Despite committing to multiple audits, Size is not immune from blockchain-related risk and smart contract risk. In addition, users should be aware of the below additional risks. Note that this is not intended to be an exhaustive list.

Technological Risk

Smart Contract Risk — Size is a relatively complex credit marketplace. Software bugs or unidentified economic attack vectors may exist. In addition to rigorous internal audits, three independent audits have been conducted, and reports can be reviewed in the Audits & Security section.

Oracle Risk — the protocol relies on a Chainlink oracle to conduct liquidations. Manipulation or attack of the Chainlink oracle may result in unprofitable liquidations, lender losses, or borrowers suffering a liquidation penalty unfairly.

Centralization Risk — the protocol relies on USDC behaving according to a standard ERC-20 token implementation, despite its contract being upgradeable and containing a blocklist. An unexpected upgrade or additions to the blocklist by the USDC token may result in an inability to withdraw.

Integration Risk — in order to provide lenders with passive variable rate interest while orders are pending match, the protocol relies on Aave operating smoothly to facilitate deposits and withdrawals. Failure to supply or redeem underlying tokens to Aave may result in liquidity being temporarily frozen on the Size protocol. This could happen as a result of Aave capping deposits, resulting in delayed repayment.

Counterparty Risk

All loans on Size are over-collateralized, and must be repaid before the due date. Liquidation may be conducted by anyone, including protocol keepers.

Overdue Loans

Overdue loans become eligible for liquidation. Anyone, including lenders, may participate in liquidating borrowers for a reward.

Liquidation Risk

Losses are not socialized, and an unprofitable liquidation of a borrower may result in losses to that borrower's lender(s).

Lenders may monitor the health of their borrowers and act as liquidators in the case of borrowers not maintaining sufficient collateral.

In addition, a lender may directly claim the borrower's associated collateral if the borrower's collateral ratio drops below 100%.

Governance Risk

Pausability & Upgradeability

Core contracts may be paused or upgraded. This decision was made in the interest of being able to secure funds and contracts if bugs are found early on, and will be progressively decentralized. A multisig is assigned as owner and can be seen here.