# Risk Management Framework

Upshift’s "Institutional Grade" claim is backed by a multi-layered defense-in-depth strategy. We treat risk as a dynamic variable rather than a static setting.

#### **Protocol-Level Safeguards**&#x20;

**Non-Custodial Architecture:** Neither Upshift nor the Curator can ever withdraw user funds to an external EOA. Funds can only move between whitelisted "Strategy" contracts (DeFi Protocols) and the vault smart contract.

**Withdrawal Liquidity Buffer:** A configurable percentage of assets is always held in the "Buffer" to ensure immediate redemptions without forcing a strategy unwind.

**NAV Volatility Protection:** To protect against price manipulation and oracle latency, Upshift vaults implement a Max Percentage Change constraint. This parameter enforces a strict ceiling and floor on the fluctuation of the share-to-asset ratio within a single update cycle. By capping the rate of change for the vault’s NAV, the protocol effectively mitigates risks associated with faulty oracle feeds or erroneous NAV reporting. Furthermore, this mechanism eliminates "latency arbitrage" by preventing MEV snipers from exploiting temporary price discrepancies between the vault and external markets.

#### Curator-Managed Guardrails

**Timelocks:** Critical changes such as changing fee structures, updating the withdrawal period are subject to a 24 hour timelock, giving users time to exit if they disagree with the change.

#### Emergency Procedures

**Emergency functions:** A multi-sig controlled function that can instantly pause deposits/withdrawals and move all strategy funds back into the vault.<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.upshift.finance/vault-architecture/risk-management-framework.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.