> For the complete documentation index, see [llms.txt](https://diva-donate.gitbook.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://diva-donate.gitbook.io/other/risks.md).

# Risks

DIVA Donate is powered by DIVA Protocol, a smart contract that enables the creation and management of derivative contracts on the blockchain. The use of smart contracts comes with certain risks. By interacting with DIVA Donate, users acknowledge and accept the following risks and their respective mitigations.

### Hack risk

**Risk description**: Despite adhering to coding best practices and undergoing comprehensive smart contract audits, there remains a risk that funds deposited into the protocol may be stolen.

**Mitigant:** The DIVA Protocol smart contract has been thoroughly audited by multiple parties and the [audit reports ](https://github.com/divaprotocol/diva-protocol-v1/blob/main/audits/Final%20April%202023/Summary.md)are publicly available.

### Oracle risk

**Risk description**: Reporting outcomes relies on an oracle to deliver off-chain data to DIVA Protocol. There is a risk that data providers could submit intentionally or mistakenly incorrect final values, leading to incorrect payoffs. Additionally, there is the risk of an oracle going offline, which can disrupt the data delivery and affect outcome reporting.

**Mitigant:** To counteract these risks, DIVA Donate uses the [decentralized Tellor oracle system](https://github.com/divaprotocol/oracles/blob/main/docs/Tellor.md). Unlike centralized oracles, decentralized systems reduce the risk of single points of failure, such as going offline unexpectedly. In the Tellor system, anyone can become a reporter by committing assets as a stake, forming an economic incentive to discourage dishonest reporting. This mechanism secures the integrity of reporting and ensures continuity and reliability in data provision.

### Data manipulation risk

**Risk description:** Campaigns may be vulnerable to data manipulation, as evidenced by incidents like the [tampering with rain gauges in Colorado to increase crop subsidies](https://www.cbsnews.com/colorado/news/colorado-ranchers-patrick-esch-ed-dean-jager-sentenced-rain-gauges-tampering-federal-crop-subsidies-nws-fcic/). So this risk is real and has to be taken seriously.&#x20;

**Mitigant:** Before launching a campaign, the DIVA Donate team thoroughly evaluates the feasibility of tampering with the underlying data.&#x20;

### App risk

**Risk description**: There's a potential risk that malicious actors could gain unauthorized access to DIVA Donate frontend [application](https://github.com/Walodja1987/DIVA-Donate-App), altering the way values are entered to the core smart contract functions.

**Mitigant:** Access to modify the codebase is strictly limited to a select group of trusted developers, ensuring a high level of security and integrity for all transactions and interactions.

<br>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://diva-donate.gitbook.io/other/risks.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.