User Risks

HONO Protocol User Risks

Last Updated 11 November 2024

Prior to accessing and using the software products and services (the “Services”) provided by HONO Protocol through the honoprotocol.com front-end user interface to interact with the non-custodial, blockchain-based software protocol known as the “HONO Protocol” please review the Terms of Use, as well as the general disclaimer and risk factors below, for information on the potential risks associated with engaging in decentralized finance (“DeFi”) transactions. The Services shall include, but shall not necessarily be limited to, the website, https://honoprotocol.com (the “Website”), and https://app.honoprotocol.com, a website-hosted user interface, as well as any other websites, apps, interfaces or dashboards, available through the honoprotocol.com domain, its subdomains, or any other means (the “Interface” or “Web App”). Certain honoprotocol.com subdomains accessible through the Interface are not controlled, operated, or maintained by HONO Protocol. These subdomains are independent websites controlled and managed by independent third parties within the HONO Protocol Ecosystem, each of which may have its own terms and conditions, privacy policies, and other governing terms. HONO Protocol does not endorse, monitor, or accept any liability for any content, functionality, or services provided on any other external sites hosted under the honoprotocol.com subdomains.

Acceptance of the Terms of Use is a prerequisite for accessing and using the Services provided through the honoprotocol.com front-end user interface. This User Risk Documentation serves as a supplementary resource, providing additional information and context; however, the Terms of Use remain the definitive and legally binding agreement governing all users of the Services, taking precedence over any supplementary materials.

General Disclaimer

This User Risk Documentation is provided for general informational purposes only and does not constitute financial, investment, legal, tax, or other professional advice. Prior to accessing the HONO Protocol via the honoprotocol.com front-end user interface, you are encouraged to consult with your financial, legal, or tax advisor and to carefully consider whether engaging in DeFi transactions is suitable for you. You understand that your participation in DeFi, through your use of the Services to access the HONO Protocol, can involve significant risk. Please refer to Section 3.3 (“Assumption of Risk”) of the Terms of Use for more information.

The risk factors outlined below are not exhaustive and are subject to change. The DeFi sector is inherently complex, continuously evolving, and may be influenced by unpredictable variables. Consequently, unforeseen risks may arise and existing risks may change in nature or impact over time.

Please be aware that certain features of the Services are not currently available to users that are located in or a resident of the United States, and therefore certain of the risks discussed herein may not be applicable to such users.

Risk Factors

Technology and Smart Contract Risks

• Smart Contract Risk: Smart Contract Risk refers to the potential vulnerabilities or flaws in the code that makes up the HONO Protocol's smart contracts, which generally can be described as autonomous, self-executing software programs stored on the blockchain that operate deterministically in accordance with set specifications stipulated in the underlying code. Any bugs or vulnerabilities in this code could be exploited by malicious actors, potentially leading to the loss of assets or other unintended consequences. Users of the Services should be aware that while smart contracts are often audited, the possibility remains that code will contain potential vulnerabilities.
• Technology Risk: Technology Risk encompasses the broader technological challenges and potential failures associated with blockchain technology and the Services. This includes risks related to the underlying Ethereum blockchain, potential issues with the honoprotocol.com front-end user interface, and other technical components of the system.
• Bugs and Vulnerabilities Risk: This risk specifically relates to the potential for undiscovered errors, weaknesses, or other vulnerabilities in the software code of the HONO Protocol or the honoprotocol.com front-end user interface.
• Upgrades and Changes Risk: The HONO Protocol and honoprotocol.com front-end user interface may undergo upgrades or changes over time to improve functionality or address issues. However, these upgrades may carry their own risks. New versions could introduce new bugs or vulnerabilities, or they might not be compatible with previous versions. This could potentially lead to service disruptions or unexpected protocol behavior.
• Lack of Upgrade Risk: This risk refers to the potential danger arising from delays or failures in updating the honoprotocol.com front-end user interface to address newly discovered threats, vulnerabilities, or protocol changes. As the HONO Protocol evolves and new security issues are identified in the broader blockchain ecosystem, the honoprotocol.com front-end user interface may need to be updated to maintain security and functionality. However, there may be instances where these updates are not implemented swiftly enough due to unexpected delays, leaving users exposed to potential risks. For example, if a vulnerability is discovered in the way the front-end user interface interacts with smart contracts, but the fix is not promptly deployed, users could be at risk of their transactions being manipulated or their assets being compromised. Similarly, if the HONO Protocol undergoes significant changes or upgrades, and the honoprotocol.com front-end user interface isn't updated accordingly, users might interact with an outdated version of the protocol, potentially leading to errors, failed transactions, or even the loss of assets. Users should be aware that while the blockchain and smart contracts may be updated quickly, front-end user interfaces like honoprotocol.com may have separate update cycles that could lag behind, creating a window of potential risk.
• Oracle Risk: The HONO Protocol relies on oracles, which are third-party services that provide external data to the blockchain. For example, price feeds for various assets might come from oracles. If these oracles provide incorrect, manipulated, or delayed data, it could lead to incorrect executions of smart contracts. There is also the potential risk of oracle failures or downtime, which could disrupt the normal functioning of the protocol.
• Network Congestion Risk: As the HONO Protocol operates on the Ethereum blockchain, it is subject to the limitations and potential congestion of the Ethereum network. During periods of high network activity, transaction fees (i.e., gas fees) can spike dramatically, and transactions can be delayed. This could potentially lead to failed transactions, higher costs for users, or the inability to execute time-sensitive operations (i.e., liquidations or pursuing market opportunities) in a timely manner.
• Vendor Risk: The honoprotocol.com front-end user interface is operated and made available using various technical service providers and vendors. The HONO Protocol also contains third-party integrations. The availability of the honoprotocol.com front-end user interface and Services depends on the uninterrupted and proper functioning of the technical service providers and vendors.

