# Risk Matrix {% hint style="info" %} Operator and jurisdiction: BASIS is operated by BASIS DIGITAL INFRASTRUCTURE LTD, a Seychelles IBC (LEI: [254900IX2F2KCWNSSS64](https://lei.bloomberg.com/leis/view/254900IX2F2KCWNSSS64)). Research Partner: Base58 Labs contributes execution research, systems modeling, and risk design. {% endhint %} This page summarises the principal risk categories for BASIS users. Each category is assessed for inherent severity and likelihood before controls, then for residual risk after BASIS mitigations. Residual risk reflects deterministic execution, mathematical exposure constraints, venue limits, and state machine risk controls. This is a summary disclosure. For full detail, see [Risk Disclosure](https://docs.basis.pro/risk-safety-and-asset-protection/risk-disclosure) and the individual pages under the Risk section. {% tabs %} {% tab title="Asset and wallet model" %} * BTC deposits use a BASIS-assigned address that is unique to each account. No Web3 wallet is required for BTC deposits. * ETH, SOL, and PAXG deposits use a connected Web3 wallet such as MetaMask. * Native assets are held in the Funding Wallet for deposit and withdrawal activity. * stTokens are held in the Staking Wallet for staking and reward accrual. * USDT is an internal accounting and display unit only. It is not a depositable or withdrawable asset. {% endtab %} {% tab title="Swap and unstake model" %} Swaps are same-token only and occur 1:1. | Asset | Staked Token | | ----- | ------------ | | BTC | stBTC | | ETH | stETH | | SOL | stSOL | | PAXG | stPAXG | * Rewards accumulate in real time as the same stToken in the Staking Wallet. * Fixed pools cannot be unstaked early. * Unstake is full-position only. * When the lock-up ends, the claimable amount is auto-credited to the Staking Wallet as the same stToken. {% endtab %} {% endtabs %} *** ## Risk Summary Table | Risk Category | Severity | Likelihood | Primary Mitigation | Residual Risk | | ---------------------------------------- | ------------- | ------------- | ------------------------------------------------------------------------------------ | ------------- | | Smart Contract / On-chain | High | Medium | Independent external audits, conservative governance, CEI pattern, reentrancy guards | Low to Medium | | Counterparty (Exchange) | High | Low to Medium | Multi-venue diversification, venue caps, health scoring, BSCB blacklisting | Medium | | Funding Rate (Negative) | Medium | Medium | Real-time monitoring, staged position reduction, BSCB pause thresholds | Low | | Reference Unit Risk (USDT display basis) | Medium | Low | Reconciliation controls, valuation checks, venue collateral limits | Low to Medium | | PAXG / XAU Tracking Risk | Low to Medium | Low | Regulated issuer oversight, reserve attestations, market-integrity monitoring | Low | | Liquidity and Lock-up Risk | Medium | Medium | Fixed lock-up design, treasury buffers, native-asset withdrawal management | Medium | | Regulatory Risk | High | Low | Seychelles IBC structure, jurisdictional screening, external legal counsel | Medium | | Technology Risk (BHLE) | High | Low | N+1 bare-metal failover, deterministic state machine, cryptographic asset enclave | Low | | Key Person Risk | Medium | Low | Research continuity, documented procedures, access compartmentalization | Low to Medium | | Oracle / Price Feed Risk | Medium | Low | TWAP oracles, multi-source aggregation, circuit breakers | Low | | Bridge Risk (BIVB) | High | Low | Independent validator sets, finality thresholds, per-session exposure limits | Medium | *** ## Risk Detail ### Smart Contract and On-chain Risk On-chain components, including bridge and settlement contracts, may contain vulnerabilities not identified during review. BASIS reduces this risk through independent external audits before release, conservative upgrade governance using multisig plus timelock, contract patterns such as checks-effects-interactions, and reentrancy protections. See [Smart Contract & On-chain Risk](/risk-safety-and-asset-protection/smart-contract-risk.md). ### Counterparty (Exchange) Risk BASIS executes across multiple third-party venues to capture structural alpha with execution precision. If a venue experiences insolvency, operational failure, API degradation, or withdrawal restrictions, capital access and yield generation may be affected. Mitigations include venue-level exposure caps, continuous venue health monitoring, automated blacklisting through