomes.
Operational risk
Network congestion, chain outages, and RPC issues can delay completion or cause failures that require retry/cleanup.
Off-chain trust
Deposits sit in per-asset ERC-4626 vaults; the vault itself holds the tokens, and same-chain
realized PnL is derived from on-chain settlement events (no key can move it). The one place
off-chain trust remains is a narrowly-bounded PNL_REPORTER_ROLE, used only to value capital
currently deployed cross-chain (in-flight, before the bridge/message finalizes): its reports are
rate-clamped per epoch, losses are recognized immediately from events, gains vest over the epoch,
and any over-report is clawed back at reconciliation against the real settlement amount. A
GUARDIAN_ROLE can pause/veto (but not unpause alone) and a timelock'd multisig holds
UPGRADER_ROLE. See Non-custodial design for the full breakdown of what each role can and
cannot do.
No guarantees
Nothing in these docs is financial advice. Returns are not guaranteed.