Safety
The safety of your funds is our number one priority. While this might sometimes limit what you can do, through liquidations or asset whitelisting for example, a stronger focus on the safety of protocols is exactly what this space needs right now. That being said: while the team makes every effort to ensure protocol safety, protocol risks are existent in every single protocol. The below mentioned safety measures are put in place to mitigate this risk as much as possible. Should you, in spite of our rigorous testing and professional audits, find any possible vulnerabilities in our codebase, we urge you to reach out to us at: https://discord.gg/9bwsnsHEzD
DeltaPrime uses liquidations to protect deposited funds. The ability to provide people with up to 5 times their collateral for multiple DeFi investments, while protecting borrowed assets from being lost, is unique to DeltaPrime. In addition to liquidations, the protocol has several other safety measures in place to protect the funds of depositors and borrowers alike.
To protect borrowers from some simple mistakes, DeltaPrime reverts every transaction that would result in surpassing the solvency limit. For example: if you try to swap all your AVAX for PNG, and that would result in a negative health-meter, the transaction will not complete. The alternative scenario would be immediate liquidation, which is good for nobody.
Additionally, borrowing can be done down to a minimum of 10% health. This is done in order to prevent rapid price swings immediately liquidating your newly borrowed position.
Every Prime Account is a dedicated contract deployed to a blockchain. That is why the insolvency of one account does not affect the insolvency of others. Funds and debts are separated, mitigating the risk of cascade insolvency (account with bad debt affecting others). At the same time, this approach simplifies the accountancy and liquidation mechanism.
Borrowers have sole control over the assets they borrow. To make sure they don't put their borrowed assets in a high-risk protocol, there is a certain level of gatekeeping in the Prime Account. By only allowing audited protocols to be used, protocol risk is severely reduced. When DeltaPrime becomes a DAO, the community will decide on which protocols to integrate. While we are building towards the DAO, DeltaPrime's developer team will be making these decisions. Next to announcing new protocols on our socials, every integrated protocol will also be visible at least 7 days before the actual integration in the integrated protocols list.
To protect borrowed funds from default, DeltaPrime launches with a restricted number of assets with borrowing power. Before integration, we make sure that every token with borrowing power is:
- 1.Liquid
- 2.Stable
- 3.Protected from DEX price manipulation
Tokens with borrowing power on DeltaPrime have at least one million dollars worth of liquidity, at the time of integration.
As exploits on liquidity protocols tend to happen through the manipulation of DEX prices, having enough liquidity in the integrated DEX is an important layer of defense. Inflating the price of a token with one million dollars is significantly harder, than inflating a token with one hundred dollars.
Additionally having a liquid token protects borrowers and liquidators from slippage. AMMs are based on supply and demand. Whenever you swap a token, you increase the supply of that token, while simultaneously decreasing the demand. Because this influences the price during your swap, you end up with fewer tokens than you might have expected: Slippage. The impact your trade has on the supply/demand ratio is based on how big of a swap you are making, compared to the liquidity in the pool. In doing so, swapping liquid tokens as opposed to illiquid tokens, leads to better capital efficiency for you as a borrower, and for liquidators redeeming their liquidation bonus.
Tokens with borrowing power on DeltaPrime have not had any price changes over 5% within a 30-second period in the last 365 days or during important market up- and downturns.
Multiple liquidation bots, set up by DeltaPrime and active community members, protect borrowed value from being lost through liquidations. In order to timely liquidate these positions, it is important that the assets acting as collateral don't have a history of price spikes. For tokens with 5x borrowing power, liquidation is always profitable as long as prices change within a 16.66% margin within a 30-second interval. The 5% maximum historical price change is set to ensure enough price stability for liquidation bots to execute on time, even if a token becomes three times as volatile as during its worst moments. For sake of comparison: Would UST be integrated with 5x leverage during the 2022 depeg, liquidation bots would have successfully liquidated all positions.
If despite these strict measures a token's price spikes over 16.66%, DeltaPrime's liquidation bots will liquidate immediately, even if at a loss.
Tokens with borrowing power on DeltaPrime are not price-dependent on the exchanges integrated into DeltaPrime.
While liquidity in the DEX is an important layer of defense against price manipulation, the introduction of flash loans (and whales existing) in web3 allows users to move large sums of money in and out of DEXs. Because of this, prices of tokens integrated into DeltaPrime are not solely dependent on their AMMs. Instead, for an asset to be integrated into DeltaPrime, it needs additional fair price-protection measures. Think for example about using multiple oracle price data sources from RedStone, or ensuring that at least one of the data sources for the price comes from a centralized exchange. Should the AMM price, differ more than 3% (excluding slippage) from the oracle price, the action is reverted.