Security Risks

• Hacking Risk: Hacking Risk refers to the potential for malicious actors to exploit or gain unauthorized access to the honoprotocol.com front-end user interface, or even certain parts of the HONO Protocol. This could lead to theft of assets, manipulation of data, or disruption of Services. In the context of a non-custodial front-end user interface like honoprotocol.com, hacking risk primarily involves attempts to manipulate the interface or trick users into signing malicious transactions. While hackers cannot steal assets directly from the honoprotocol.com front-end user interface (as there are no stored assets on the interface), they might attempt various other methods, including but not limited to:
  • Altering the interface to display incorrect information.
  • Injecting malicious transaction data for users to unknowingly sign.
  • Performing phishing attacks to gain access to users' wallet private keys.
  • And other potential tactics.
• Exploitations and Vulnerabilities Risk: This risk involves the potential for attackers to take advantage of weaknesses or flaws in the honoprotocol.com front-end user interface, smart contracts, or associated protocols. These could be unknown vulnerabilities that are discovered and exploited before they can be patched, or known vulnerabilities that users or the platform fail to protect against adequately. Exploitations could result in financial losses, data breaches, or system malfunctions.
• Exchange Hacks Risk: While the Web App is not an exchange, it may interact with or rely on various decentralized exchanges (“DEXs”), aggregators or other protocols. If these associated platforms are hacked, it could indirectly affect Web App users. For instance, if a DEX that the Web App uses for liquidity or price discovery is compromised, it could impact the functionality of Web App operations.
• App Security Risk: This refers to potential vulnerabilities in the honoprotocol.com website application itself (app.honoprotocol.com). Risks could include insecure data storage, inadequate encryption, or vulnerabilities in the app's code that could be exploited by attackers. A breach in app security could lead to unauthorized access to user data or the interface to try to make users sign.
• Security of Webapp Risk: For honoprotocol.com, security risks involve ensuring the integrity of the interface (ensuring displayed information is accurate), the security of the transaction signing process, and protection against malicious code injection that could alter transaction details before signing. Users should always ensure they're interacting with the official honoprotocol.com front-end user interface and be wary of any unexpected behavior or requests.
• Security of API Integrations Risk: API integration risks involve the potential for manipulated data from integrated services affecting user decisions or automated processes. There could also be vulnerabilities in API connections that could allow injection of malicious data or commands into the honoprotocol.com interface.
• Phishing and Impersonation Risk: This risk involves the potential for malicious actors to create fake websites, social media accounts, or other online presences that closely mimic the honoprotocol.com front-end user interface. These imitations sites or accounts may aim to deceive users into believing they are interacting with the official honoprotocol.com front-end user interface. This could lead to users inadvertently providing sensitive information, such as private keys or seed phrases, or interacting with fraudulent interfaces that result in the signing of malicious transactions. Users might also follow misleading instructions that could compromise their assets or personal data. It is crucial for users to verify the authenticity of the website, social media accounts, and any communications they receive to avoid falling victim to these impersonation tactics.

