Risk Disclosure

Important Notice

Please read this entire risk disclosure statement carefully before using the AlphaBot Protocol. The risks described below are not exhaustive. You should carefully consider whether participation in the Protocol is suitable for you in light of your financial situation, experience, and risk tolerance. Past performance does not guarantee future results. You may lose some or all of the assets you deposit.

1. Smart Contract Risk

1.1 Code Vulnerabilities

The Protocol is governed by smart contracts deployed on the Solana blockchain. Despite thorough testing, code review, and security auditing, smart contracts may contain undiscovered bugs, security vulnerabilities, or design flaws that could result in partial or total loss of deposited assets.

1.2 Audit Limitations

Security audits reduce but do not eliminate risk. Auditors may fail to identify certain vulnerabilities, and new attack vectors may be discovered after the audit is completed. An audit opinion is not a guarantee that the smart contracts are free from defects.

1.3 Upgrade Risk

The smart contracts may have an upgrade authority that allows modifications to the program logic. While this enables bug fixes and improvements, it also introduces the risk that changes could inadvertently introduce new vulnerabilities or alter the Protocol's behavior in unintended ways.

1.4 Composability Risk

The Protocol interacts with other on-chain programs (e.g., SPL Token program, Jupiter aggregator). Bugs or changes in these external programs could adversely affect the Protocol's operation, even if the Vault's own contracts function correctly.

2. Market Risk

2.1 Price Volatility

Digital assets are highly volatile. Declines of 50% or more in a single day are possible and have occurred historically. The value of Vault Tokens is directly tied to the Vault's Net Asset Value, which fluctuates with the market value of its holdings.

2.2 Whipsaw Risk

The Protocol's momentum-based strategy may generate frequent buy and sell signals during choppy or sideways markets, resulting in repeated small losses from trading fees and slippage that can erode NAV over time.

2.3 Regime Change Risk

The strategy's parameters were optimized on historical data. Fundamental changes in market structure, regulation, or participant behavior may render the strategy ineffective. Past performance does not predict future results.

2.4 Concentration Risk

The Protocol maintains a maximum of 3 positions at any time. This concentrated portfolio means that a significant adverse move in a single holding can have an outsized negative impact on the overall NAV.

2.5 Overfitting Risk

Strategy parameters optimized on historical data may not perform similarly in live markets. Out-of-sample performance may differ materially from backtested results.

2.6 Correlation Risk

During market stress events, correlations between crypto assets tend to increase dramatically. Diversification benefits may disappear precisely when they are most needed, resulting in larger drawdowns than historical analysis would suggest.

3. Automated Rebalancing Risk

3.1 Execution Gap

The automated rebalancing engine evaluates market conditions approximately every 2 hours. Significant price movements may occur between evaluation cycles, causing the portfolio to trade at materially different prices than intended.

3.2 Slippage and MEV

Rebalancing trades may suffer from slippage (difference between expected and executed price), market impact (the trade itself moving the price), and front-running or sandwich attacks by MEV (Maximal Extractable Value) bots that extract value from pending transactions.

3.3 Transaction Cost Drag

Each rebalancing trade incurs costs including Solana network fees, Jupiter swap fees, and slippage. Over time, these costs reduce NAV even in flat or modestly positive markets. The frequency of rebalancing directly impacts total cost drag.

4. Jupiter DEX Aggregator Dependency

4.1 Routing Risk

All swaps are executed through the Jupiter DEX aggregator. Jupiter routes trades across multiple Solana DEXes to find the best price. Bugs, downtime, or suboptimal routing in Jupiter could result in failed trades or unfavorable execution prices.

4.2 Liquidity Fragmentation

Jupiter aggregates liquidity from multiple sources, but the aggregate liquidity on Solana DEXes may be significantly lower than on centralized exchanges. Large trades may receive worse prices than expected, particularly for smaller-cap tokens in the universe.

5. Solana Network Risk

5.1 Network Downtime

The Solana blockchain has experienced periods of congestion and complete downtime. During such events, deposits, redemptions, and rebalancing operations may fail or be delayed indefinitely.

5.2 Congestion

During periods of high network activity, transaction fees may increase significantly and transactions may take longer to confirm or fail entirely. Time-sensitive rebalancing trades may not execute as intended.

