Protocol Baseline
Shipped- Upgradeable system modules behind proxies (Factory/Router/Oracle/FeeCollector/Limiter/Governance).
- Immutable pools with explicit reserve accounting and on-chain events for indexing.
- Pausable safety controls on critical modules for incident handling.
- Slippage + deadline guardrails in the router entrypoints.
UX Safety (Transactions)
In progress- Clear transaction staging: Approve A → Approve B → AddLiquidity/Swap with a visible progress UI.
- Human-readable error states (reverts, network mismatch, insufficient allowance/balance).
- Native ETH path UX (swap/add/remove using ETH methods) to reduce accidental WETH friction.
Operational Hardening
Planned- Multisig or timelocked ownership for production admin actions and upgrades.
- Upgrade runbook: storage layout checks, staging rehearsal, post-upgrade verification snapshots.
- Monitoring: alerts for pause/unpause, fee changes, limiter changes, and governance executions.
Out of scope for v1
Some security work is valuable but would slow down a v1 ship. These items can be added once core user flows are stable:
Formal audit cycle
Independent audit + remediation + re-audit for core modules and upgrade patterns.
Bug bounty
Public bounty program with scope, severity rubric, and payout policy.
Advanced analytics
Full historical charts require indexing + integrity checks on the data pipeline.
Per-market risk policies
More granular caps, whitelist rules, and circuit breakers for specific pools.
Report issues
If you spot a UI bug, a confusing signature flow, or a contract interaction edge-case, document the exact steps and include the tx hash (or call parameters on local).