Operational Risk

hBTC relies on a combination of on-chain smart contracts and off-chain keeper systems to monitor risk parameters, execute rebalancing actions, and perform accounting functions. As a result, the protocol is exposed to operational risks that may affect performance or availability.

Key operational risks include:

• Off-chain service dependency: Certain risk controls and strategy operations rely on off-chain services (e.g., keepers) to monitor conditions and submit transactions. Failures, delays, or misconfigurations could impair timely execution.

• Cloud infrastructure availability: Off-chain services depend on third-party cloud infrastructure providers (e.g., AWS or similar). Outages, service degradation, or network disruptions affecting these providers could impact monitoring, execution, or responsiveness.

• Key management risk: Operational roles require private key management; compromise, loss, or misuse of keys could disrupt protocol operations or trigger emergency controls.

• Human error: Configuration mistakes, incorrect parameter updates, or operational oversights may result in unintended behavior or degraded performance.

• Monitoring and alerting failures: Breakdowns in monitoring, alerting, or response processes could delay detection of adverse conditions.

Mitigation: Operational roles are narrowly scoped, governed by explicit permissions, and subject to governance controls and timelocks. Automated monitoring, fallback mechanisms, and emergency controls (including protocol pause and unwind functionality) are in place to reduce the impact of operational failures.