# Security & Risks ## Approach to Security Security in MORE Vaults relies on three layers that reinforce one another. First, the invariant core is small, battle‑tested, and upgrade‑gated by MORE DAO. Every share price calculation and fee transfer passes through this same code, so one audit covers all vaults. Second, modular facets isolate strategy risk. If a new module misbehaves a vault can be paused without touching deposited assets or the accounting path. Finally, every privileged action, from a core upgrade to a strategy change or a fee adjustment, sits behind a timelock offering users the opportunity to withdraw or for a Guardian to veto. Operational safeguards complement the on‑chain design. The DAO funds yearly audits of the core and will soon offer a standing bug bounty. It publishes static analysis reports for each approved facet or oracle. The Security Council can trigger a network‑wide pause in case of a critical vulnerability. Once paused, vaults accept no new deposits, but withdrawal requests remain open so assets can exit safely. ## Risks | Type of Risk | Description | | ------------- | --------------------------------------------------------------------------- | | Governance | Protocol governance changes risk parameters or fees or introduces backdoors | | Technological | Smart contract risk due to a flawed integration | | Technological | An unknown exploit in the vault core | | Technological | Liquidations fail resulting in bad debt | | Market | Bad debt accrues to deposits in the underlying protocol | | Market | Unexpected shocks to lending or borrowing decreases yields | | Market | High slippage due to lack of liquidity | | Market | Lower fees when trading volumes subside | | Market | Impermanent Loss | | Market | Collateralization ratios of leveraged positions | | Market | The redeemable value of points or rewards | | Oracle | Assets are priced incorrectly |