Financial and Market Risks

• Financial Risk: Financial Risk refers to the potential for monetary loss when using the honoprotocol.com front-end user interface to interact with the HONO Protocol. This encompasses various factors, including market volatility, smart contract vulnerabilities, protocol-specific risks, and other unforeseen risks that may have a material adverse effect on user assets. Users should be aware that they could lose part or all of their supplied assets due to these factors.
• Market Risk: Market Risk is the potential for loss due to the overall performance of the cryptocurrency markets. The value of assets within the HONO Protocol, including supplied assets and the HONO derivative, can be affected by broader market trends, potentially impacting users' positions and the overall stability of the protocol.
• Volatility Risk: When using the honoprotocol.com front-end user interface to interact with the HONO Protocol, users may be exposed to the volatility of cryptocurrencies supplied to the protocol. Sudden price drops could lead to liquidations or decrease the value of users' holdings.
• Liquidity Risk: Refers to the potential inability to quickly buy or sell assets without causing a significant change in their price. In the context of the honoprotocol.com front-end user interface and the HONO Protocol, this could manifest as difficulty in acquiring or disposing of HONO or ecosystem assets, particularly during times of market stress or low trading volume.
• Impermanent Loss Risk: Impermanent loss risk is primarily associated with providing liquidity to decentralized exchanges. While not directly related to the core functions of the HONO Protocol, users participating in liquidity pools of HONO Protocol assets could experience this risk, where the value of their deposited assets may decrease in comparison to simply holding the assets.
• APY Risk: Annual Percentage Yield (“APY”) Risk in the context of the honoprotocol.com front-end user interface and the HONO Protocol primarily relates to the variability of the HONO V2-USDC LP Staking APY. The APY, is the yield earned by users who deposit HONO V2 and USDC into the LP staking contract. This rate is not fixed and can change based on various factors, including market conditions and decisions made through the protocol's governance. Users should be aware that the APY they see when depositing HONO V2 and USDC may not remain constant, potentially affecting the expected rates of the HONO Protocol. There's also a risk that the APY could drop significantly, go to zero or even, be negative, as decided by HONO Protocol community driven governance, impacting the attractiveness of holding HONO V2 and USDC in the staking contract.
• Price Differences Risk: Price differences risk refers to the potential for discrepancies in asset prices across different platforms or markets. Users of the honoprotocol.com front-end user interface might encounter situations where the price of an asset on the platform differs from other markets, potentially leading to unexpected outcomes in trades or collateral valuations.
• Price Slippage Risk: Price slippage risk occurs when the execution price of a trade differs from the expected price, usually due to market volatility or low liquidity. The Web App is fully non-custodial, and at no point are trades executed on behalf of users.

User-Related Risks

• Self-custody Risk: With self-custody, users are entirely responsible for managing and securing their own crypto assets. Unlike traditional financial systems where banks or other institutions safeguard assets, in the world of DeFi, the user bears full responsibility. This includes managing private keys, seed phrases, and ensuring the security of the devices used to access the Services. If a user loses access to their wallet or forgets their recovery phrase, there is no central authority that can help recover the assets. Similarly, if a user's private key is compromised, an attacker could potentially drain their assets, and there would be no recourse available through the honoprotocol.com front-end user interface or the HONO Protocol.
• Private Key Risk: When using the honoprotocol.com front-end user interface, users connect through a non-custodial wallet, which is secured by a private key. This private key is the tool that allows users to sign transactions and prove ownership of their assets on the blockchain. If this private key is lost, stolen, or compromised in any way, an attacker could gain full control over the user's assets.
• Custodial Risks: While the honoprotocol.com front-end user interface itself is non-custodial, users should be aware of Custodial Risks that may arise from interacting with other parts of the DeFi ecosystem. For example, if a user transfers assets from a custodial exchange to interact with the honoprotocol.com front-end user interface, they face custodial risks while their assets are held on that exchange. These risks include the potential for the custodial service to be hacked, become insolvent, or freeze assets due to legal or regulatory issues.
• User Interface Risks: User interface risks relate to the potential for users to misunderstand or misuse the honoprotocol.com interface, leading to unintended actions or transactions. The HONO Protocol is complex, with many interconnected components and potential actions. There is the risk that users might misinterpret information on the Web App, click the wrong buttons, or fail to understand the full implications of their actions, which may result in losses.

