# Security

### 🧱 Non-Custodial by Design

Aspis Protocol is **entirely non-custodial**. Neither the Aspis team, the manager, nor any connected AI agent has direct access to user funds.\
All funds are securely stored in **on-chain smart contracts**, where the logic strictly defines what actions are allowed and under which conditions.

Users interact with their vaults via intuitive interfaces (including Telegram), but all transactions are ultimately executed **through permissioned smart contracts**. Managers do not control user wallets; they only propose transactions that must comply with pre-defined vault logic.

This means:

* No private key or admin control over pooled funds
* No backdoors or emergency withdrawal access
* Only vault contract logic can initiate asset movements

### ⚖️ Built-in Risk Controls

To ensure capital safety and compliance with strategy logic, Aspis vaults embed several layers of automated risk protection:

#### 1. **Asset Whitelisting**

Each vault can only interact with a pre-approved list of tokens and protocols. This prevents rug-pulls and malicious token behavior.

#### 2. **Delegated Execution**

Managers use delegated calls to instruct the vault to execute trades or rebalance strategies, but cannot directly withdraw or move funds. This preserves transparency and limits trust assumptions.

#### 3. **AI Assistant Boundaries**

The AI layer assists with transaction generation, analytics, and automation — but cannot execute any action without vault permission logic. Every step remains on-chain and verifiable.

### 🧩 Vault Smart Contract Architecture

Aspis Vaults are modular by design, ensuring clear separation of responsibilities and minimized attack surfaces. Each vault is governed by a **self-contained smart contract system** composed of:

#### 1. **Treasury Module**

* Securely holds all user-deposited assets
* Disallows any transfer of funds unless triggered through validated, rule-compliant actions
* Prevents direct withdrawals by managers, AI agents, or frontend interfaces

#### 2. **Shareholders Registry**

* Keeps track of LP token balances and ownership
* Calculates each investor's share and dynamically updates when funds are deposited or withdrawn
* Ensures proportional distribution of returns and voting power, if applicable

#### 3. **Operating Rules Engine**

* Contains the fund’s logic: risk settings, allowed assets, trading limits, fee structures
* Validates every execution request before funds are moved
* Supports performance fee logic, rebalancing strategies, voting mechanics, and other governance features

#### 4. **Execution Layer Interface**

* Accepts inputs from the AI assistant or the manager
* Passes execution instructions through rule validation
* Only allows actions that match the preconfigured Vault logic

#### 5. **External Security Integrations**

* **Oracles (Chainlink, RedStone):** Provide price feeds for asset valuation and liquidation rules
* **Smart Contract Monitoring:** Tracks abnormal patterns and emits alerts
* **Anti-Fraud Layer:** (planned) Detects manipulative behavior in trading or vault parameters
* **Compliance Checks:** Helps align vault behavior with legal and reputational best practices (especially for institutional-grade vaults)

<figure><img src="https://3400502967-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUXZtBjB3AgvwvPXMkn1h%2Fuploads%2FWm5r6e8LtMfG7SXdBpKg%2Fimage.png?alt=media&#x26;token=81214b7d-5450-4048-a759-8cb88cc2a5c9" alt=""><figcaption><p>Aspis Vaults Architecture in a nutshell</p></figcaption></figure>

### 🛡️ Oracle Security

Accurate pricing is essential to prevent manipulation, especially during liquidations or rebalancing. Aspis integrates **Chainlink oracles** to supply real-time, tamper-resistant market data.

These oracles:

* Provide decentralized price feeds for on-chain decision-making
* Enable accurate position valuation and liquidation logic
* Protect against front-running or spoofing attacks using off-chain APIs

### ✅ Audit & Verification

Our smart contracts have undergone professional security auditing and continuous internal testing. We also support:

* Transparent contract source code publishing
* Open community reporting via bug bounty programs
* Optional multisig-controlled upgrade mechanisms for selected modules

### ⚡ Summary

Aspis Protocol is built to minimize trust and maximize security:

* Smart contracts enforce all rules
* Funds cannot be accessed by managers, AI, or the team
* Risk is mitigated through oracles, whitelists, and delegated logic

This approach ensures **fully autonomous, transparent, and secure asset management**.

> "If it’s not on-chain and permissionless, it’s not truly decentralized."