Resources
Security model
Vela aims for the smallest possible trust surface compatible with shipping a working credit market today.
What is trustless
- Collateral custody — vault contract is non-upgradeable on mainnet
- Solvency checks — enforced in-protocol, no offchain dependency
- Interest accrual — fully onchain, no oracle for rates
What is trusted (today)
- Oracle relayer — feeds USD prices for the five whitelisted assets
- Asset whitelist owner — adds/removes assets and tunes per-asset risk params
- Helmsman alerts — anyone can run one; the reference instance is operated by the team for testnet
⚠
On mainnet the asset config owner becomes a timelocked multisig with a 48h delay, and the oracle is intended to migrate to the chain's canonical equity feed once published. Until then, treat collateral whitelist changes as carrying governance risk.