Risks & security
Trading, venue, NAV-governance and smart-money risks distilled — audits + custody recap.
Not advice
This is transparency copy, not a prospectus.
Trading & model risk
Discretionary multi-asset basis risk — P&L can swing fast; total loss scenarios exist albeit tail.
Stack & oracle surface
Lagoon bytecode is audited factory output — no bespoke bytecode from Volta. Bug risk remains. Venue split: capital cycles Hyperliquid rails while settlement sits on Arbitrum — different domains (Lagoon audits).
- Privileged roles gated in contract — manager wallet cannot skim USDC arbitrarily
- Fee knobs locked post-deploy
- Whitelist eviction path asymmetric by design — see Roles doc
Settlement truth vs dashboards
Screens can diverge — only curator-signed NAV settles flows.
Liquidity & venue
Weekly batch exits; Hyperliquid adds exchange-level tail.
Human + agent stack
Ops + ML tandem — correlation breaks can shred marks.
Investor safeguards
VLT90 stays in wallets you control; operators never bypass Lagoon flows to seize bearer shares offline.
| Situation | Guardrail snapshot |
|---|---|
| Sweep USDC illicitly? | Lagoon escrow blocks naive theft |
| Fake fee receiver? | Factory-immutable payout wiring |
| HL reconciliation? | On-chain data exposes wiring |