Docs
  • ⭐What is StableUnit ?
  • ⚙️Technical Docs
    • System Overview
    • Stability
      • Stablecoin liquidity
    • Collateral
    • Liquidations
      • Async MEV-resistant liquidation module
    • Oracles
      • LP token pricing
    • Yield distribution
    • Circuit breaker
  • 🎙️Governance
    • StableUnit DAO
      • Types of voting
      • Voting delegation
    • NFT unlock conditions
  • 🪙Tokenomics
    • Tokenomics
  • 🛡️Risks and mitigation
    • General risks & mitigation
    • Risk Framework
      • Asset-Specific Insurance Funds in StableUnit
      • Collateral Risk Management
        • Collateral Risk Management Mandate
        • Risk Management of Candidate Collaterals
        • Risk Management of Active, Listed Collaterals
        • Qualitative and Quantitative Collateral Risk Rating
        • Comparison of Collateral Risk Framework vs Peers
        • Internal & External Collateral Risk Pricing
        • Collateral Risk Mitigation
        • Collateral Risk Transfer
      • Peg Stability Risk Management
      • Technical & Smart Contract Risk Management
        • Technical & Smart Contract Risk Mitigation
      • Insurance Fund
  • Extras
    • Comparisons with others
    • FAQ
    • Links
Powered by GitBook
On this page
  • Economic attacks
  • Security attacks
  1. Risks and mitigation

General risks & mitigation

Detailed methodology, risk transfer framework, and parameters to be added.

PreviousTokenomicsNextRisk Framework

Last updated 11 months ago

This chapter outlines the risks that might affect the StableUnit protocol and the stablecoin's peg, identified by the StableUnit core team.

Economic attacks

Flashloans

Flash loans are uncollateralized loans that are approved, executed, and paid back all in one transaction – all done via a self-executing smart contract. Common attack vectors are based on oracle price manipulation:

At the beginning of the transaction, an attacker borrows lots of token A, swaps it for token B by artificially increasing the price, borrows against the expensive collateral, and returns it back, while the system is unable to liquidate this bad position due to limited liquidity for asset A or B.

To mitigate this risk, the price is provided by our built-in oracle: it uses several sources of price information, and uses time-weighted average price for DEXs so that the price can’t be manipulated using flash loans. If one data provider reports a price that is drastically different from another, the guardian module sets a red flag notifying the core team and the DAO.

Large liquidity movements

Apart from flash loans, the price of the asset can be manipulated by large capital. As described on the , the oracle system monitors the price from several data sources, and in case of divergency, sets an alarm.

Security attacks

Smart-contract exploits

Audits of reputable companies and DAO member peer reviews are the first mitigation to smart contract exploits.

The protocol also uses a to limit the extent of losses from exploits to 15%.

Audits will be added to this page before launch.

Front-End exploits

The StableUnit core team only provides reference implementation of the front-end. Users can deploy their own front-end or access the protocol without it (i.e: through Etherscan).

Underlying infrastructure

StableUnit will ultimately be deployed on multiple chains and each chain has its own security risks, levels of decentralization or centralization, among other factors.

When interacting with StableUnit, always consider the risks related to the chain you’re transacting on.

Social engineering

Social engineering is a type of malicious attack that is enabled by human interaction. This risk is purely human as it needs the victim to provide the attacker with the information needed to access a system, for example. To mitigate this risk, nobody in the DAO or in the core team has access to the users' funds.

🛡️
oracle page
circuit breaker