Using the platform includes substantial risks of losing some or all of your funds. The Creative core team and community have made every effort to ensure the security of funds.
This section will help you understand the types of risk you are taking what has been done to mitigate them and how to mitigate them further.
Protocol Dependency Risk
The Creative platform uses several other protocols. Therefore, the first type of risk is the risk that these other integrated protocols can fail.
Specifically by using Creative you are also taking on the risks of using the Ethereum network, the collateral you are depositing, and the yield service (currently Compound.Finance).
To mitigate this risk the platform is only integrated with highly reputable and well secured protocols.
Smart Contract Exploit Risk
The second type of risk is specific to Creative. The risk is that there could be some sort of bug or exploit in the smart contracts that run the Creative platform. This is a risk with any product on Ethereum. Depending on what the bug or exploit is, a nefarious person may be able to take some or all of the funds stored in the Creative platform. Here’s what we’ve done to mitigate this risk.
- Professional, third party smart contract auditing. Creative has hired companies to professionally review and audit the smart contract code for any bugs or exploits. These auditors have produced reports with their findings. As Creative continues to grow we’re committed to continuing to pay for audits however, it should be understood that at any given time, 100% of the code base has not been professionally audited.
- Bug Bounty program. Creative offers payment of up to $2,000 in USDC for reports of any bugs in the smart contracts. If someone was to discover a bug, this is a way for them to responsibly disclose it to us and be paid rather than exploit it.
- All the smart contract code is open source, meaning it is publicly readable by anyone. At first this may sound strange, but it actually makes the platform more secure as anyone can review it for bugs and submit a bug bounty.
- Before we even give our code to auditors we also do extensive internal testing.
Wallet Loss Risk
This risk doesn’t have anything to do with Creative, but we wanted to mention it. Using Creative requires you to use an Ethereum wallet that supports Ethereum apps. If you permanently lose access to this wallet, you will not be able to recover your funds. Different wallets have different recovery mechanisms. It’s important for you to know what those are and be able to recover your wallet. Argent Wallet is one example of a wallet with good recovery methods.