Risk Disclosure

This Risk Disclosure summarises the principal risks of using Sury Protocol. It is not exhaustive. Other risks may exist that we have not anticipated, and the relative importance of any specific risk may change over time as markets, regulation, and technology evolve.

Nothing in this document constitutes financial, legal, tax, or other advice. Your decision to use the Services is your own responsibility. If you are unsure whether the protocol is suitable for you, seek qualified independent advice.

The protocol's strategies operate in markets that are inherently volatile, including cryptocurrencies, foreign-exchange pairs, and related derivatives. Specific manifestations include:

• Drawdowns. The proprietary trading strategies may experience periods of losses, including extended drawdowns. Past performance is not indicative of future performance.
• Yield variability. The yield distributed to stakers depends on the net profit of the strategies and may be zero or negative in any given epoch. There is no guaranteed minimum yield.
• Token-price risk. The market price of the $SURY token can fluctuate significantly and may be lower than the price at which you acquired it, including substantially lower.
• Correlation collapse. Strategies that rely on historical correlations between assets may lose money during market regime changes when those correlations break down.
• Liquidity events. In stressed markets, liquidity in any asset may evaporate quickly. Positions may not be exitable at the prices implied by the most recent trade.

The protocol is implemented as smart contracts on public blockchains. Smart contracts carry their own class of risks:

• Code defects. Smart contracts may contain bugs that allow assets to be drained, locked, or otherwise lost. Even audited contracts have had critical bugs surface after launch. An audit is a snapshot, not a guarantee.
• Economic exploits. Even bug-free contracts may be vulnerable to economic attacks — including oracle manipulation, flash-loan attacks, sandwich attacks, and governance attacks — that drain or reduce the value of positions.
• Upgrade risk. If any contract is upgradeable, an upgrade could change the rules under which existing positions operate. We will publish notice of upgrades in advance where feasible, but this is not always possible in security incidents.
• Composability risk. The protocol may interact with external smart contracts (DEXs, lending markets, bridges, oracles). Failures or exploits in those external systems can cascade into losses for protocol users.
• Irreversibility. Blockchain transactions are generally irreversible. Loss of funds via a bug or exploit cannot be reversed by us or by anyone else.

The legal status of decentralised protocols and crypto-assets is unsettled in most jurisdictions and changing rapidly:

• Classification risk. The $SURY token, the staking arrangement, or the OTC settlement service may be classified by a regulator as a security, a derivative, a collective investment, an unauthorised banking activity, or another regulated category — with consequences ranging from registration obligations to restrictions on access.
• Geographic restrictions. Access to the protocol may become unlawful in jurisdictions where it is currently lawful, or restricted by us to comply with sanctions or local rules. You may lose access at any time.
• Tax risk. The tax treatment of staking rewards, token transfers, and on-chain settlements is unclear or evolving in many jurisdictions. You are solely responsible for determining and paying any taxes you owe.
• Enforcement risk. Regulators may take action against the protocol, its developers, its operators, or its counterparties — including actions that disrupt operations or freeze assets.

The protocol depends on technology that can fail:

• Blockchain risk. The underlying blockchain may suffer outages, congestion, validator misbehaviour, or consensus failures, making transactions slow, expensive, or impossible during the affected period.
• Oracle risk. The protocol depends on price oracles for some operations. If oracles report stale or manipulated prices, positions may be valued or liquidated incorrectly.
• Bridge risk. Cross-chain bridges have a poor historical track record. Funds in transit through a bridge may be lost if the bridge is exploited.
• Front-end risk. Our website is the easiest way for most users to interact with the protocol, but it is not the only way. The website may be unavailable, compromised, or display incorrect information.
• Wallet risk. Loss, theft, or compromise of your wallet, seed phrase, or private keys results in the loss of all associated assets. We have no ability to recover them.

The protocol's strategies and the LVP settlement engine necessarily interact with counterparties. Although the protocol uses code-enforced escrow where possible, residual counterparty risk exists:

• Centralised exchange exposure.Where the protocol's bots use centralised exchanges to execute or hedge, funds at those exchanges are subject to the exchange's solvency, custody practices, and regulatory status. Exchange failures can result in partial or total loss of any balances held there.
• OTC counterparty risk. While the LVP engine uses smart-contract escrow, off-chain elements of any deal (fiat legs, settlement instructions) carry counterparty risk that the protocol cannot eliminate.
• Service provider risk. Third-party providers (custodians, data vendors, infrastructure providers) may fail, be exploited, or terminate services on short notice.

The protocol is operated by a team of humans using technical infrastructure. Operational failures can occur:

• Strategy execution. The trading strategies are software. Mis-configured parameters, model drift, or infrastructure failures can produce losses unrelated to market movements.
• Key management. Operational keys controlling treasury or strategy infrastructure could be compromised. We use multi-signature custody and hardware security where feasible, but no key-management scheme is perfect.
• Insider risk. Members of the operating team with privileged access could act maliciously or negligently.
• Service interruption. The user interface, indexers, or other operated services may be unavailable for periods of time. The Smart Contracts continue to run on-chain regardless of front-end availability.

Sury Protocol is intended for users who:

• Understand decentralised finance, smart contracts, and the risks described in this document.
• Are able to afford the total loss of any value they commit to the protocol.
• Are not subject to legal restrictions on accessing the protocol in their jurisdiction.
• Are not relying on the protocol for income they cannot live without.

If any of those is not true, do not use the protocol. Seek qualified independent advice before participating.

By using the Services, you confirm that you have read and understood this Risk Disclosure, that you accept these risks, and that you are using the Services on your own initiative and at your own risk.

For the contractual terms governing your use of the Services, see the Terms of Service. For information about how we handle data, see the Privacy Policy.