Risks: read this
Everything that can go wrong, ordered by how much it matters.
This page follows the protocol's docs voice: radically honest. If you read one page before depositing, read this one. Nothing here is investment advice.
1. Issuer risk (the dominant risk, stock baskets)
The underlying Stock Tokens are debt instruments of Robinhood Assets (Jersey) Ltd, not direct share ownership. The issuer can pause or freeze the underlying tokens. Vimen inherits this risk and cannot remove it:
- If any constituent's transfers are frozen, redeeming the whole basket reverts until the freeze lifts; redemption is all-or-nothing by design (a partial-redeem escape hatch was deliberately not built, to keep the contract minimal and its invariants simple).
- This risk exists identically when holding the Stock Tokens directly; the basket neither adds to nor subtracts from it.
- Deposit caps exist primarily to bound aggregate exposure to this risk.
HOOD6's chain-native constituents have no issuer and no freeze function; they carry ordinary crypto market and liquidity risk instead.
2. Unaudited contracts
The contracts have not undergone a professional audit. Mitigations, not substitutes: ~160 nSLOC of custom core logic on OpenZeppelin v5, 100% line/branch coverage across all contracts, fuzz + invariant + mainnet-fork suites, and triaged static analysis (details). Supply caps stay at ≈$100K per basket until traction, and $2M requires a published audit (roadmap).
3. Market & product risks
- Weight drift: units are fixed; weights drift with prices, like an unrebalanced ETF. Documented behavior, not a bug (explainer).
- Constituent volatility: a basket is exactly as risky as what it holds. HOOD6 holds young, thin-liquidity chain-native tokens.
- Zap execution: thin pools mean worse prices; the 5% per-leg impact gate bounds this loudly, and in-kind mint/redeem never depends on pools.
- Secondary-market pricing: if basket tokens trade on DEXes, the pool price can deviate from NAV; in-kind mint/redeem is the arbitrage anchor, but arbitrage needs liquid constituents.
4. Chain & infrastructure risks
- Robinhood Chain runs a single sequencer operated by Robinhood; soft finality depends on it (hard finality on Ethereum).
- Chainlink feeds are display-only for Vimen, but a stale or paused feed degrades the app's NAV display (never the contract).
5. Compliance restrictions
Not available to US, UK, Canadian, Swiss or UAE persons; the hosted frontend geoblocks accordingly (HTTP 451). These mirror the underlying Stock Tokens' own restrictions. Users are responsible for their local law.
What is not a risk here
For balance, here are failure modes common in DeFi that Vimen's design excludes:
| Common failure | Why it's excluded |
|---|---|
| Admin rug / treasury drain | No function exists to withdraw vault funds, for anyone |
| Upgrade to malicious code | No proxy, no upgradeability |
| Oracle manipulation minting unbacked tokens | No oracle in the mint path: mint is in-kind against fixed units |
| Depeg from fractional reserves | Full backing is a contract invariant, checkable via isFullyBacked() |
| Locked exits during a bank run | Redemption is ungated by construction; there is nothing to run on, since every token is a claim on specific vault holdings |