Governance & Security

Who controls the protocol?

Control is managed through role-based access:

• GOVERNANCE_ROLE – Updates critical parameters like point rates, strategy weights, and lockup rules.

• KEEPER_ROLE – Handles operational tasks such as allocations, rebalancing, and harvesting yields.

• PAUSER_ROLE – Can pause deposits, withdrawals, or strategy operations in emergencies.

Can the protocol be paused?

Yes. In case of bugs, exploits, or market instability, authorized addresses with the PAUSER_ROLE can temporarily halt core functions to protect user funds.

How are protocol parameters updated?

Only addresses with GOVERNANCE_ROLE can change sensitive parameters such as:

• Strategy weights

• Point multipliers and base rates

• TVL caps

• Early exit fee percentages

How secure is Insomnia Protocol?

Insomnia is built with multiple layers of protection:

• Access Control – Strict role-based permissions

• Reentrancy Guards – Prevents reentrancy exploits

• Safe Transfers – Ensures native token transfers are validated

• Input Validation – Checks parameters to avoid misconfiguration

Are funds insured?

No, there is no built-in insurance. Like all DeFi protocols, there are risks. Users should only deposit what they can afford to lose. However, penalties and treasury mechanisms strengthen long-term sustainability.

Can governance be captured by bad actors?

Governance is designed to be transparent, role-based, and trackable on-chain. While governance risk exists, clear checks, gradual rollouts, and treasury safeguards help mitigate the risk of malicious decisions.

---