_____ _____ _   _ _____ _   _    _____ _   _ _____ _____ _     ____  
|_   _|     | | / | ___| \ | |  /  ___| | | |_   _| ___| |   |  _ \ 
  | | | | | |   | | |__ |  \| |  \___  | |_| | | | | |__ | |   | | | |
  | | | | | | . ` |  __||     |   ___)  |  _  | | | |  __|| |   | | | |
  | | | |_| | |\  | |___| |\  |  /____  | | | |_| |_| |___| |___| |_| |
  |_| \_____/_| \_\_____|_| \_|  \_____\_| |_|\___/\_____|_____|_____/
                    

Token Eligibility & Risk Criteria

Not all tokens qualify for Token Shield coverage. We use automated, on-chain criteria to identify genuinely high-risk assets that fit our protocol's risk profile.

Qualification Requirements

A token must meet all of the following criteria to be eligible: [feedback on criteria]

1. Volatility Threshold: 30-day standard deviation of returns >50% (measured via Pyth price oracles)
2. Liquidity Cap: Total liquidity (across all DEXs) <$2M USD
3. Launch Recency: Token age <90 days from initial mint/launch
4. Solana Native: SPL token on Solana mainnet with verified mint authority
5. DEX Presence: Active trading on at least one Solana DEX (Raydium, Orca, Jupiter aggregated pools)
6. Not Blacklisted: Token not on DAO-maintained blacklist (e.g., known scams, sanctioned addresses)

Risk Scoring

Eligible tokens receive a risk score (1-10) based on:

• Historical volatility (higher vol = higher score)
• Liquidity depth (thinner liquidity = higher score)
• Developer wallet holdings (>30% supply held by <5 wallets = higher score)
• Contract verification status (unverified = higher score)
• Social metrics (Twitter mentions, holder count - affects score)

This risk score directly impacts premium pricing. Higher risk = higher premiums, but also higher likelihood of payout events. [feedback on risk scoring]

Claim Triggers & Payout Process

Token Shield payouts are activated by objective, oracle-verified on-chain events. No manual claims required - when a trigger hits, the smart contract automatically processes eligible coverage policies.

Trigger Events

Any of the following events will trigger automatic claim processing:

1. Price Dump Trigger [feedback]

• Condition: Token price drops >40% within any rolling 24-hour window during coverage period
• Verification: Pyth oracle price feeds (requires 3 consecutive oracle updates confirming threshold)
• Example: $NEET trades at $0.50, drops to $0.28 over 18 hours → Trigger activated

2. Liquidity Drain Trigger [feedback]

• Condition: Total DEX liquidity drops >50% within any 24-hour window
• Verification: Jupiter aggregated liquidity data + individual DEX pool reserves
• Example: $NEET liquidity drops from $1.5M to $700k → Trigger activated

3. Developer Wallet Dump Trigger [feedback]

• Condition: Wallet(s) holding >5% of supply dumps >10% of total supply within 24 hours
• Verification: On-chain transaction monitoring of top holder wallets
• Example: Dev wallet sells 12% of total $NEET supply in one transaction → Trigger activated

Payout Calculation & Execution

Once a trigger event is confirmed, payouts are calculated and distributed automatically:

Payout Formula

Payout = min(ActualLoss × CoverageLevel, MaxPayout)

Where:
- ActualLoss: USD value lost from entry to trigger
- CoverageLevel: 0.3, 0.5, or 0.7
- MaxPayout: PositionSize × CoverageLevel (payout cap)

Deductibles & Caps [feedback on policy]

• Minimum Loss: 10% deductible (no payout if loss <10% of position)
• Maximum Payout: Capped at CoverageLevel × PositionSize (can't profit from coverage)
• Pool Limit: Total payouts capped at 80% of pool reserves (prevents insolvency)

Position: $10,000 in $NEET, 50% coverage
Trigger: Price drops 45% in 20 hours
ActualLoss: $10,000 × 0.45 = $4,500
Payout: $4,500 × 0.5 = $2,250 SOL to wallet ✅

Position: $10,000 in $NEET, 50% coverage
Trigger: Liquidity drained, price drops 80%
ActualLoss: $10,000 × 0.80 = $8,000
Calculated: $8,000 × 0.5 = $4,000
MaxPayout: $10,000 × 0.5 = $5,000
Payout: $4,000 SOL to wallet ✅ (under cap)

Position: $10,000 in $NEET, 50% coverage
Event: Price drops 8% in volatile session
ActualLoss: $800 (below 10% deductible)
Payout: $0 ❌ (under minimum threshold)

Pool Sustainability & Yield Strategies

Long-term protocol viability depends on maintaining a healthy insurance pool that can pay claims without relying on perpetual premium inflows.

