# Risk Disclosures

RAX Protocol involves multiple categories of risk that users should understand before interacting with the system or depositing capital.

***

#### Smart Contract Risk <a href="#id-06e71dc7-c02e-4554-a53d-f281df3ef0f3" id="id-06e71dc7-c02e-4554-a53d-f281df3ef0f3"></a>

The vault and strategy adapter contracts may contain bugs or vulnerabilities. While the contracts use audited OpenZeppelin libraries (Ownable2Step, ReentrancyGuard, Pausable, ERC4626, SafeERC20), the RAX-specific logic has not undergone a formal third-party audit at this stage. A formal audit is planned before mainnet deployment.

#### Strategy Risk <a href="#id-6bc3bdd3-c70b-4849-90d5-c827fcd3d89d" id="id-6bc3bdd3-c70b-4849-90d5-c827fcd3d89d"></a>

Capital deployed to external protocols (Aave, Compound, Uniswap V3, Aerodrome) inherits the risks of those protocols, including smart contract vulnerabilities, governance attacks, oracle failures, and liquidity events. RAX monitors these protocols but cannot prevent their failure.

#### Keeper Risk <a href="#b41e2df0-9802-4d9a-929a-7df09ccc9942" id="b41e2df0-9802-4d9a-929a-7df09ccc9942"></a>

The keeper wallet is a single point of execution. If the keeper private key is compromised, unauthorized rebalances could occur within the onlyKeeper constraint. If the keeper process stops, the vault cannot rebalance until it is restored, though deposits and withdrawals remain functional.

#### Model Risk <a href="#id-73937424-202a-4747-8532-a2fd0ec24ce3" id="id-73937424-202a-4747-8532-a2fd0ec24ce3"></a>

Risk scores are derived from models with assumptions that may not hold under extreme or unprecedented market conditions. Scores may underestimate risk during black swan events or novel attack vectors. Models are comparative, not predictive.

#### Liquidity Risk <a href="#id-6df937dd-2c60-42e4-9aad-4e99cebe0e18" id="id-6df937dd-2c60-42e4-9aad-4e99cebe0e18"></a>

Exiting positions in low-liquidity protocols may result in slippage or delayed withdrawal. The mandate's minimum liquidity threshold mitigates but does not eliminate this risk.

#### Testnet Status <a href="#id-54140e87-e0de-4d1b-ab18-bb4b874cc114" id="id-54140e87-e0de-4d1b-ab18-bb4b874cc114"></a>

The current deployment is on Base Sepolia testnet. Testnet tokens have no monetary value. System behavior on testnet may differ from mainnet conditions.

#### General Warning <a href="#b278f735-eadc-474f-b2d8-0ef13144080e" id="b278f735-eadc-474f-b2d8-0ef13144080e"></a>

Users should not deposit more capital than they can afford to lose entirely. RAX provides risk intelligence and decision support, not guarantees.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.raxprotocol.xyz/security/risk-disclosures.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.