Here at Alice, we believe web3 revolutionizes the way we use payments, but with any new technology there are risks. Alice will strive to improve and mitigate these risks, but as part of building trust and transparency with our users, we want you to be aware of these risks upfront.

There are risks involved with supplying funds or digital assets to Anchor Protocol via Alice on the Terra blockchain. Customers may experience losses. Below is a list of potential risks and ways of mitigation. We have included links to more information.

Private Key / Store of Funds

  • Alice is a non-custodial wallet and does not have access to your private key. Your private key grants access to your funds on the Terra blockchain

  • Alice uses Torus Network, which securely splits & distributes user private keys across multiple nodes, so only users can access their full private key

  • Your private key is also securely stored in your iPhone Secure Enclave or Android Keystore, protected by biometrics or PIN.

  • Alice is working on 2FA and threshold keys to bolster account security

  • If Torus Network were to be compromised, attackers may retrieve user private keys

  • Torus Network has been audited by independent cybersecurity companies. Read their audit HERE

Terra UST depeg risks

  • UST is designed to maintain a peg around 1 USD, but can vary

  • For Alice users, a minor UST depeg will result in a temporary reduction in account balance until the peg is resumed

  • A catastrophic UST depeg could mean a more permanent reduction in balance

  • Terra has been audited by an independent cybersecurity company. See the audit report HERE

Anchor Protocol Risks

  • Alice does not directly supply the yield rate - rather user funds are stored in Anchor Protocol

  • Anchor Protocol is developed by Terraform Labs and has over 15 billion UST total value locked (March 2022) since launch in early 2021.

  • The Anchor yield rate may lower over time depending on market conditions.

  • If Anchor were to be compromised, Alice user funds could lose value

  • Alice is working on an insurance product in conjunction with Risk Harbor to mitigate this risk

  • Anchor Protocol has been audited by multiple independent cybersecurity companies and hosts a bug bounty for security issues. See more HERE

Alice Smart Contracts Risks

  • Alice uses smart contracts to store user funds in Anchor Protocol and allow for fee-less payments

  • The Alice smart contracts are built on Cosmos ecosystem, which offers one of the most robust and secure smart contract mechanisms available today

  • In the event the Alice smart contracts were compromised, user funds could be partially or fully lost depending on the exploit

  • Alice smart contracts have been audited by an independent security company. Read more details HERE

Alice Account Compromise (Email)

  • Alice currently uses your connected email address as the only form of connectivity to your Alice account. If your email account is compromised, your Alice account can also be accessed

  • While a bad actor could access your account, they cannot make any transactions (deposit, withdrawal, P2P) within the app without passing a passcode/biometric challenge so your funds are safe assuming your mobile device is not also compromised

  • We recommend enabling Two-Factor Authentication on your email account to increase the security on your Alice account

  • Alice is diligently working on additional security and account recovery features to be released in the near future so stay tuned

If you have more questions or concerns regarding risk please feel free to contact us at [email protected] or via the Alice app chat support. We always want to hear from our users. It's the only way we will be sure we are building the best product possible!

Did this answer your question?