# Security

This section documents the built-in protections and key trust assumptions.

### Upgrade protection

Only the factory owner can authorize upgrades. Leaders cannot upgrade vault contracts.

```solidity
function _authorizeUpgrade(address) internal override {
  require(factory != address(0), "No factory");
  require(msg.sender == IVaultFactory(factory).owner(), "Only factory owner");
}
```

### Reentrancy protection

All functions that move funds use `nonReentrant`.

```solidity
function buy(uint256 usdcAmount) external nonReentrant { ... }
function sell(uint256 tokens) external nonReentrant { ... }
```

### Access control

```solidity
modifier onlyAdmin() {
  require(msg.sender == admin, "Not admin");
  _;
}

modifier onlyLeader() {
  require(msg.sender == leader, "Not leader");
  _;
}

modifier onlyVaultOrLeader() {
  require(
    msg.sender == vault ||
    msg.sender == IBondingCurveVault(vault).leader() ||
    apiWallets[msg.sender],
    "Not authorized"
  );
  _;
}
```

### Fee caps

```solidity
uint256 public constant MAX_FEE = 3000;             // performance fee max 30%
uint256 public constant MAX_PERFORMANCE_FEE = 3000; // performance fee max 30%
uint256 public constant MAX_EXIT_FEE = 5000;        // exit fee max 50%
```

### NAV manipulation protections

1. **Entry NAV inheritance** on token transfers.
2. **Virtual reserve scaling** to stabilize price impact as vault grows.
3. **Trade limit**: max 1% of total assets per buy.

### Liquidity protections

1. **Pending sell** instead of reverting when liquidity is low.
2. **Auto-rebalance** targets 50% withdrawable liquidity.
3. **Liquidity cap**: sells are capped by available liquidity.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://hyper-fun.gitbook.io/hypers.fun/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.