Rhea Finance
  • Introduction
  • RHEA Finance White Paper
  • Genesis
  • Tokenomics
  • Governance
  • Community
  • Team
  • Getting Started
    • Setup Wallet
    • Using the Rainbow Bridge
    • Using the Platform
    • Buy REF Token
    • Staying Safe
  • RHEA Finance
    • Overview
      • Auto Router
      • Multi-chain Router
      • Pooling
      • Staking
      • RHEA V2 & DCL Pools
      • Aggregator Bridge
    • Guides
      • Lending & Borrowing
        • Audits & Risks
        • Supplying
        • Borrowing
        • APY
        • Health Factor
        • LP as Collateral
        • How Lending & Borrowing works
          • Health Factor
          • Interest Rate Model
          • Liquidations
          • Oracle
        • Step by Step Guide
      • Trade
        • Swap
        • Limit Orders
      • Liquidity Management
        • Classic Pools
        • Stable & Rated Pools
        • RHEA v2 Pools
      • Farming
      • Staking
      • Aggregator Bridge
      • RHEA Point System
  • SECURITY
    • Contracts
    • Guardians
    • Oracles
    • Audits
    • Bug Bounty
  • DEVELOPERS
    • CLI Trading
    • CLI Farming
    • RHEA SDK
  • SUPPORT
    • FAQ
    • Help
Powered by GitBook
On this page
  • Problem
  • Solution
  • Procedure
  • Prerequisite
  • Process

Was this helpful?

  1. SECURITY

Guardians

Protocol's pause control procedure

Problem

When issues arise (performance issue, critical bug, malicious attempts, etc.), it is important that Ref Finance has a plan to mitigate (i) the risks of contagion and (ii) the impact of such an event (including potential loss of funds).

Often, turning off the frontend/user interface is not good enough because it does not prevent bots from operating, for example.

Solution

The Guardians can be defined as specific NEAR addresses that have the privilege/ability to pause the main contract (v2.ref-finance.near). They are the key participants of a fail-safe procedure, being able to respond in the event of a specific type of failure.

Event/situation that can be defined as, but not limited to:

  • Ongoing attack and/or exploit

  • Critical bug identified in production (not yet exploited)

  • Release/Deployment causing a potential security vulnerability

Procedure

Prerequisite

The Guardians MUST know how to handle the NEAR Command-Line Interface (CLI).

Process

Process Owner: The Guardian

  1. Identify a situation that justifies pausing the contract (v2.ref-finance.near)

  2. Double check the facts/situation

  3. Inform the other Guardians

  4. Pause the contract (v2.ref-finance.near)

  5. Inform the Team and the DAO/owner of the contract (ref-finance.sputnik-dao.near)

  6. Inform the Community

  7. Identify the steps to reactivate the contract (v2.ref-finance.near)

Only the owner of the contract can reactivate it (v2.ref-finance.near)

Finally, anyone can see the list of the Guardians by calling the following view method via CLI:

near view v2.ref-finance.near metadata
PreviousContractsNextOracles

Last updated 9 months ago

Was this helpful?

More info:

https://github.com/ref-finance/ref-contracts/pull/50