Technology & Infrastructure
Monitoring, dependency mapping, smart contract upgradeability, and disaster recovery for bizUSDT0.
Technology & Infrastructure
This document covers the technical infrastructure supporting bizUSDT0: monitoring systems, dependency mapping, smart contract upgradeability, incident response procedures, and disaster recovery.
Monitoring Dashboard
Real-Time Monitoring
The vault's operational state is monitored in real-time, covering:
- TVL and reserve ratio (updated per block)
- Sleeve allocation (Mystic Core USDT0 V2 balance vs target)
- WFLR accumulation (pending harvest balance in USDT0 equivalent)
- Mystic utilization rate (withdrawal queue risk indicator)
- SparkDEX pool liquidity (WFLR/USDT0 depth at ±25 bps range)
- FLR price volatility (FTSO oracle feed, hourly and daily)
Alert Routing
- Alerts are routed to the operations team via encrypted messaging (primary channel) and email (secondary channel).
- SEV0 alerts trigger immediate phone/page notification to the primary manager.
- SEV1 alerts trigger notification within 15 minutes.
- SEV2/SEV3 alerts are queued for the next business day review.
Allocator Access
Status: Read-only access to the monitoring dashboard for allocators is planned. A URL and access credentials will be provided upon request once the system is deployed.
Dependency Map
| Dependency | Type | Failure Mode | Impact on Vault | Mitigation |
|---|---|---|---|---|
| Superform | Vault platform | Contract exploit, platform downtime, governance changes | Deposits and redemptions halted; existing Mystic position unaffected | Monitor Superform governance proposals; maintain emergency withdrawal path |
| Mystic Core USDT0 V2 | Yield source | Smart contract exploit, utilization spike, governance pause | Sleeve funds at risk (up to 92% of TVL); yield generation stops | Monitor utilization and audit status; 8% reserve provides partial buffer |
| SparkDEX V4 | DEX / reward conversion | Pool drained, router exploit, liquidity migration | WFLR harvest paused; FLR exposure drifts above policy band | Monitor pool TVL; maintain alternative OTC conversion path as backup |
| USDT0 (LayerZero OFT) | Deposit asset | Depeg on Flare, bridge failure, contract exploit | All vault operations and NAV impacted | Monitor USDT0 peg on Flare vs other chains; no cross-chain exposure beyond OFT |
| Fordefi | Custody / key management | Platform outage, MPC failure, key compromise | Vault operations halted until custody is restored | 3-of-5 quorum provides redundancy; secondary managers have independent keys |
| Flare FTSO Oracles | Price feeds | Oracle manipulation, stale prices, downtime | Slippage calculations degraded; harvest may execute at unfavorable prices | 25 bps slippage cap provides hard stop; volatility circuit breaker halts swaps during price anomalies |
Smart Contract Upgradeability
Superform Vault Contract
- The bizUSDT0 vault is deployed through Superform's factory system.
- Upgradeability Status: Pending documentation. If the vault uses a proxy pattern (e.g., UUPS or Transparent Proxy), the admin/governance key that controls upgrades must be identified.
- Governance Process: Any upgrade to the vault contract would be subject to Superform's governance process (timelock, community review, etc.).
Mystic Core USDT0 V2
- Standard: ERC-4626 tokenized vault.
- Upgradeability Status: Pending documentation. The Mystic vault's upgradeability (or immutability) should be verified.
- Immutability Preference: If the Mystic vault is immutable, smart contract risk is limited to the initial deployment. If upgradeable, the governance/admin key represents an additional trust assumption.
Bizantine Position
- Bizantine does not have the ability to unilaterally modify the Superform vault contract or the Mystic Core USDT0 V2 contract.
