Security

Security Architecture

LiquitX implements defense-in-depth security across multiple layers:

Smart Contract Security

Access Control

Role	Permissions	Holder
DEFAULT_ADMIN	Grant/revoke roles	Timelock
PAUSER	Pause/unpause contracts	Guardian multisig
UPGRADER	Upgrade proxy implementations	Timelock
RISK_ORACLE	Submit risk ratings	Risk Committee
MANAGER	Create funds, originate assets	Approved managers

Reentrancy Protection

All external calls follow the CEI (Checks-Effects-Interactions) pattern:

Additional Protections

ReentrancyGuard on all state-changing functions
No callbacks during token transfers
Flash loan prevention via same-block checks

Integer Safety

Solidity 0.8.x with built-in overflow protection
Safe math libraries for complex calculations
Rounding direction always favors the protocol (defensive)

Oracle Security

TWAP Implementation

Time-Weighted Average Prices prevent flash loan manipulation:

Operation	TWAP Window	Rationale
Trading/Swaps	Spot price	User expects immediate execution
Collateral valuation	30 minutes	Prevent manipulation for borrows
Liquidation trigger	1 hour	Prevent flash crashes causing cascades
Insurance claims	24 hours	Maximum manipulation resistance

Price Deviation Checks

Economic Security

Tranche-Based Protection

The Senior/Junior tranche system provides economic security:

Manager Alignment

Junior capital often from manager/affiliates
Management fees vest over fund lifetime
Performance tracked on-chain (reputation)

Liquidation Mechanics

Health factor monitoring: Continuous on-chain tracking
Gradual liquidation: Max 50% of position per liquidation
Dutch auction fallback: For illiquid positions
Insurance backstop: Protocol covers bad debt

Upgrade Security

Proxy Pattern

Storage Layout

ERC-7201 namespaced storage
No storage collisions possible
Append-only state variables

Upgrade Safeguards

Two-step upgrade: Initialize + upgrade separated
Storage gap in all base contracts
Automatic compatibility checks
Rollback capability (re-upgrade to previous)

Audit Status

Component	Auditor	Status
Core Contracts	TBD	Planned
AMM Engine	TBD	Planned
Lending Pool	TBD	Planned
Stablecoin Module	TBD	Planned

Bug Bounty Program

Severity	Description	Bounty
Critical	Direct fund loss, protocol insolvency	Up to $100,000
High	Theft of yield, oracle manipulation	Up to $25,000
Medium	Griefing, DoS, incorrect accounting	Up to $5,000
Low	Informational, best practices	Up to $1,000

Incident Response

Level	Status	Actions
1	MONITOR	Unusual activity detected, enhanced logging, team on standby
2	INVESTIGATE	Potential vulnerability, pause affected functions, forensic analysis
3	MITIGATE	Active exploit confirmed, full protocol pause, emergency governance
4	RECOVER	Threat neutralized, assess damage, compensation if needed, post-mortem

Communication Protocol

Internal alert (immediate)
Exchange notification (if relevant)
Public disclosure (within 24h of mitigation)
Detailed post-mortem (within 7 days)