Risk Assessment Methodology
The composability of crypto enables the Umee blockchain to connect with multiple ecosystems within Cosmos and beyond. As a lending platform, Umee lists tokens for lending and borrowing. The first steps in the listing process include a risk assessment from Umee. The four key domains of risk Umee will assess are protocol risk, market risk, operations risk, and counterparty risk.
The Umee risk team uses a scorecard with sub-components within the broader framework. Below is a sample card with the highest possible score of 10. Each sub-component is weighted based on importance relative to the other risk metrics.
Protocol risk measures the technical security of the underlying code for a given asset. Code for assets with rigorous audits by well-respected auditors are suitable prospects for Umee. Besides audits, protocol risk remains (i.e., vulnerabilities will exist) and users must be conscientious in assessing such risk. In addition, Umee will use bug bounties to alleviate smart contract risk. The number of transactions and number of days a particular smart contract has remained uncompromised with regular use, continued development, community etc., can serve as a proxy to gauge how battle-hardened the contract is.
Market risks are intertwined with the size of an asset pool and the dynamics of supply and demand. Adequate volume is needed to execute the required amount of liquidations in a given pool, i.e., large sell offs in extreme market conditions that incur slippage and reduce the dollar value retrieved. The Average Daily Volume is a key criterion for assessing the availability of the asset to be sold in addition to depth of liquidity.
Volatility risk is based on normalized fluctuations in token prices and is calculated using formulas in line with industry standards used by other large exchanges. Volatility risk is reassessed and updated in established intervals decided by Umee protocol given token prices are prone to sudden volatility spikes; in this emerging asset class it is not an aberration to observe large price swings of 50% or more in any direction within short durations.
Lastly the market capitalization representing the size of the market and level of exposure is considered. The inputs of market risk are then provided to Umee’s risk model to calibrate parameters that help mitigate each market risk component. Volatility input determines the amount of collateral, or Loan to Value ratio. Liquidity risks are managed by appropriate liquidation incentives, i.e., liquidation threshold and profit margin for liquidators.
Operations risk takes into account key stakeholders that can influence the strategic direction and financial outcome of a protocol such as core team members. Tokenomics is also an important component as utility of the token and emissions of supply vs level of demand greatly affects the stability of the token. Competitiveness assesses how the subject protocol is positioned with similar protocols both internally and externally of the ecosystem it’s located.
Counterparty risk takes into consideration the human capital behind the asset and how they impact governance. Specifically, Umee will assess the level of decentralization and ability for select stakeholders to influence control over funds or other attack vectors that can penetrate governance structure and ultimately yield control over funds to a concentrated few. Centralization risk is gauged by the magnitude of centralization, which is measured by the number of entities that can control an asset’s underlying protocol, the number of holders of the token, and other trust assumptions (e.g., backing of the asset) that may create vulnerabilities.