Hopefully, you’ve heard of our new product, Rari Capital’s robo-advisor, that automatically rebalances deposited funds across the best-performing protocols and assets, bringing you the highest yield possible. Yet where there is profit, there is risk, and while earning money is important, keeping your money safe is paramount. This post will attempt to outline the potential risks that users have when depositing funds into Rari Capital, as we want to ensure complete transparency with you all.
There are a few zones of risk covering different levels of severity, with severity and probability working inversely. Meaning the most extreme of the possible cases, ones that could involve a loss of funds, are the least likely. For our product, the zones are: the EVM, integrated protocols, consumer side, and risk within the Rari protocol itself.
You may be focused on: what’s the worst case scenario? Currently, the most severe areas of risk are the EVM and integrated protocols. The EVM, or Ethereum Virtual Machine, runs the Ethereum blockchain. Because Rari is on this blockchain, if the EVM breaks, Rari will break. similarly, a hack or bug in our integrated protocols could lead to a loss of funds, but it’s more likely that a protocol would only temporarily return an incorrect yield, which wouldn’t incur fund loss.
When integrating new protocols, we also conduct a methodical and deliberate evaluation of the protocol’s safety. We ensure that our platform is not only maximizing returns but efficient with our risk trade-offs.
Inversely, the mildest risk is on the consumer end, where a browser or OS bug or hack may cause a temporary break in withdrawals. Unfortunately, there is the potential for a severe compromise in this area, which could lead to a loss of individual consumer funds. If this appears to be a serious issue, it can be solved with a downloadable client to access the fund.
Finally, there is risk with the Rari protocol itself. On the extreme end of the spectrum, a hack of the Rari admin contract keys, rebalancer code, or frontend could lead to a loss of funds. While a more relatively probable bug in the domain, code, or hosting could either briefly pause withdrawals or allocate funds incorrectly, without a loss of overall funds.
To counter these risks, specifically the risks of our protocol, we are looking into insurance to better our security and reduce the downside to a minimum.