Governance & Security

Who controls the protocol?

Control is managed through role-based access:

  • GOVERNANCE_ROLE – Updates critical parameters like point rates, strategy weights, and lockup rules.

  • KEEPER_ROLE – Handles operational tasks such as allocations, rebalancing, and harvesting yields.

  • PAUSER_ROLE – Can pause deposits, withdrawals, or strategy operations in emergencies.

Can the protocol be paused?

Yes. In case of bugs, exploits, or market instability, authorized addresses with the PAUSER_ROLE can temporarily halt core functions to protect user funds.

How are protocol parameters updated?

Only addresses with GOVERNANCE_ROLE can change sensitive parameters such as:

  • Strategy weights

  • Point multipliers and base rates

  • TVL caps

  • Early exit fee percentages

How secure is Insomnia Protocol?

Insomnia is built with multiple layers of protection:

  • Access Control – Strict role-based permissions

  • Reentrancy Guards – Prevents reentrancy exploits

  • Safe Transfers – Ensures native token transfers are validated

  • Input Validation – Checks parameters to avoid misconfiguration

Are funds insured?

No, there is no built-in insurance. Like all DeFi protocols, there are risks. Users should only deposit what they can afford to lose. However, penalties and treasury mechanisms strengthen long-term sustainability.

Can governance be captured by bad actors?

Governance is designed to be transparent, role-based, and trackable on-chain. While governance risk exists, clear checks, gradual rollouts, and treasury safeguards help mitigate the risk of malicious decisions.


Last updated