5.3 Network Upgrades

Solana network upgrades or forks could disrupt Protocol operation, require smart contract modifications, or cause temporary or permanent incompatibility with the Protocol's programs.

5.4 Validator Risk

The Solana network relies on validators to process transactions. Validator misbehavior, centralization of stake, or coordinated attacks on the validator set could compromise the security and availability of the network.

6. Oracle and Data Feed Risk

6.1 Data Source Dependency

The Protocol's trading strategy relies on market data from Binance and fallback sources (CoinGecko, DeFiLlama). Inaccurate, delayed, or manipulated data could cause the strategy to make suboptimal or harmful trading decisions.

6.2 Price Manipulation

If the data sources used by the engine are manipulated (e.g., through wash trading or exchange-level manipulation), the strategy may enter positions based on false signals, resulting in losses.

6.3 NAV Accuracy

NAV calculations depend on accurate price feeds. During periods of extreme volatility or data source outages, the reported NAV may not reflect the true market value of the Vault's holdings. This could cause deposits or redemptions to occur at inaccurate prices.

7. Liquidity Risk

7.1 Redemption Liquidity

While redemptions are available at any time in principle, the Vault must sell holdings to fulfill redemption requests. During extreme market stress, DEX liquidity may be insufficient to execute sales at reasonable prices, resulting in delayed or partial redemptions.

7.2 Thin Markets

Some tokens in the Protocol's universe may have thin order book depth on Solana DEXes, even if they appear liquid on centralized exchanges. Large trades in these tokens may suffer significant slippage.

7.3 Run Risk

If a large number of users attempt to redeem simultaneously (a "bank run" scenario), the Vault may not be able to liquidate positions quickly enough to satisfy all requests without incurring significant losses from forced selling.

8. Regulatory and Legal Risk

8.1 Regulatory Uncertainty

The regulatory treatment of decentralized finance protocols, digital assets, and automated trading strategies is uncertain and rapidly evolving across all jurisdictions. New regulations could restrict or prohibit the Protocol's operation or your ability to use it.

8.2 Securities Classification

Vault Tokens could potentially be classified as securities under the laws of certain jurisdictions. Such classification could subject the Protocol to registration requirements, trading restrictions, or enforcement actions.

8.3 Geographic Restrictions

The Protocol is not available to residents or citizens of the United States or other restricted jurisdictions. Regulatory changes may expand the list of restricted jurisdictions, potentially affecting your ability to access the Protocol.

8.4 Enforcement Risk

Regulatory authorities may take enforcement actions against DeFi protocols, their operators, or their users. Such actions could result in the Protocol being shut down, assets being frozen, or users facing legal consequences.

9. Key Management and Custody Risk

9.1 Self-Custody

The Protocol is non-custodial. You are solely responsible for the security of your wallet private keys and seed phrases. Loss of your private keys means permanent, irreversible loss of access to your Vault Tokens and any underlying assets.

9.2 No Recovery

There is no password reset, account recovery, or customer support process that can restore access to a lost wallet. The Company has no ability to recover assets on your behalf.

9.3 Wallet Vulnerabilities

Third-party wallet software (Phantom, Solflare, etc.) may contain bugs or security vulnerabilities. Malicious browser extensions, phishing attacks, or compromised devices could result in unauthorized access to your wallet and loss of assets.

10. Protocol Governance and Centralization Risk

10.1 Centralized Components

In its current form, the Protocol has centralized components: strategy parameters are controlled by the team, the off-chain engine runs on centralized infrastructure (VPS), and smart contracts may have an upgrade authority. This introduces single points of failure and trust assumptions.

10.2 Key Person Risk

The Protocol is currently maintained by a small team. If key contributors become unavailable, incapacitated, or cease operations, the Protocol may not receive necessary updates, bug fixes, or strategy adjustments.

10.3 Admin Key Risk

Administrative keys that control the smart contracts (such as the vault authority or upgrade authority) could be compromised through hacking, social engineering, or insider threats. A compromised admin key could result in total loss of all Vault assets.

