Security

Security in MORE Vaults relies on three layers that reinforce one another. First, the invariant core is small, battle‑tested, and upgrade‑gated by MORE DAO. Every share price calculation and fee transfer passes through this same code, so one audit covers all vaults. Second, modular facets isolate strategy risk. If a new module misbehaves the vault can mark it inactive without touching deposits or the accounting path, and the factory will refuse to add any facet whose bytecode is not already listed in one of the public registries. Finally, every privileged action, from a core upgrade to a strategy change or a fee adjustment, sits behind a timelock offering users the opportunity to withdraw or for a guardian to veto.

Operational safeguards complement the on‑chain design. The DAO funds yearly audits of the core and will soon offer a standing bug bounty. It publishes static‑analysis reports for each approved facet, oracle, and router. A security council can trigger a network‑wide pause in case of a critical vulnerability. Once paused, vaults accept no new deposits and no strategy calls, but withdrawals remain open so capital can exit safely.