Risk Disclosure
Last updated: May 23, 2026
You can lose everything
SnowMind is a software interface to permissionless DeFi protocols on Avalanche. It does not guarantee yield, principal, availability, or any particular outcome. This page lists the categories of risk you should understand before using the Service. It is not exhaustive.
1. Smart-contract risk
SnowMind interacts with multiple smart-contract systems. Smart contracts can contain bugs, logic errors, economic-design flaws, or unknown vulnerabilities that may be exploited. An exploit in any of the following can result in partial or total loss of your funds:
- Your ZeroDev Kernel v3.1 smart account and the Permission Validator that enforces session-key scope;
- The ERC-4337 EntryPoint v0.7 contract;
- The paymaster contract that sponsors gas;
- Each underlying yield protocol (Aave V3, Benqi, Spark, Euler V2 (9Summits), Silo, and any future integrations);
- Token contracts (USDC and protocol receipt tokens such as qiUSDCn, spUSDC, savUSD, sUSDp);
- Permit2;
- Any router, wrapper, or adapter used in SnowMind’s execution path.
Audits reduce, but do not eliminate, this risk. Past audits and exploit-free track records are not guarantees of future safety.
2. Underlying-protocol risk
Even when smart contracts function as designed, the protocols that hold your funds carry independent risks:
- Bad debt & insolvency: a lending protocol can accumulate bad debt that is socialized across depositors, reducing per-share value.
- Liquidation cascades: rapid market moves can cause a wave of liquidations that exhaust available liquidity and prevent withdrawals.
- Governance attacks: a malicious governance proposal can change risk parameters, withdraw treasury funds, or pause withdrawals.
- Admin keys & upgrades: many protocols retain upgrade or pause keys that could be misused, lost, or compromised.
- Withdrawal queues & cooldowns: some vaults are not instantly redeemable; withdrawals may be delayed or queued.
- Frozen markets: a protocol may pause deposits or withdrawals during incidents, leaving your funds stuck.
3. Oracle & rate-data risk
The optimizer relies on on-chain protocol reads (the authoritative source) and cross-validates against DefiLlama. Oracles can be:
- Manipulated by attackers exploiting low liquidity;
- Delayed by network congestion or sequencer outages;
- Wrong due to upstream data errors or stale snapshots.
SnowMind applies TWAP smoothing, sanity bounds (25% APY cap), velocity checks, utilization guards, and stability checks to filter anomalous readings, but no filter is perfect. An undetected oracle issue can cause the optimizer to misallocate.
4. Stablecoin risk
SnowMind operates in USDC issued by Circle on Avalanche. USDC may:
- Lose its peg to the U.S. dollar temporarily or permanently;
- Be frozen on specific addresses (Circle retains blacklist capability);
- Be restricted by Circle or by regulators in your jurisdiction;
- Be affected by issues with Circle’s underlying reserves or banking partners.
Other stablecoins or derivative assets held by underlying protocols (e.g., savUSD, sUSDp, related collateral) carry their own peg, reserve, and issuer risks.
5. Bridge & cross-chain risk
If you fund your smart account using a bridge or cross-chain on-ramp, you are exposed to the risks of that bridge or on-ramp, which have historically been one of the largest sources of loss in crypto. SnowMind does not control or endorse any bridge.
6. Network & infrastructure risk
- Avalanche C-Chain: consensus failure, validator downtime, hard forks, congestion, or reorgs may interrupt or alter expected behavior.
- RPC providers: downtime or incorrect responses may delay or block rebalances.
- ERC-4337 stack: bundlers (Pimlico) and paymasters (ZeroDev) may pause, throttle, or refuse to relay your UserOperations. Gas sponsorship is best-effort and may be withdrawn without notice.
- Indexers and oracles: downtime in DefiLlama or other data sources may degrade decision quality.
7. SnowMind operational risk
- The backend optimizer can fail to detect a better allocation, react too slowly, or rebalance into a protocol that subsequently incurs loss;
- The signer service holding your encrypted session-key material could be compromised — in which case attacker actions are still bounded on-chain to the supply/withdraw operations allow-listed by your session key, but funds could be moved between approved protocols at adversarial timing;
- Bugs or regressions in the dashboard, backend, or execution sidecar may surface incorrect balances, parameters, or status;
- Contributors may pause, abandon, or wind down the Service at any time;
- The Service may be unavailable due to outages at Vercel, Railway, Supabase, Privy, ZeroDev, or other dependencies.
8. Automation risk
The optimizer is rule-based, acting on on-chain rate data. It does not understand markets, news, or off-chain events. Specifically:
- The optimizer is not personalized advice;
- Rules that worked historically can fail in new market regimes;
- Rebalances incur on-chain costs that can outweigh small APY differences (mitigated by the beat-margin gate, but not eliminated);
- The optimizer may concentrate capital into a single protocol when ranking favors it, increasing single-protocol exposure;
- Edge cases not covered by the heuristics can produce suboptimal decisions.
9. Counterparty & custody nuance
SnowMind is non-custodial: you hold your own smart account and can revoke session keys at any time. However:
- Privy custodies the embedded signer used to sign your transactions if you sign in with email or social login. A Privy compromise could affect your ability to sign or, in a worst case, allow unauthorized signing.
- While funds are deposited into an underlying protocol, that protocol effectively holds them; you bear that protocol’s counterparty risk for the duration of the position.
10. Regulatory & legal risk
The legal status of DeFi, automated agents, stablecoins, and yield-bearing crypto products is unsettled and evolving. SnowMind may be required to restrict features, geofence additional jurisdictions, or cease operating entirely on short notice. You are solely responsible for determining whether your use of the Service is lawful in your country and for any tax obligations that arise.
11. Privacy & on-chain transparency
Your smart account address and all of its activity (deposits, withdrawals, rebalances, fees, balances) are public on the Avalanche blockchain forever. Anyone who learns of the link between your identity and your address can observe your full history. The optimizer’s rebalance pattern may itself be identifying.
12. No insurance
Deposits are not insured by the U.S. FDIC, U.K. FSCS, Japan’s DICJ, or any other deposit-insurance scheme. There is no investor-protection or compensation scheme covering your use of SnowMind, and no third-party guarantor of underlying protocols.
13. Beta status
The Service is in beta. Parameters, including the platform-wide deposit cap, per-protocol exposure caps, beat margin, sanity caps, and rebalance cadence, may change without notice. Beta software is more likely to contain undiscovered bugs than mature software.
14. Your responsibilities
You are solely responsible for: keeping your wallet, recovery factors, and devices secure; reviewing session-key permissions before granting them; verifying balances and transactions; understanding the protocols SnowMind allocates to; and being able to withdraw directly from those protocols if the SnowMind interface is ever unavailable.
15. Acknowledgement
By using SnowMind you acknowledge that you have read, understood, and accepted the risks described on this page and in our Terms of Service. If you do not accept these risks, do not use the Service.
Not legal or investment advice