Risk framework
Robust risk curation is central to every kpk product. This page explains how assets and strategies are evaluated, classified and monitored to ensure that each curated product is built on clear, data-driven risk assumptions.
kpk’s risk framework ensures that risk is assessed holistically and continuously, allowing kpk to adapt to changing conditions while maintaining predictable, well-understood exposures across all curated products.
It combines structured due diligence, independent risk signals, allocation rules and real-time monitoring, and is applied to every asset or strategy considered for use as collateral or another core component within a kpk-curated product.
Initial Due Diligence
Each asset, market or strategy undergoes a structured review under our Due Diligence Framework, which covers over 65 data points across four themes: smart contract logic, external dependencies, governance controls, and market conditions.
The assessment combines onchain analysis with targeted offchain validation to capture both technical and contextual risks.
Onchain Assessment
The onchain review examines the design and behaviour of all relevant contracts and dependencies, including:
Smart contract logic, upgradeability and access controls.
Oracle mechanisms, staleness checks and manipulation vectors.
External dependencies such as bridges or third-party contracts.
Liquidity depth, peg mechanisms and historical behavior.
Offchain Validation
Complementing the onchain review, kpk conducts targeted offchain checks to identify governance, operational and legal risks, including:
Governance structure and upgrade powers.
Admin key security, timelocks and emergency procedures.
Entity structure and operational resilience of the issuer or core contributors.
Track record, historical incidents and response capabilities.
External audits and relevant disclosures.
This dual-track approach ensures that each approved asset or strategy meets kpk’s standards for both technical robustness and institutional soundness before inclusion in any curated product.
External Risk Signals
kpk integrates independent third-party risk assessments into its curation process to complement internal reviews. Platforms such as Credora and Exponential provide additional scores on protocol health, collateral behaviour and systemic exposure.
These signals do not replace internal due diligence but act as a supplementary layer of risk intelligence, especially during the initial assessment and ongoing monitoring.
Tiering & Allocation
Once an asset or strategy passes the prior stage(s), it is assigned a risk tier. Each tier corresponds to predefined allocation rules, which limit the pool's exposure to that asset or strategy.
Risk tiering reflects factors such as liquidity depth, oracle design, protocol maturity, and dependency stack complexity. It is applied during product creation (e.g. for Gearbox Earn Pools) or strategy selection (e.g. yield-type products) to enforce diversification and risk-weighted exposure.
A
Deep liquidity, mature protocols, highly reliable oracles, extensive operational track record
LSTs with high liquidity and native redemptions (e.g. wstETH)
B
Moderate liquidity, well-known protocols with some newer components, diversified oracle setup
LRTs from established teams, LSTs with moderate liquidity (e.g. cbETH, rETH), wrapped BTC
C
Lower liquidity or less battle-tested oracles, emerging protocols, moderate dependency complexity
Newer LRTs or assets using alternative oracle setups (e.g. API3, RedStone Pull Oracles)
D
Experimental or early-stage assets, limited liquidity, higher dependency or governance risk
Niche or newly launched assets and strategies
Risk tiers are indicative and may vary by product. Actual allocation limits are defined per product and tracked through change logs.
Monitoring and response
Risk doesn’t end once an asset is listed. kpk continuously monitors both onchain and offchain signals to track evolving conditions and take action when needed.
Different approaches to monitoring are adopted for the different components of each curated product:
Collateral monitoring focuses on governance actions, smart contract changes, and oracle integrity. kpk tracks governance proposals and contract upgrades that may affect collateral safety, monitors oracle staleness, and compares oracle prices to reference venues to detect anomalies.
Vault venue monitoring focuses on the underlying protocol layer. Governance proposals and timelock changes are scrutinised to catch hostile or rushed upgrades. Core contract upgrades via proxy implementations are tracked, and protocol-level oracles are monitored for liveness and reliability.
Vault risk monitoring targets vulnerabilities specific to the vault setup itself. kpk monitors for emerging bad debt, management key or Safe compromises, and liquidity constraints. For example, utilisation levels above 92% are flagged as potential withdrawal risk. Administrative permissions are strictly scoped, and changes to key control structures trigger alerts.
The diagram below illustrates how different risk categories map to concrete monitoring actions:
Response mechanisms combine automated and manual layers. Risk alerts from providers like Hypernative and Cyvers, as well as internal monitors, flag anomalies in real time, enabling rapid action when needed. Protective measures such as pausing markets or tightening collateral parameters can be executed swiftly through an Emergency Admin role. More complex situations, including multi-asset or governance-related incidents, are handled through structured manual reviews. Risk tiers or parameters are updated accordingly when material changes occur, and every action is recorded for full transparency.
Last updated