✳️Risks

Smart Contract Risk

The protocol may contain smart contract vulnerabilities or bugs that could lead to asset loss or abnormal contract behavior.

Mitigation Measures

To minimize smart contract risks, we have implemented the following measures:

1. Professional Audit: All contracts have been audited by QuantStamp. (See the Audits section for more details.)

2. Emergency Pause Mechanism: The Engine and Staking contracts include halt and unhalt functions, allowing immediate suspension in the event of abnormalities to prevent further damage.

3. Multisig Governance: Admin privileges are controlled by a multi-signature wallet, requiring approvals from multiple parties to execute sensitive operations (e.g., parameter adjustments), enhancing governance security.

4. Bug Bounty Program: Upon open-sourcing the contracts, a bug bounty campaign will be launched to incentivize community-driven vulnerability discovery and reporting.

Bridge Risk

Current Strategy

• Bridge Selection:

  • We utilize decentralized bridges such as Stargate, USDT0, and Symbiosis to transfer USDT cross-chain.

  • Stargate and USDT0 are built on LayerZero, a leading cross-chain messaging protocol that enables lightweight interchain communication and is currently the most widely used bridge by transaction volume.

  • If slippage ≤ 0.1%, cross-chain transfers are conducted directly via decentralized bridges.

  • If slippage > 0.1%, OTC bridging is used in combination to minimize cost and preserve capital efficiency.

Key Risks

• Bridge Risk: Smart contract vulnerabilities or liquidity shortages in Stargate, USDT0, or Symbiosis may lead to asset loss or fund lockup.

• OTC Counterparty Risk: OTC trades are subject to credit and settlement risk.

Mitigation Measures

• Slippage Control: When slippage exceeds 0.1%, OTC bridging is used to stabilize execution and reduce cost.

• OTC Diversification: Multiple OTC providers are engaged to diversify counterparty risk.

• Bridge Optimization: We actively participate in testing and development of emerging cross-chain protocols on TON, such as ZetaChain. Once these alternatives reach maturity and security readiness, we will migrate to them to reduce OTC dependency.

External Protocol Risk

Deploying bridged USDT into third-party DeFi protocols introduces the following risks:

• Smart Contract Vulnerabilities: Flaws in the target protocol may result in loss or failure to withdraw assets.

• Liquidity Shortage: A sudden drop in TVL or pool depletion may cause excessive slippage or failed execution.

• Strategy Failure: Yield strategies may underperform due to market volatility, liquidation events, or protocol logic changes.

• Operational Disruption: Downtime caused by security incidents or protocol maintenance may render assets temporarily inaccessible.

To mitigate these risks, we apply a strict screening framework and diversify capital allocation across qualified blue-chip protocols to balance yield and security.

Screening Criteria

These criteria apply to protocols deployed outside the TON blockchain to ensure cross-chain deployments meet our standards for security, stability, and liquidity recovery.

1. Audit Requirements: Must be audited by ≥2 reputable firms (evaluated based on past audits, community reputation, and historical issues).

2. Operational Stability: Live on mainnet for ≥1 year with no major security breaches or outages.

3. TVL Threshold: Average TVL ≥ $200M over the past 12 months.

4. Strategy Risk:

   • High-risk strategies (e.g., leverage) are not allowed.

   • Strategies that may incur losses (e.g., impermanent loss) are excluded.

   • Redemption period ≤ 7 days to ensure short-term liquidity.

   • No more than 20% of the protocol’s total TVL may be allocated.

5. Emergency Preparedness: Must include contingency mechanisms such as risk reserves or sufficient revenue to cover losses.

6. Yield Benchmark: APR over the past month must be stable.

7. Blockchain Conditions:

   • No downtime in the past 12 months.

   • Round-trip cross-chain latency ≤ 7 days.

   • Target chain’s total DeFi TVL ≥ $1B.

8. Exception Policy: Protocols that do not fully meet the above criteria may still be considered if their design is robust, operations are stable, and yields are promising—subject to internal review. Exposure to such protocols is capped at 5% of total assets to balance innovation and risk control.

USDT Collateral Risk

Using USDT as 1:1 collateral introduces risks tied to centralization and fiat-backed reserves:

1. Custodial Risk: USDT reserves are held in regulated banks or trusts. These may be frozen due to legal actions or compliance enforcement.

2. Compliance & Freezing Risk: According to Tether’s terms, they may freeze addresses for regulatory or internal risk reasons.

3. Banking Dependency Risk: Tether’s reserves rely on traditional banking infrastructure, which can introduce systemic risk in the event of insolvency or regulatory action.

4. Depeg & Market Volatility: While generally pegged to USD, USDT has shown temporary deviations under stress (e.g., dropped to $0.95 during the Terra UST crash), affecting collateral value.

Mitigation Measures

• Multi-Collateral Support: Once the TON ecosystem supports additional stablecoins (e.g., USDC, USDe), the protocol will review and whitelist them as alternative collateral options to reduce issuer concentration risk.

Operational Security Risk

The protocol's fund operations are currently managed through a multi-signature wallet. While this maintains a reasonable level of security, there is still potential risk of signers being compromised or private keys being stolen.

Mitigation Measures

• All end-signers use cold wallets for transaction signing, reducing exposure to private key leaks and hot wallet attacks.

• The protocol is developing adapter contracts on each chain to restrict interactions to approved protocols and actions. These are governed by Safe Guard AI, which provides automated risk controls at the operational level. (See relevant section for implementation details.)