BSCB, and rapid re-routing where available. See [Third-Party Exchange Risk](/risk-safety-and-asset-protection/exchange-risk.md). ### Funding Rate Risk Funding rates can turn negative during adverse market regimes and convert expected yield into cost. BASIS monitors funding continuously and uses staged exposure reduction and pause thresholds when rates move outside approved bands. See [Funding Rate Dynamics](/strategies/funding-rate-dynamics.md). ### Reference Unit Risk (USDT Display Basis) Displayed balances use USDT as an internal accounting and display reference for USD-equivalent reporting. USDT cannot be deposited or withdrawn on BASIS. If USDT diverges from USD, displayed valuation and some venue-side settlement references may temporarily differ from spot USD intuition. BASIS mitigates this with reconciliation controls, valuation checks, and limits on venue-specific collateral dependencies. See [Risk Disclosure](https://docs.basis.pro/risk-safety-and-asset-protection/risk-disclosure). ### PAXG / XAU Tracking Risk PAXG is active on BASIS and is deposited and withdrawn as a native asset through a connected Web3 wallet. Risk arises if PAXG trades away from underlying gold value, or if issuer, custody, or market structure events affect convertibility or pricing. BASIS relies on regulated issuer disclosures, reserve attestations, and market-integrity monitoring. ### Liquidity and Lock-up Risk Fixed pool positions cannot be unstaked before the selected lock-up ends. There is no early exit option. This design improves capital planning and reduces run-risk from discretionary early withdrawals, but it creates user-side liquidity timing risk if funds are needed before maturity. After lock-up completion, the claimable balance is auto-credited to the Staking Wallet as the same stToken. Users then perform the same-token 1:1 swap back to the native asset before withdrawal. ### Regulatory Risk The regulatory landscape for digital asset yield products continues to evolve. BASIS operates through a Seychelles IBC structure under BASIS DIGITAL INFRASTRUCTURE LTD, LEI [254900IX2F2KCWNSSS64](https://lei.bloomberg.com/leis/view/254900IX2F2KCWNSSS64). Changes in securities, derivatives, tax, promotion, custody, or consumer protection rules may affect product availability or servicing in specific jurisdictions. BASIS applies jurisdictional screening and retains external legal counsel to monitor obligations. ### Technology Risk (BHLE) BHLE is BASIS's proprietary routing and execution infrastructure, engineered for sub-50μs decision latency and 100K+ operations per second under normal operating conditions. Risks include software defects, hardware failure, network partition events, and venue connectivity loss. Controls include N+1 bare-metal failover, deterministic execution logic, mathematical exposure bounds, and state machine risk controls. The cryptographic asset enclave is designed so that compromise of an execution node does not by itself permit unilateral movement of user assets. ### Key Person Risk BASIS depends on specialized quantitative, infrastructure, and security expertise. This risk is reduced through documented procedures, segmented operational authority, reproducible research workflows, and continuity planning with its research partner, Base58 Labs. ### Oracle / Price Feed Risk Strategies and accounting processes that depend on market data may be affected by stale, manipulated, or anomalous inputs. BASIS mitigates this with TWAP-based feeds where appropriate, multi-source aggregation, sanity bounds, and circuit breakers that halt actions when feed quality degrades. ### Bridge Risk (BIVB) Cross-system transfers and bridge components may fail due to validator faults, finality assumptions, or software defects. BASIS mitigates this through independent validator sets, finality thresholds, per-session exposure caps, and conservative recovery procedures. *** ## How to Read This Matrix * Severity: the potential impact if the risk materialises * Likelihood: the estimated probability over a 12-month horizon * Residual Risk: the remaining risk after BASIS controls are applied {% hint style="warning" %} ⚠️ This matrix is a summary and should be read together with the [Risk Disclosure](https://docs.basis.pro/risk-safety-and-asset-protection/risk-disclosure) before committing capital. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.basis.pro/welcome/risk-matrix.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.