Security & Governance

Protocol Invariants

These are the immutable mathematical guarantees that the protocol enforces. They cannot be broken regardless of market conditions, governance actions, or external factors.

Solvency Invariant

USDC Collateral ≥ (BEAR Supply + BULL Supply) × (CAP / 2)

The protocol always holds enough USDC to cover all outstanding tokens at maximum liability.

Redemption Invariant

1 BEAR + 1 BULL → 2 USDC (always)

A token pair must always be redeemable for 2 USDC, regardless of oracle state. The only exception is after settlement, when BEAR holders redeem directly.

Price Invariant

BEAR Price + BULL Price = $2.00

The theoretical prices derived from the oracle always sum to the CAP. One side's gain is exactly the other's loss.

Why this matters: Security isn't just about access control and input validation. These invariants mean the protocol math is structurally incapable of becoming insolvent or trapping user funds.

Access Control

The protocol uses a single owner role with the following permissions:

Can change:

• Yield adapter address (with timelock)

• Treasury address (with timelock)

• Pause/unpause the protocol

Cannot change:

• Token addresses (immutable)

• Oracle address (immutable)

• CAP value (immutable)

• Core mint/burn logic

Timelock

Critical governance actions require a 7-day timelock:

• Yield adapter migration

• Treasury address changes

This delay gives users time to react to proposed changes before they take effect. The timelock cannot be bypassed.

Emergency Procedures

Pause

The owner can pause the protocol immediately (no timelock). When paused:

Users can always exit their positions, even during emergencies.

Unpause

The owner can unpause to restore normal operation. If oracle price has reached CAP during pause, the protocol transitions to SETTLED instead.

Oracle Safety

The BasketOracle implements multiple safeguards:

• Staleness check: Rejects prices older than 8 hours

• Sequencer check: On L2s, verifies sequencer uptime before trusting prices

• Price bounds: Rejects values outside reasonable ranges

• Multi-feed aggregation: No single feed can manipulate the basket price

Flash Loan Protections

Routers that use flash loans/mints implement:

• Initiator validation: Only accepts callbacks initiated by the router itself

• Lender validation: Only accepts callbacks from expected flash lender

• Slippage caps: Maximum 1% slippage on Curve swaps to prevent MEV extraction

Risks

Oracle Risk

The protocol depends on Chainlink price feeds. Oracle manipulation or prolonged downtime could affect:

• Morpho collateral valuations (liquidation risk)

• Reward distribution calculations

• Settlement triggering

Mitigations: staleness checks, multi-feed aggregation, sequencer validation on L2.

Smart Contract Risk

As with any DeFi protocol, undiscovered bugs could lead to loss of funds.

Mitigations: formal invariant testing, comprehensive test coverage, [audit status if applicable].

Settlement Risk

If the oracle price reaches $2.00 (CAP), the protocol settles permanently:

• BEAR holders receive full value

• BULL holders receive nothing

This represents extreme USD devaluation—a tail risk, but not impossible.

Liquidation Risk

Leveraged positions via Morpho can be liquidated if collateral value drops relative to debt. Users should monitor health factors and understand liquidation thresholds before using leverage.

Curve Pool Dependency

BEAR liquidity and price discovery depend on the Curve USDC/plDXY-BEAR pool. Low liquidity could cause:

• Higher slippage on swaps

• Delayed arbitrage (prices diverge from theoretical value)

• Increased MEV extraction

Audits