Trust & Safety

Risks

Protocol risk, system safeguards, and honest unknowns

TL;DR

Every DeFi product carries risk. Tasmil's risks fall into three categories: protocol risk (the DeFi protocols we depend on), system risk (our own engine), and unknowns (external factors no one controls). This page is an honest accounting — not a disclaimer to skip.

Protocol Risk

Tasmil deploys into third-party protocols. Each carries its own risk:

ProtocolPrimary RiskMitigation
BlendSmart contract exploit in lending poolsBlend is audited; Tasmil's strategy contracts only call known functions
SoroswapImpermanent loss in LP poolsEngine monitors IL; can rebalance away if IL exceeds thresholds
AquariusPool manipulation / oracle attacksOn-chain TVL reads bypass API-oracle risks
PhoenixSmart contract exploit in DEX poolsPhoenix is audited; limited allocation in all presets

Protocol risk is not Tasmil-specific. If Blend's contracts are exploited, anyone supplying to Blend — through Tasmil or directly — is affected. Tasmil cannot prevent third-party protocol exploits.

System Safeguards

The rebalance engine has these automatic safety brakes:

SafeguardWhat Triggers ItWhat Happens
3-failure halt3 consecutive rebalance failuresVault status -> HALTED. Manual review required to reactivate.
TVL-drop halt>15% drop in total vault value in one cycleSame vault halted. Protects against cascading issues.
Daily rebalance cap48 rebalances in 24 hoursNo further rebalances until the counter resets.
Cooldown<30 min since last rebalanceEngine waits. Prevents thrashing.
Deploy ratioPreset-defined (Safe: 50%, Balanced: 85%, Aggressive: 100%)Cash buffer protects against withdrawal demand at less cost

Honest Unknowns

Some risks are external and unpredictable:

  • Stellar network congestion. During high traffic, transactions may take longer to confirm. The engine retries; if a transaction is stuck beyond the Soroban TTL, it expires and the engine picks up on the next cycle.
  • USDC depeg. If USDC loses its dollar peg, USD-denominated TVL is affected. Tasmil does not control USDC's stability.
  • Bridge finality. Cross-chain bridges (used by Aggregate) depend on external validators. Bridge failures are outside Tasmil's control.
  • Regulatory risk. Changes in DeFi regulation in relevant jurisdictions could affect protocol availability.

If you spot a vulnerability, report it: see Privacy & Disclosure.

On this page