11. Fee-Related Risk

11.1 Fee Drag

The Protocol charges multiple fees that reduce net returns:

11.2 Negative Market Impact

In flat or declining markets, the 1% bonding curve transaction fees on each buy and sell reduce net returns. Short-term traders may experience negative returns solely from fee impact.

11.3 Hidden Costs

In addition to explicit Protocol fees, users bear implicit costs including Solana network transaction fees, DEX swap fees charged by liquidity providers, slippage from market impact, and potential MEV extraction by bots.

12. Counterparty and Dependency Risk

12.1 USDC Risk

The Protocol uses USDC as its base asset. USDC is a centralized stablecoin issued by Circle. A USDC depegging event, regulatory action against Circle, or blacklisting of the Vault's wallet address could result in significant losses.

12.2 Binance Data Dependency

The off-chain engine relies on Binance for market data. Binance API downtime, rate limiting, data errors, or discontinuation of service could impair the engine's ability to make accurate trading decisions.

12.3 Infrastructure Risk

The off-chain engine runs on centralized cloud infrastructure. Server failures, hosting provider outages, DNS issues, or DDoS attacks could prevent the engine from executing rebalancing trades, potentially leaving the portfolio exposed to adverse market movements.

13. Systemic and Black Swan Risk

13.1 Market-Wide Crashes

Systemic events affecting the entire crypto market (exchange collapses, stablecoin failures, major protocol exploits) could cause correlated losses across all Vault holdings simultaneously, overwhelming risk controls.

13.2 Circuit Breaker Limitations

The -15% circuit breaker halts trading during severe drawdowns, but it evaluates conditions only every 2 hours. In a flash crash scenario, the portfolio could fall well below -15% before the circuit breaker activates. Additional protections (-20% individual position force-exit, -25% portfolio-wide halt) have similar timing limitations.

13.3 Unprecedented Events

Risk models and backtests are based on historical data. Events without historical precedent ("black swans") can produce outcomes far worse than any backtested scenario. The Protocol cannot protect against risks that have never been observed or modeled.

14. Technology Risk

14.1 Software Bugs

The off-chain engine, data pipeline, and monitoring systems are software programs that may contain bugs. A bug in signal generation, position sizing, or trade execution could result in unintended trades or failure to trade when required.

14.2 Cryptographic Risk

The security of the Protocol depends on the strength of the cryptographic algorithms used by Solana (Ed25519, SHA-256). Advances in quantum computing or discovery of algorithmic weaknesses could compromise the security of the blockchain and all assets stored on it.

14.3 Integration Risk

The Protocol integrates multiple complex systems (Solana programs, Jupiter CPI, off-chain engine, data feeds, monitoring). Failures at integration boundaries — message format changes, API version mismatches, or timing issues — can cause cascading failures.

14.4 Operational Security

The Protocol's operational security depends on proper key management, server hardening, access controls, and monitoring. A breach of any operational security measure could result in unauthorized access to admin keys or the off-chain engine.

15. Tax Risk

The tax treatment of digital assets, DeFi protocol participation, and automated trading varies by jurisdiction and is subject to change. Each rebalancing trade may constitute a taxable event in your jurisdiction. You are solely responsible for determining and fulfilling your tax obligations. The Protocol does not provide tax reporting, tax forms, or tax advice. Consult a qualified tax professional for guidance on your specific situation.

16. Acknowledgment of Risks

By using the AlphaBot Protocol, you acknowledge and accept the following:

1. You have read and understood this Risk Disclosure in its entirety.
2. You understand that digital assets are highly volatile and that you may lose some or all of the assets you deposit.
3. You understand that past performance, including backtested results, does not guarantee future results.
4. You understand that the Protocol is provided "as is" without warranties of any kind.
5. You understand that smart contracts may contain undiscovered vulnerabilities.
6. You understand and accept the risks of automated trading, including whipsaw, slippage, and MEV exploitation.
7. You understand that the Protocol has centralized components that introduce trust assumptions and single points of failure.
8. You are not relying on any statement by the Company as investment, financial, legal, or tax advice.
9. You have the financial capacity to bear the loss of all assets deposited in the Protocol.
10. You will not hold the Company liable for any losses incurred through your use of the Protocol.

17. Contact Information

For questions about these risks, reach out via @AlphaBotFun on X or Discord.