To prevent DeltaPrime from being fully reliant on the oracle giving accurate price data feeds, the withdrawal guard is put in place. In other liquidity protocols, if you can successfully manipulate the (perceived) prices of a token, you can borrow and withdraw the rest of the liquidity on that platform, creating bad debt for the liquidity protocol in the process. A "highly profitable trading strategy".
DeltaPrime's withdrawal guard is the last line of defense against such an attack. By only allowing withdrawals when the Prime Account owns the nominal number of tokens indebted to the protocol, inflating the "value" of a token becomes futile.
Example:
Jane has deposited $30 USDC and borrowed 10 AVAX worth $10 each. All other security measures fail, and Jane manages to trick DeltaPrime into believing one AVAX is worth $0. Jane expects she can withdraw all borrowed AVAX (valued $100), as her debt seems to be $0. Theoretically, she could repay her borrowed amount, right?
The withdrawal guard kicks in: Jane tries to withdraw her borrowed AVAX and sees a message popping up: She needs to keep 10 nominal AVAX in her Prime Account in order to withdraw any funds. Jane borrows more, swaps, LPs and farms away, but until she has the nominal amount of tokens equal to the tokens borrowed, there is no way she can withdraw. She can only withdraw when the protocol is sure that she can repay her debt. Not theoretically, the exact funds should be there.
The withdrawal guard is a powerful tool that protects the protocol from bad debt, even in black swan events. We understand that this manual disassembling of your carefully created portfolio can feel restrictive, and are actively looking into solutions like a flash-repay function, which would automate this process for you.
The borrowing power represents how much of this token's value you can borrow against $1 collateral. A borrowing power of 5x means that for every dollar you deposit you can theoretically borrow up to $5 of that same token; a borrowing power of 0x means that you can't borrow against this token. DeltaPrime being cross-margin, means that you get a "mean borrowing power" depending on your full portfolio. To read more about how this is calculated, please check the Health section.
At launch, every included token will have a defined maximum borrowing power based on its current liquidity, stability, and additional manipulation prevention measures available. Six tokens will have 5x borrowing power and three tokens have 0x borrowing power. In the future, new tokens can have different borrowing powers, and existing tokens might change their borrowing power, depending on their risks. This token-specific borrowing power allows DeltaPrime to safely scale its available tokens.
DeltaPrime uses price feeds from an oracle, enabling us to calculate the price from multiple independent price sources. In the past, existing liquidity protocols have often been a target of price manipulation by affecting liquidity on AMMs. In DeltaPrime, every evaluation of assets is based on data from an oracle. This ensures that solvency checks of accounts are based on real-world data and protects depositors from losing funds due to price manipulation. To guarantee that price feeds are always up-to-date, DeltaPrime uses the RedStone oracle that offers a 10-second update interval. Numerous times faster than the current industry standard.
As DeltaPrime scales, stability pools will be introduced. As an investor you will be able to provide DeltaPrime's first line of defense while farming liquidation bonuses. Until then, DeltaPrime will only allow the integration of the strictest of protocols and tokens, while simultaneously having the team run liquidation bots, willing to liquidate at a loss if necessary.
A timelock is an enforced period of time code submissions have to pass, before they are updated in the code itself. Timelocks protect users from unexpected changes in code, yet they also restrict developers in potential crucial code updates, should the need arise. Because of this, DeltaPrime has a progressive timelock period.
During the alpha version, which ran from March 2022 until January 2023, there was no timelock, allowing developers to immediately push necessary updates.
Starting at launch, on January 10th, 2023, a 24-hour timelock will be implemented with every integration. This will allow users to adapt their Prime Account or deposited funds to the submitted changes in a 24 hour period prior to code update.
When DeltaPrime has rooted at a yet-to-specify date, the 24-hour timelock will be upgraded to a 72-hour timelock.
This document will be updated with the exact place where you will be able to see code submissions.
Additionally to the timelock, every code upgrade must be approved by 2/3 of DeltaPrime's core team. This will be enforced through a multisignature contract which only allows code upgrades when 2 out of 3 core team members have signed the upgrade with their ledger. This is put in place as an extra security measure, preventing a rogue dev from pushing unauthorized code.
Currently, four audits have been performed: two by leading auditing company PeckShield; another by independent auditor Piotr Szlachcia and a last one by Chainsulting. As DeltaPrime develops, additional audits will be performed to provide maximum security.
You can find all audits on our GitHub below.
Last modified 2mo ago