Vaults 1.5 Risks

Potential Risks - Mitigated by a timelock

Sudden changing of Strategy (Increased risk / Risk of Rug)

It is crucial that each Vault has it's governance field set to a timelock.

This is because the Vault can change strategy, while there are checks to enforce that funds are migrated, changing the strategy can force depositors to take on more risk than expected.

As such any form of changing of strategy MUST happen under timelock

Before depositing, make sure that the governance is a timelock and that the timelock has at last 2 days before being executable

Slippage when moving funds during Pause

Pausing is a security precaution set in place to mitigate exploits or to reduce their impact.

To ensure that funds can be moved to a safe place, the function withdrawToVault can be executed even when the strategy is paused, this allows to move the funds from the Strategy to the Vault. This function could be subject to slippage (for example in a leveraged strategy) and suddenly moving funds could cause a loss of funds.

This is something that can happen during a rescue operation.

The risk of loss is mitigated by the fact that in a situation of pause withdrawToVault can be executed only once.

You should review the Strategy.sol function _withdrawAll and understand what it does in order to understand if the strategy could be subject to slippage.

Additional Findings from the Quantstamp Audit

Description: Smart contracts will often have owner variables to designate the person with special privileges to make modifications to the smart contract. The governance role, as setup during

initialization of the Vault contract, may perform the following privileged actions:

1. Appoint a new governance, by calling Vault.setGovernance() with the new address, or renounce this role, by setting it to an uncontrolled address, i.e. address(0)

   and thereby block all followingly listed actions for the future.

2. Appoint a new strategist or unset it, by calling Vault.setStrategist().

3. Appoint a new keeper or unset it, by calling Vault.setKeeper().

4. Appoint a new treasury or unset it, by calling Vault.setTreasury().

5. Change the strategy address or unset it, by calling Vault.setStrategy().

6. Modify the min state variable, by calling Vault.setMin().

7. Modify the maxWithdrawalFee state variable, by calling Vault.setMaxWithdrawalFee().

8. Modify the maxPerformanceFee state variable, by calling Vault.setMaxPerformanceFee().

9. Modify the maxManagementFee state variable, by calling Vault.setMaxManagementFee().

10. Change the guardian address or unset it, by calling Vault.setGuardian().

11. Change or unset the guestList, by calling Vault.setGuestList().

12. Change or unset the withdrawalFee, by calling Vault.setWithdrawalFee().

13. Change or unset the performanceFeeStrategist, by calling Vault.setPerformanceFeeStrategist().

14. Change or unset the performanceFeeGovernance, by calling Vault.setPerformanceFeeGovernance().

15. Change or unset the managementFee, by calling Vault.setManagementFee().

16. Withdraw all funds from the strategy to the vault, by calling Vault.withdrawToVault().

17. Withdraw all funds of a specific non-protected token from the strategy to himself. by calling Vault.sweepExtraToken().

18. Initiate the pause state, freezing most operations, by calling Vault.pause().

19. Transition into unpaused state, unfreezing most operations from the paused state, by calling Vault.unpause().

20. Freeze or unfreeze the ability to perform deposits, by calling Vault.pauseDeposits() or Vault.unpauseDeposits().

21. Send all available underlying tokens to the strategy, by calling Vault.earn().