Security & Operations
Ownership
Timelocked multisig for parameters; no access to treasury withdrawals except keeper stream as coded.
Renounce trade-sensitive powers post-launch once parameters stabilize.
Protections
MEV mitigation: use private relays for sweeps; randomize batch sizes.
Oracle hardening: median of venues; TWAP + outlier rejection.
Circuit breakers: halt buys if floor drops >
dropLimitBpsintra-window; resume after window reset.Allowlist marketplaces: code-level adapter list only.
Audits
Third-party audit before mainnet tax activation.
Public test coverage with invariant tests (vault conservation, buy constraints, burn irreversibility).
Last updated