Using a GEB deployment and/or its associated stableasset doesn't come without risk. Before you decide to deposit your assets in the protocol or acquire H2O, you should do your research and understand the risks involved.
This section will only give an overview of the main risks associated with GEB. If you'd like to dive deeper, you can check out every module in the System Contracts section of the GEB documentation.
The core GEB contracts were audited by OpenZeppelin. Other helper contracts were audited by Quantstamp.
However, security audits do not completely eliminate smart contract risk. We urge you not to put your life savings or money you can't afford to lose into any GEB deployment or its associated stableasset.
A further security review is being made in collaboration with Halborn Inc.
The very first GEB deployment will need to be fully managed in its initial stages because of the risks tied to the PID controller managing the system as well as the need for more infrastructure to be built so the protocol can be automated.
Subsequent GEB deployments may or may not be governed, depending on whether the community will want to add more collateral types as time goes by.
While a GEB is fully managed/governed, almost all of its components can be upgraded and manually set up. Once it's governance minimized, only a few components can be upgraded and fewer parameters can be changed.
You can take a look at the Governance Minimization Guide to see what will need to be done so that a GEB can be governance minimized. Stay alert for more updates from the team regarding a timeline for H2O governance minimization.
Until most of the H2O protocol is governance minimized, initially, the protocol is managed by a multisig.
PID control is still a novel concept in DeFi. Only RAI has been managed by an on-chain controller and beyond that, there is no historical data that can help with the controller's modeling and simulations.
If the controller is too slow it may be completely ineffective in stabilizing H2O or other stableassets. If it's too strong, it may destabilize the system.
We’ve done our best to take advantage of the research and experience that has been generated with respect to the operation of the H2O stableasset.
Governance may set suboptimal parameters for:
- Debt auctions which can lead to an excessive amount of protocol tokens being printed.
- Collateral auctions which may not give a good enough incentive for bidding.
- Global Settlement which may delay SAFE processing and collateral redemption indefinitely.
There are many more parameters within the System Contracts which may be suboptimal.