Centralization risk

By design, Voyage entrusts its developers and operators. The diamond design pattern allows to upgrade any part of the contract, and the code as reviewed contains multiple functions that allow authorized administrators to, for example, transfer assets and set critical parameters. This design allows to add new features to the protocol and fix bugs, but it also exposes Voyage to the risk of a developer or administrator being compromised.

We encourage Voyage to disclose this aspect of the design to the users of the protocol and to adopt typical best practices to reduce the risk of a compromise:

  • Use a multisig wallet to authorize smart contract upgrades or when making calls to sensitive protocol parameter setting functions such as those in ConfigurationFacet or LiquidityFacet

    • individual keys should ideally be stored on hardware wallets

  • Require code review by multiple developers before deploying upgrades

  • Use only peer-reviewed scripts to perform upgrades