Risks

DIVA Donate is powered by DIVA Protocol, a smart contract that enables the creation and management of derivative contracts on the blockchain. The use of smart contracts comes with certain risks. By interacting with DIVA Donate, users acknowledge and accept the following risks and their respective mitigations.

Hack risk

Risk description: Despite adhering to coding best practices and undergoing comprehensive smart contract audits, there remains a risk that funds deposited into the protocol may be stolen.

Mitigant: The DIVA Protocol smart contract has been thoroughly audited by multiple parties and the audit reports are publicly available.

Oracle risk

Risk description: Reporting outcomes relies on an oracle to deliver off-chain data to DIVA Protocol. There is a risk that data providers could submit intentionally or mistakenly incorrect final values, leading to incorrect payoffs. Additionally, there is the risk of an oracle going offline, which can disrupt the data delivery and affect outcome reporting.

Mitigant: To counteract these risks, DIVA Donate uses the decentralized Tellor oracle system. Unlike centralized oracles, decentralized systems reduce the risk of single points of failure, such as going offline unexpectedly. In the Tellor system, anyone can become a reporter by committing assets as a stake, forming an economic incentive to discourage dishonest reporting. This mechanism secures the integrity of reporting and ensures continuity and reliability in data provision.

Data manipulation risk

Risk description: Campaigns may be vulnerable to data manipulation, as evidenced by incidents like the tampering with rain gauges in Colorado to increase crop subsidies. So this risk is real and has to be taken seriously.

Mitigant: Before launching a campaign, the DIVA Donate team thoroughly evaluates the feasibility of tampering with the underlying data.

App risk

Risk description: There's a potential risk that malicious actors could gain unauthorized access to DIVA Donate frontend application, altering the way values are entered to the core smart contract functions.

Mitigant: Access to modify the codebase is strictly limited to a select group of trusted developers, ensuring a high level of security and integrity for all transactions and interactions.