Skip to main content

Permissions + Threat Notes

  • Privileged actions should be owned by a multisig with clear operational SOPs.
  • Backend signer key compromise is a critical risk; treat it as production-tier secret.
  • Oracle manipulation impacts pricing and graduation thresholds; use robust sources and sanity checks.
  • If pause or emergency withdrawals exist, document the conditions and audit trails.