Governance and Protocol Risks

• Decentralized Governance Risk: The HONO Protocol operates via a community-driven governance model, which allows token holders (e.g., holders of the protocol's governance token) to propose and vote on changes to the protocol. While this decentralized approach aims to ensure that the protocol evolves in the best interest of its users, it may introduce certain risks. For instance, there is a possibility that the community might vote for changes that negatively impact some users or introduce instability to the system. Additionally, the governance process could potentially be delayed in reacting to urgent issues, potentially leaving the protocol vulnerable during critical periods.
• Governance Attacks Risk: Governance Attacks Risk refers to the potential for malicious actors to manipulate the governance process of the HONO Protocol. This could occur in several ways. For example, an attacker might attempt to accumulate a large number of governance tokens to push through harmful proposals. Alternatively, they might try to exploit vulnerabilities in the voting mechanism itself. Another form of governance attack could involve creating numerous small accounts to sway voting outcomes, a practice known as "Sybil attacks". The implications of a successful governance attack could be severe, potentially leading to changes in protocol parameters that benefit the attacker at the expense of other users. For honoprotocol.com front-end interface users, this risk means that the protocol they interact with could be altered in ways that negatively impact their positions or the overall stability of the system.
• Governance Centralization Risk: Governance Centralization Risk pertains to the potential concentration of decision-making power within a small group of participants in the HONO Protocol's governance system. Despite the protocol's aim for a broad and dispersed set of users participating in governance, there is a risk that a few large token holders, often referred to as "whales," could accumulate significant voting power. This concentration could lead to decisions that primarily benefit these major stakeholders, potentially at the expense of smaller participants. Additionally, if a large portion of governance token holders remain passive or delegate their voting rights to a small number of active participants, it could result in a de facto concentration of governance power. For users of the honoprotocol.com front-end user interface, this risk means that critical protocol decisions might not represent the interests of the broader user base. It could lead to changes in protocol parameters, fee structures, or risk management strategies that may not align with the needs of all users. Furthermore, a concentration of governance power might be more susceptible to external pressures, potentially impacting the protocol's long-term stability and decentralization ethos.

Regulatory and Compliance Risks

• Regulatory Risk: Regulatory risk refers to the potential for changes in laws or regulations that could impact the operation of the honoprotocol.com front-end user interface, the Services, the HONO Protocol, the broader DeFi ecosystem or even the underlying blockchain technology. Blockchain and DeFi are global technologies that transcend borders. This presents challenges in relation to achieving broad spanning regulatory compliance in light of ongoing regulatory uncertainty in a number of jurisdictions.

The DeFi space is still relatively new and rapidly evolving, and regulatory uncertainty remains in many jurisdictions. Users of the honoprotocol.com front-end user interface should be aware that regulatory changes could occur suddenly and potentially have significant impacts on their ability to use the platform or the value of their assets. For instance, regulators might impose new requirements on DeFi platforms, which could affect how the honoprotocol.com front-end user interface operates or interacts with the HONO Protocol. In extreme cases, certain jurisdictions might even ban or severely restrict DeFi activities.

Users must be aware that the accessibility of the Services, including functionalities provided by third-party integrations, is subject to regulatory changes and other factors beyond our control. These limitations are strictly governed by the Terms of Use and may significantly restrict or suspend your access to certain features of the Services (including third-party integrations) or the Services outright, without prior notice.

