9. Security & Risk Management

9.1. Smart Contract Security

Rigorous Audits:

• UST Protocol’s smart contracts undergo multiple rounds of audits by industry-leading security firms. Audit reports and remedial actions are made publicly available to ensure full transparency.

Bug Bounty Program:

• An incentivized bug bounty program encourages independent security researchers to identify vulnerabilities in the protocol, with rewards provided for verified findings.

Formal Verification:

• Critical modules—particularly those managing yield harvesting and the buyback/burn operations—are subject to formal verification, ensuring their mathematical correctness and robustness.

Fallback Mechanisms:

• Emergency protocols such as circuit breakers are embedded to protect user funds during periods of extreme market volatility or technical anomalies. In such events, Terra Classic Governance may trigger additional measures if needed.

9.2. Risk Management Strategies

Liquidity & Market Risk:

• The protocol allocates collateral only to low-risk, high-liquidity stablecoin-to-stablecoin pools. Continuous monitoring and automated yield adjustments help mitigate risks associated with market fluctuations.

Decentralization Risk:

• With USTD & UST Protocol fully integrated into Terra Classic L1 and governed by its decentralized community, risks associated with centralization are minimized. Multiple fallback mechanisms—such as overcollateralization and emergency governance protocols—further enhance resilience.

Emergency Protocols:

• Should unforeseen circumstances arise, pre-defined emergency mechanisms (e.g., temporary suspension of yield harvesting or a controlled redemption window) are activated via Terra Classic Governance, ensuring user funds remain secure.

Bridges:

• The biggest risk factor comes from utilizing cross-chain bridges, as these are a potential vector for hacks and exploits. We can minimize this risk by utilizing native cross-chain swap providers such as Mayan or Thorchain.

Gas/Tx Fees:

• During times of high traffic/network congestion, gas/transaction fees can get expensive and potentially eat into the yields. We can mitigate this by monitoring gas fees and hold moving funds until they have subsided to reasonable levels again.

Oracles:

• Oracles are used to monitor price feeds across markets. While generally safe, they can become an attack vector for hackers, where they exploit an Oracle so that it gives out inaccurate price data. We can minimise this risk by using multiple Oracles from different providers.