Monitoring Rules
The following rules are enforced by the monitoring system with automated alerting:
| Metric | Threshold | Alert Level | Action |
|---|---|---|---|
| Sleeve Allocation Drift | ±1 percentage point from target | SEV2 | Trigger rebalance |
| Reserve Level | Below 7% or above 9% of TVL | SEV1 | Immediate rebalance |
| Harvest Execution | Last harvest more than 4 days ago | SEV1 | Investigate and execute harvest |
| Swap Slippage | Any swap exceeding 20 bps (within 25 bps cap) | SEV2 | Log and review |
| Swap Slippage | Any swap aborted at 25 bps cap | SEV1 | Investigate SparkDEX pool conditions |
| FLR Exposure | WFLR value exceeds 3% of NAV | SEV1 | Trigger immediate harvest |
| FLR Exposure | WFLR value exceeds 5% of NAV | SEV0 | Emergency harvest regardless of market conditions |
| FLR Volatility | ≥10% price move within 1 hour | SEV1 | Pause harvest swaps |
| Mystic Utilization | Above 85% | SEV2 | Monitor withdrawal queue |
| Mystic Utilization | Above 92% | SEV1 | Consider increasing reserve target |
| TVL Cap Proximity | TVL exceeds 95% of $25M cap | SEV3 | Notify operations team |
| Unauthorized Action | Any transaction from vault not in authorized action set | SEV0 | Immediate investigation and escalation |
Incident Response
SEV0 Triggers
- Loss of funds (any amount)
- Unauthorized transaction from vault
- FLR exposure exceeding 5% of NAV
- All operator keys compromised or unavailable
- Mystic Core USDT0 V2 contract exploit suspected
15-Minute Playbook
| Time | Action |
|---|---|
| T+0 | SEV0 alert received by on-call operator |
| T+2 min | Acknowledge alert; assess severity and scope |
| T+5 min | If funds are at risk: initiate emergency withdrawal from Mystic to reserve (if possible) |
| T+10 min | Notify primary manager via Fordefi; request authorization for emergency action |
| T+15 min | Execute emergency action (withdraw, pause operations, or escalate to Superform team) |
| T+30 min | Post initial incident report to allocator communication channel |
| T+2 hours | Post detailed incident report with timeline, root cause analysis (preliminary), and remediation plan |
Escalation Path
- On-call operator (first responder)
- Primary manager (Fordefi MPC - can authorize any vault action)
- Secondary managers (can execute emergency operations)
- Superform governance (if vault-level response is insufficient)
Disaster Recovery
Operator Unavailability Fallback
| Scenario | Response |
|---|---|
| Primary manager unavailable (Fordefi MPC) | Secondary manager executes operations using individual key |
| All operators unavailable for 24 hours | Vault enters auto-pilot: no rebalancing, no harvesting, deposits and redemptions continue per smart contract logic |
| All operators unavailable for 7+ days | Depositors may coordinate with Superform governance for emergency fund recovery |
Fordefi Disaster Recovery
- Fordefi maintains encrypted key share backups with geographic distribution.
- Full key recovery is possible within 24 hours in the event of hardware failure.
- Fordefi's disaster recovery procedures are documented in their platform documentation and tested quarterly.
Key Rotation Procedures
- Scheduled Rotation: Annual rotation of secondary manager keys, or upon personnel changes.
- Emergency Rotation: Initiated immediately if any key is suspected of being compromised.
- Process: Primary manager initiates rotation through Fordefi dashboard; requires 3-of-5 approval.
- Communication: All rotation events are logged on-chain and communicated to allocators within 24 hours.
Evidence Pack
The following artifacts are available for allocator and auditor review upon request:
Owner Roster
- Full list of vault operator addresses with role descriptions (documented in the strategy specification).
Allowlists
- Authorized sleeve addresses (Mystic Core USDT0 V2 only)
- Authorized swap path (WFLR → USDT0 via SparkDEX V4 only)
- Authorized router and pool addresses
Policy Snapshots
- Current reserve target: 8%
- Current TVL cap: $25M USDT0
- Current fee structure: 0% management, 10% performance (HWM)
- Current harvest triggers: 3 days / $500 USDT0
- Current FLR exposure policy: 2-3% of NAV
Monitoring Coverage
- All metrics and thresholds listed in the Monitoring Rules section are actively enforced.
- Historical alert logs are retained for 12 months.