• Legal Uncertainty Risk: Legal uncertainty risk is closely related to regulatory risk but focuses on the current lack of clear legal frameworks for many aspects of DeFi. When using the honoprotocol.com front-end user interface to access the HONO Protocol, there is a level of risk and complexity from a legal perspective that applies as many jurisdictions have yet to establish legal frameworks and/or guidance on DeFi activities. This can create uncertainties about the legal status of various activities on the HONO Protocol. For example, there might be questions about the legal nature of certain DeFi transactions, the enforceability of smart contracts, or the legal responsibilities of various parties involved in the HONO Protocol. This uncertainty could potentially lead to legal disputes or unexpected legal consequences for users.
• Compliance Issues Risk: Compliance issues risk relates to the challenges users might face in adhering to various legal and regulatory requirements while using the honoprotocol.com front-end user interface. Users should be aware that their activities on the honoprotocol.com front-end user interface may be subject to scrutiny from tax authorities, financial regulators, or law enforcement agencies, and they should take steps to ensure they can demonstrate compliance, if necessary.
• Tax Risk: The tax treatment of cryptocurrency and DeFi transactions is still evolving in many jurisdictions, and can be complex and uncertain. For instance, interactions with the HONO Protocol might generate taxable events that are not immediately obvious, such as when providing collateral, borrowing against it, or earning rewards. Furthermore, the pseudonymous nature of blockchain transactions does not exempt users from their tax obligations, and tax authorities are increasingly focusing on cryptocurrency compliance. Users should be aware that they fully are responsible for understanding and fulfilling their tax obligations related to their use of the Services.

Third-Party and Integration Risks

• Third-party Integrations Risk: Third-party integrations risk refers to the potential vulnerabilities or issues that may arise from the honoprotocol.com front-end user interface’s connections with external services or protocols. For instance, the honoprotocol.com front-end user interface might integrate with various aggregators, decentralized exchanges or routers of trades for users to use them to trade. If any of these integrated services have vulnerabilities or experience downtime, it could affect the functionality of the Services or even compromise user assets deployed in the HONO Protocol.
• Counterparty Risk: The honoprotocol.com front-end user interface may now, or in the future, integrate with counterparties to facilitate or enhance the provision of the Services. DeFi platforms often interact with other protocols, oracles, and decentralized exchanges.
• DeFi Dependencies Risk: DeFi dependencies risk acknowledges that the honoprotocol.com front-end user interface and the HONO Protocol do not exist in isolation but are part of a larger DeFi ecosystem. The protocol may rely on other DeFi projects for various functionalities, such as price oracles, liquidity pools, or cross-chain bridges. If any of these dependent protocols face issues – be it a smart contract exploit, economic attack, or simply a design flaw – it could have cascading effects on the Services and its users. For instance, if a major liquidity pool that the HONO Protocol relies on were to be compromised, it could affect the protocol's ability to process user transactions efficiently.

Fraud and Malicious Activity Risks

• Fraud and Scams Risk: The HONO Protocol operates in a decentralized and permissionless environment, which can potentially attract bad actors. Users should be vigilant about unusual or suspicious activities, such as unsolicited offers, pressure to act quickly, or requests for sensitive information. Fraudulent schemes may attempt to manipulate users into making unintended transactions or revealing private information.
• Phishing Attacks Risk: Cybercriminals may attempt to impersonate the honoprotocol.com front-end user interface or the Services through fake websites, emails, or social media accounts. These phishing attempts aim to trick users into revealing sensitive information such as private keys or wallet credentials. Always double-check the URL and be wary of unsolicited communications asking for personal or financial information.
• Front-Running Risk: Due to the transparent nature of blockchain transactions, there is a risk that other parties could observe pending transactions and attempt to execute their own transactions ahead of yours, potentially resulting in less favorable outcomes for you. This practice, known as front-running, can impact the effectiveness of your intended transactions on the HONO Protocol.
• MEV risk: MEV refers to the concept of selecting and ordering transactions within a block to be added to the Ethereum network for financial gain beyond the usual rewards. In other words, MEV involves maximizing the value extracted from a block by strategically arranging transactions to optimize their execution. This can lead to various negative outcomes for users, such as increased transaction costs, unexpected price slippage, or failed transactions. MEV strategies can include more sophisticated forms of front-running, as well as back-running and sandwich attacks. For anyone partaking in DeFi activities, MEV risk means that large or high-value transactions might be particularly vulnerable to manipulation, potentially resulting in less favorable execution prices or unexpected outcomes. While MEV is a systemic issue in blockchain networks, users should be aware of its potential impact.

