Methodology
The composability of DeFi enables Mimo Protocol to connect with the rest of the ecosystem. However, it also exposes the protocol to financial contagion. Currencies used in the protocol affect the protocol at its core, in particular currencies accepted as collateral which safeguard the solvency of the protocol. To ensure a currency holds a reasonable amount of risk, we investigate three different levels.
First, we look at smart contract security and counter-parties in the governance. If these risks are too high, the currencies will be disqualified for the protocol or to be used as collateral. Then we look at market risks, which can be managed via the protocol’s parameters
Our risk scale ranges from lowest risk A+ for the safest assets of the protocol (like Ethereum) to the highest risk D-. The assets exposed to high risk factors can be considered for integration. However, they will not qualify as collateral to shield solvency.
Smart contract risk focuses on the technical security of a currency based on its underlying code. If one of the supported currencies is compromised, collaterals will be affected, threatening the solvency of the protocol. Projects must have undergone audits to be considered, yet smart contract risk is significant, bug bounties can help but it cannot be fully mitigated. We assess maturity based on the number of days and the number of transactions of the smart contract as a representation of use, community and development. These proxies show how battle-tested the code is.
Smart contract hacks have already resulted in millions of losses and so currencies with the highest smart-contract risk D+ and below, cannot be used as collateral. Currencies with a risk rating below D cannot be integrated in the protocol.
Counter-party risk assesses qualitatively how and by who the currency is governed. We observe difference degrees of governance decentralisation that may give direct control over funds (as backing, for example) or attack vectors to the governance architecture which could expose control and funds. The counter-party risk is measured from the level of centralisation corresponding to the number of parties that control the protocol as well as the number of holders and the trust in the entity, project or processes.
Currencies with a high counter-party risk below D+ disqualify as collateral.
Market risks are linked to the market size and fluctuations in offer and demand. These risks are particularly relevant for the assets of the protocol: the collateral. If the value of the collateral decreases, it might reach the liquidation threshold and start getting liquidated. The markets then need to hold sufficient volume for these liquidations - sells which tend to lower the price of the underlying asset through slippage affecting the value recovered.
We look at the average 24h volume representing the availability of the currency to assess liquidity risk: 
The volatility risk, based on the normalised fluctuations in the currencies price and calculated as the standard deviation of the logarithmic returns: 
We look at these values at: 1 month, 2 month, 3 months, 4 months, 5 months and 6 months.
Cryptocurrencies can be subject to sudden volatility spikes; it is not uncommon to witness 30% changes in price within a week or a month. When this is a price increase, to protect our users, it might be followed by a parameter readjustment to limit risks of new operations.
Finally, we also consider the market capitalisation representing the size of the market.
The historical data on which the analysis is based is extracted from various Dune Queries and combined with the onchain data. The methodology for linking historical data to risk factors was formalized based on rigid criteria for each factor and rating.
The historical data is computed through our risk quantification algorithm resulting in risk ratings from the lowest risks A+ to the highest risks D- following the criteria in the table below.
These ratings are calculated per sub-factor then aggregated via a rounded up average to account for diversification benefits.
Old Risk Quantification Criterion Table
With the recent events surrounding the USDC and the Tornado Cash user sanctions, we believe that centralized entities may be weakening the centralized asset market. This is why we have chosen to increase the value of Permissionless and decrease those of Centralized but regulated