Security & Risks

Approach to Security

Security in MORE Vaults relies on three layers that reinforce one another. First, the invariant core is small, battle‑tested, and upgrade‑gated by MORE DAO. Every share price calculation and fee transfer passes through this same code, so one audit covers all vaults. Second, modular facets isolate strategy risk. If a new module misbehaves a vault can be paused without touching deposited assets or the accounting path. Finally, every privileged action, from a core upgrade to a strategy change or a fee adjustment, sits behind a timelock offering users the opportunity to withdraw or for a Guardian to veto.

Operational safeguards complement the on‑chain design. The DAO funds yearly audits of the core and will soon offer a standing bug bounty. It publishes static analysis reports for each approved facet or oracle. The Security Council can trigger a network‑wide pause in case of a critical vulnerability. Once paused, vaults accept no new deposits, but withdrawal requests remain open so assets can exit safely.

Risks

Type of Risk
Description

Governance

Protocol governance changes risk parameters or fees or introduces backdoors

Technological

Smart contract risk due to a flawed integration

Technological

An unknown exploit in the vault core

Technological

Liquidations fail resulting in bad debt

Market

Bad debt accrues to deposits in the underlying protocol

Market

Unexpected shocks to lending or borrowing decreases yields

Market

High slippage due to lack of liquidity

Market

Lower fees when trading volumes subside

Market

Impermanent Loss

Market

Collateralization ratios of leveraged positions

Market

The redeemable value of points or rewards

Oracle

Assets are priced incorrectly

Last updated