Exchange Risks

• Exchange Bankruptcy Risk: While the honoprotocol.com front-end user interface itself is not an exchange, users may interact with centralized exchanges before or after using the HONO Protocol. Exchange bankruptcy risk refers to the potential for a centralized cryptocurrency exchange to become insolvent and unable to fulfill its obligations to its users. This risk is particularly relevant when users need to move assets between centralized exchanges and their non-custodial wallets to interact with the Services. If an exchange where a user holds assets goes bankrupt, there is a possibility that the user might lose access to their assets or face significant delays in recovering them.
• Solver Centralization Risk: Solver Centralization Risk is a unique risk associated with certain DEX mechanisms that the honoprotocol.com front-end user interface might provide access to. Some DEX protocols use a system of "solvers" to find the most efficient way to execute trades. These solvers compete to provide execution for users' trades. However, if the pool of active solvers becomes too small or dominated by a few entities, it could lead to various issues. A centralized solver ecosystem could potentially manipulate trade execution, front-run transactions, or create a single point of failure for the trading system. While the honoprotocol.com front-end user interface does not control these solver mechanisms, users should be aware that when they are trading tokens or interacting with liquidity pools through the HONO Protocol, they might be exposed to this risk depending on the underlying protocols being used.

Privacy and Data Risks

• Privacy Risk: The inherent transparency of blockchain technology introduces certain privacy concerns. All transactions on the Ethereum blockchain, including interactions with the HONO Protocol through the honoprotocol.com front-end user interface, are publicly visible. This means that an observer could potentially link your wallet address to your trading activities, collateral positions, or other on-chain actions. Although your personal identity isn't directly exposed, sophisticated analysis techniques could potentially remove the pseudonymous veil protecting users by correlating on-chain data with off-chain information. Users should be aware that their transaction history, asset holdings, and interaction patterns with the HONO Protocol are visible to anyone who examines the blockchain, potentially compromising financial privacy.
• Dependence on External Data Risk: Both the honoprotocol.com front-end user interface and the HONO Protocol rely on external data sources to function correctly. For the honoprotocol.com front-end user interface, this includes, but is not limited to, third party providers and services such as Blockanalytica's data pipeline for analysis. The honoprotocol.com front-end user interface also relies on on-chain subgraphs for blockchain data querying, and RPC endpoint providers (such as Goldsky and Infura) for blockchain interaction. On the other hand, the decentralized and permissionless HONO Protocol depends on oracles for price feeds and other external data, as well as keepers for executing important functions like liquidations. Issues with any of these external sources—such as outages, inaccuracies, or manipulations—could lead to system failures, incorrect information display, transaction disruptions, or even financial losses for users. Users should be aware that the reliability and accuracy of both the Services and the HONO Protocol are partially dependent on these external factors and others.

Asset-Specific Risks

• Token Value Risk: Token value risk pertains to the potential for significant price fluctuations in the tokens used within the HONO Protocol ecosystem, which users can access with through the honoprotocol.com front-end user interface.

Operational Risks

• Platform Risk: Platform Risk refers to the potential issues that could arise from using the honoprotocol.com interface to interact with the HONO Protocol. While honoprotocol.com strives to provide a reliable and user-friendly interface, users should be aware that there are inherent risks in relying on any single interface to access decentralized protocols. For instance, the honoprotocol.com front-end user interface could experience downtime due to technical issues, maintenance, or cyber-attacks, potentially preventing users from accessing their assets or executing time-sensitive transactions. Additionally, there's always a possibility of bugs or glitches in the interface that could lead to incorrect display of information or errors in transaction execution. It's important to note that while honoprotocol.com serves as a gateway to the HONO Protocol, it is not the only means of accessing the protocol. In the event of issues with the interface, users may still be able to interact directly with the protocol's smart contracts, or use other gateways.

Market Dynamics Risks

• Redemption and Conversion Risk: Users might experience significant price slippage during conversions, especially in turbulent market conditions. High network congestion can make redemptions costly or impractical due to gas fees. While honoprotocol.com provides an interface for these operations, users should understand that these risks are inherent to the HONO Protocol.