Vulnerabilities and Risk Mitigation

Audit and Testing:

  • Any alteration in the vault's implementation could change its behavior, hence rigorous auditing and testing of new implementations are crucial to maintain security and functionality.


  • The vault owner can upgrade owned vaults to a new version via call to vault proxy admin that resides within the byte code of the vault. Each version encapsulates an immutable set of logics, thereby providing transparent control over user funds. But in case the vault’s new implementation is broken it is still possible to recover the vault via vault proxy admin. This structured approach ensures that the integrity and traceability of operations are maintained, fostering trust and clarity in the management of user assets.

Restricted Access:

  • Access control mechanisms are in place to ensure that only authorized accounts can perform certain operations, mitigating the risk of malicious activities.


Any function on the vault is either not exposed externally or has a modifier that restricts the addresses that can invoke it. The main modifier is the onlyOwnerOrVaultItself that is defined by the following logic:

Last updated