Vault Curators
Loopscale Security
Loopscale takes security incredibly seriously, in addition to vault-level configuration and curator controls, Loopscale applies a standardized framework of programmatic safeguards, software-level monitoring, and operational processes to the platform as a whole.
Technical Security
- Independent Audits: All deployed programs undergo external security review prior to release. No upgrades or changes are made without third-party audit, and completed reports are published for transparency.
- Oracle Integrity: Each supported oracle integration is implemented independently and monitored for latency, anomalies, and liveness. Lending and liquidation activity is be paused if oracle feeds are stale or compromised.
- Transaction Safeguards: In addition to multisig approval, all program transactions currently require a co-sign from the Loopscale Secrets Manager — a read-only AWS-based signer. This key cannot initiate actions on its own and functions only as a supplemental safeguard to ensure transactions are constructed as intended.
Operational Security
Access Controls
All program upgrades require approval from a 3/5 multisig. This governance model ensures no single party can deploy changes unilaterally. Loopscale cannot directly access or transfer user funds. All state changes occur through immutable on-chain program logic. Backend services are protected by strict operational controls:- 3/5 multisig governance for contract upgrades (via Squads).
- Granular IAM roles and 2FA across backend infrastructure.
- Immutable logic governing liquidation and refinance flows.
- Dedicated disaster-response SOP with a 24/7 on-call rotation.
Real-Time Monitoring
Dashboards and automated alerts track collateral exposures, liquidity flows, oracle performance, and vault health. Alerts are escalated through 24/7 operational processes. Curators can monitor vaults directly via the curator dashboard and reporting interface.- Dashboards: Display collateral exposure, oracle status, withdrawal activity, and rollover timing.
- Alerts: Sent via Slack, SMS, and PagerDuty for oracle staleness, withdrawal spikes, failed liquidations, or Solana liveness issues.
Liquidations Operations
Liquidations are triggered automatically when loan health thresholds are breached and executed through whitelisted liquidators. For assets without deep on-chain liquidity, settlement may require coordination with external counterparties, introducing additional operational dependencies. The default liquidation system follows a tiered approach:- Primary Service: A cloud-based flash loan liquidator triggered by oracle updates, fully automated using onchain lending venues and major DEX routes to atomically liquidate at any size.
- Secondary Poller: A backup service polling every five minutes, using a pre-funded manager wallet with controlled execution.
- Tertiary Manual Service: A team-managed wallet with critical paging that executes liquidations manually if automated systems fail.
Addresses
| Program / Account | Address | Authority / Notes |
|---|---|---|
| Loopscale Program | 1oopBoJG58DgkUVKkEzKgyG9dvRmpgeEm1AVjoHkF78 | Core program logic |
| Liquidation Engine | mkr7azob5ee3RC64BVoHQPu7FnyaXzJnLMN8jm942pQ | Automated liquidation execution |
| Multisig Authority | DwBXwJDZ4Av4miT62sEssWJUinkzwkmPPB4Fg3fKEfft | 3-of-5 governance authority |
| Secrets Manager Signer | CyNKPfqsSLAejjZtEeNG3pR4SkPhSPHXdGhuNTyudrNs | Supplemental co-sign, AWS-based key |