Risk Overview
When investing in anything, there are risks, and for investing in Rari Capital, there are a few sources of risk with varying levels of severity: underlying risk, the lego risk of our integrated protocols, customer side risk, and risk within the Rari product.

Underlying Risk
The Ethereum Virtual Machine, or EVM, is what powers everything on the Ethereum blockchain. As Rari is currently on said blockchain, it has an innate risk tied to the EVM. If the EVM fails or breaks, Rari will break.

Integrated Protocols
Since Rari has several protocols (currently including 0x, dYdX, and Compound) integrated to maximize profits, we carry the lego risk of these protocols. For example, an integrated protocol could lose our funds from a bug or hack, however, along with the failure of the EVM, this is one of the more severe and unlikely risks. There are varying levels of severity with this as well, as an integrated lending protocol may fail to generate interest despite appearing as the ideal protocol, but wouldn’t result in the loss of consumer funds.

Customer Side
For consumer side risk, there is the possibility of a bug or hack of a user browser or OS which could cause a loss of funds, or, more mildly, it may temporarily break withdrawals.

Rari Fund Risk
There are 3 sources of risk within the product itself: the frontend, the rebalancer, and the smart contracts. 

Frontend: In the frontend, breaches and bugs can occur either in code, domain, or hosting, with the most extreme cases involving a loss of customer funds, but lesser incidents resulting in withdrawals temporarily breaking, without a loss of funds.

The rebalancer has a risk of a bug or hack of code/hosting or general theft of a balancer’s private key that could cause stablecoins to be traded via 0x at poor prices. However, the more moderate situations would be if a bug caused funds to be allocated incorrectly or for the withdrawal processing to break.

The risk for our contracts lies with a standard bug or hack of code, or, more intricately, a hacker compromises 3 of the 5 keys in the Rari multisig federation and “upgrades” a contract to code that steals customer funds. A smaller source of risk is the “experimental” feature of Solidity, ABIEncoderv2, where we are using Solidity version 0.5.7. This has known fixed bugs yet ultimately retains potential risk.

To summarize, investing in Rari Capital has a wide spectrum of degrees of risk, with the more traumatic cases being the least likely, spanning from the EVM breaking down or an incorporated protocol falling apart all the way to a browser bug temporarily pausing a transaction. We hope this has given you a greater understanding of the risk breakdown for investing in Rari Capital.