Skip to main content

Access control

Swaap Earn is committed to minimizing trust and ensuring security. It does this with a mix of on-chain safeguards and DAO governance:

Governance Layer: The DAO multisig holds power over key protocol functions. It keeps them aligned with user interests. Key governance actions include:

  • Vault initiation
  • Yield source and asset whitelisting
  • Modification of strategist permissions

Smart Contract Safeguards: The smart contract has strict rebalancing parameters. The DAO controls them. They safeguard against mismanagement and ensure strategies align with user interests:

  • On-chain data feeds compare asset values before and after an operation. They do this to prevent big losses by sticking to set thresholds.

  • The share lock period is set at 24 hours by default. It stops bad users from exploiting the vault by joining and exiting rapidly. It thwarts sandwich or flashloan attacks that use inaccurate oracles in the same block.

  • The strategist can't move funds to its addresses. Operations such as loans, borrows, or market-making directly give ownership to the vault contract. There is no bypass mechanism.

Strategist Action Controls: Each adaptor has distinct controls. They stop strategists from taking value improperly. For example:

  • Swaap Maker: Strategists can only join vetted pools through proportional joins. This prevents unfair pre-join trading.

  • AAVE: Adaptors enforce a minimum health factor above 1. This stops the strategist from dropping the vault's health factor below 1 to profit from liquidations.

  • 1inch, Paraswap, Odos: Chainlink price feeds compare token values for each trade to ensure fair exchanges. They do this within set thresholds. Additionally, the strategist faces a cap on swap volume. The cap is within a defined time, which curbs potential exploitation.

These measures reinforce Swaap Earn against exploitation. They foster a trust-minimized ecosystem for all.