Pool Mechanics

• Premium Inflow: All user premiums flow into main insurance pool (minus 5% protocol fee)
• Yield Generation: Idle pool funds are deployed to yield-generating strategies
• Payout Reserve: 20% of pool kept in liquid SOL/USDC for instant payouts
• Over-Collateralization: Target ratio of 150% (pool value / active coverage value)

Yield Strategies

The pool generates returns through conservative DeFi strategies:

Primary Strategies (Launch Phase)

1. Marginfi Lending: Deposit USDC/SOL in Marginfi lending markets (conservative ~5-8% APY)
2. Solana Staking: Native SOL staking via validators (predictable ~7% APY)
3. Stable LP Positions: USDC-USDT or similar stable pairs on Raydium (low IL risk)

Secondary Strategies (Future)

• Delta-neutral perpetual funding rate farming
• Automated market-making on select low-volatility pairs
• Cross-protocol yield optimization via aggregators

Solvency Monitoring

The protocol continuously monitors:

• Coverage Ratio: Pool Value / Active Coverage Value (target >150%)
• Utilization Rate: Active Coverage / Pool Capacity (max 70%)
• Claim Rate: Paid Claims / Collected Premiums (historical tracking)

If coverage ratio drops below <125%, the protocol automatically:

1. Halts new enrollments until ratio recovers
2. Increases premium rates by 20-50% (temporary)
3. Triggers DAO emergency governance vote for intervention

Oracle Integration & Data Sources

Accurate, manipulation-resistant data is critical for fair trigger detection and payout calculation.

Primary Oracle: Pyth Network

• Price Feeds: Real-time price data for covered tokens (sub-second updates)
• Confidence Intervals: Statistical confidence scores prevent manipulation
• Multi-Publisher: Aggregated from 70+ first-party data providers
• On-Chain Verification: All prices cryptographically signed and verifiable

Secondary Data Sources

• Jupiter: Aggregated DEX liquidity data, routing information
• Birdeye API: Token holder distribution, wallet tracking
• Direct DEX Queries: Pool reserves from Raydium, Orca (backup verification)
• Solana RPC: On-chain transaction history, mint authority verification

Manipulation Prevention

To prevent oracle attacks and false triggers:

1. Multi-Source Verification: Trigger requires consensus from 2+ data sources
2. Time-Weighted Pricing: Use TWAP (time-weighted average) over 15-minute windows, not spot prices
3. Outlier Rejection: Discard price points >3 standard deviations from median
4. Liquidity Filters: Only use prices from pools with >$50k liquidity
5. Delay Mechanism: 5-minute confirmation window before trigger activation (prevents flash-crash false positives)

Smart Contract Architecture

Token Shield is built on Solana using the Anchor framework. The protocol consists of several core programs:

Core Programs

1. Coverage Manager Program

• Handles enrollment, premium collection, policy token minting
• Stores coverage policies (position size, duration, coverage level)
• Validates token eligibility on-chain
• Emits events for off-chain indexing

2. Oracle Monitor Program

• Subscribes to Pyth price feeds and other data sources
• Monitors active coverage policies for trigger events
• Performs trigger validation (multi-source, time-weighted)
• Initiates claim processing when triggers confirmed

3. Payout Engine Program

• Calculates payout amounts based on actual losses
• Applies deductibles, caps, and pool limits
• Executes SOL/USDC transfers to covered wallets
• Burns coverage policy tokens after payout
• Updates pool accounting and reserves

4. Pool Manager Program

• Manages insurance pool funds and reserves
• Deploys funds to yield strategies
• Monitors solvency ratios
• Implements emergency pause mechanisms

5. Governance Program

• DAO voting and proposal execution
• Parameter updates (risk criteria, premiums, caps)
• Treasury management
• Emergency interventions

Security Features

• No Admin Keys: Core programs are immutable post-deployment (upgrades require DAO vote)
• Timelocks: Parameter changes have 48-hour delay before execution
• Multi-Sig Guardians: Emergency pause requires 3-of-5 community multisig
• Formal Verification: Critical functions mathematically verified for correctness
• Bug Bounty: $100k+ program for responsible disclosure

Privacy & Zero-Knowledge Proofs

While Solana is a public blockchain, Token Shield implements privacy-preserving mechanisms to protect user positions from front-running and manipulation.

Privacy Challenges

• Position Visibility: Large coverage enrollments could signal whale positions
• Trigger Frontrunning: Bots could monitor coverage and sell before dumps
• Competitive Intelligence: Other traders could copy strategies based on coverage data

ZK-Based Solutions

We use zero-knowledge proofs to enable private coverage verification:

Enrollment Privacy

• Coverage policy details (position size, coverage level) stored as encrypted commitments on-chain
• Only the user's wallet can decrypt their coverage details
• Smart contract verifies eligibility without knowing actual position size (ZK-SNARK)
• Public observers only see aggregate pool metrics, not individual policies

Payout Privacy

• When trigger occurs, user submits ZK proof of eligible coverage
• Proof verifies: "I have active coverage for token X" without revealing amount
• Payout sent directly to wallet; transaction appears like normal transfer
• Optional: Use privacy-preserving wallets (e.g., Elusiv integration) for receiving payouts

Risks & Limitations

Token Shield is experimental DeFi infrastructure. Users must understand the following risks before participating:

Protocol Risks

1. Smart Contract Bugs

• Risk: Undiscovered vulnerabilities could lead to fund loss or exploits
• Mitigation: Multiple independent audits, formal verification, conservative deployment (testnet → limited mainnet → full launch)
• Residual Risk: No code is 100% bug-free; always possible

2. Oracle Manipulation

• Risk: Attackers could manipulate price feeds to trigger false payouts or prevent legitimate ones
• Mitigation: Multi-oracle design, time-weighted pricing, outlier rejection, liquidity filters
• Residual Risk: Sophisticated, well-funded attackers may find edge cases

3. Pool Insolvency

• Risk: Correlated claim events (e.g., market-wide crash) could deplete pool faster than premiums replenish it
• Mitigation: Conservative coverage limits, over-collateralization targets, dynamic premium pricing, emergency pause
• Residual Risk: Black swan events could overwhelm reserves

4. Yield Strategy Failures

• Risk: DeFi protocols holding pool funds could be exploited or fail
• Mitigation: Diversification across strategies, only battle-tested protocols, allocation caps, continuous monitoring
• Residual Risk: Cascading DeFi failures could impact pool value

Economic Risks

5. Moral Hazard

• Risk: Insured traders may take excessive risks, knowing downside is capped
• Mitigation: Deductibles, partial coverage only (no 100% insurance), premium adjustments
• Impact: Could lead to adverse selection and pool losses

6. Adverse Selection

• Risk: Only traders expecting dumps will buy coverage, skewing risk pool
• Mitigation: Dynamic pricing based on token risk scores, coverage caps per token
• Impact: May require higher premiums over time

Regulatory Risks

7. Legal Uncertainty

• Risk: Insurance is heavily regulated; DeFi insurance may face regulatory challenges
• Context: Decentralized, non-custodial design reduces but doesn't eliminate regulatory concerns
• Mitigation: Legal review in key jurisdictions, DAO structure (no single entity), geofencing if needed
• Impact: Could limit accessibility in certain regions

Operational Risks

8. Governance Attacks

• Risk: Malicious actors accumulate governance tokens and pass harmful proposals
• Mitigation: Timelocks, multi-sig guardians, vote-escrow incentive alignment
• Impact: Could change parameters unfavorably or drain treasury

DAO Governance

Token Shield is governed by a decentralized autonomous organization (DAO) to ensure community control and prevent centralized points of failure.

Governance Token (Future)

A governance token (working name: $SHIELD) will be distributed to:

• Early coverage purchasers (retroactive airdrop)
• Liquidity providers to the insurance pool
• Community contributors (developers, auditors, educators)
• Treasury for future incentives and grants

Governance Powers

Token holders can vote on:

• Risk Parameters: Eligibility criteria, deductibles, coverage caps
• Premium Pricing: Base rates, risk score weighting, dynamic adjustments
• Oracle Selection: Adding/removing data sources, trust thresholds
• Yield Strategies: Approving new DeFi integrations, allocation limits
• Token Blacklist: Blacklisting/whitelisting specific tokens
• Treasury Management: Protocol fee allocation, grants, partnerships
• Emergency Actions: Pause/unpause protocol, emergency fund transfers

Voting Mechanics

• Proposal Threshold: 100k $SHIELD tokens to create proposal
• Voting Period: 7 days for discussion + 3 days for voting
• Quorum: 10% of circulating supply must vote
• Approval: 66% yes votes required for passage
• Timelock: 48-hour delay before execution (emergency pause bypasses)

Guardian Multisig

A 3-of-5 multisig composed of respected community members can:

• Execute emergency pause if critical vulnerability discovered
• Veto malicious governance proposals (e.g., drain treasury)
• Transfer to full DAO control once protocol matures

Development Roadmap

Token Shield is currently in conceptual/planning phase. Below is our anticipated development timeline:

Team & Community

Token Shield is a community-driven experiment. We're transparent about being in early conceptual stages.

Current Status

• Core Team: Small group of DeFi builders, smart contract developers, and Solana ecosystem contributors
• Advisors: Seeking experienced professionals in insurance, actuarial science, and crypto regulation
• Community: Growing cohort of degen traders, meme coin enthusiasts, and DeFi risk researchers

Get Involved

We're actively seeking contributors in:

• Smart Contract Development: Anchor/Rust experience, security-focused mindset
• Frontend Development: React/Next.js, Web3 integrations, UX for DeFi
• Quantitative Modeling: Premium pricing algorithms, risk scoring, actuarial analysis
• Security Research: Auditing, formal verification, exploit discovery
• Community Management: Discord moderation, content creation, education
• Business Development: Partnerships, liquidity providers, token projects

Join the Community

• Discord: [Coming Soon] - Daily discussion, development updates
• Twitter: [Coming Soon] - Announcements, market insights
• Telegram: [Coming Soon] - Fast-paced chat for degens
• GitHub: [Coming Soon] - Open source code, technical proposals

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

Ready to protect your bags?

$ cd ~ && ./join_waitlist.sh