SuperFi Docs

Security model

The exact guarantees Super9MM gives you — and the risks to understand.

Super9MM is non-custodial. This page states precisely what that means and what protects you.

The core guarantees

  1. Only you can withdraw. Deposits, withdrawals, and the position NFT are owner-only. The only way funds leave your Automator is a withdrawal you sign.
  2. The keeper can't reach your funds. It may call only the constrained automation functions, and each is hard-coded so outputs land back in your contract or your position — never to a third-party address.
  3. Every keeper action is price-guarded. A mandatory TWAP check runs on-chain for each automation. If price is being manipulated (or the guard isn't configured), the action reverts. This is fail-closed.
  4. Actions are rate-limited. The contract enforces a minimum interval between keeper actions, so a compromised keeper can't churn your position to bleed it via fees/slippage.
  5. You can stop it instantly. Pausing automation blocks all keeper actions immediately; you can also change or revoke the keeper.
  6. Bounded parameters. Configurable range widths are capped to safe limits so settings can't be abused.

What an attacker can't do

  • Move your tokens or NFT to themselves or anyone else.
  • Rebalance into a manipulated price (the TWAP guard blocks it).
  • Liquidate your position early (a stop-loss can only close when your on-chain TP/SL condition is actually met, and only into a token from your pair).
  • Spam actions to drain you via fees (rate limit + slippage minimums).

What you still need to understand (the real risks)

Non-custodial does not mean risk-free. Be honest with yourself about:

  • Smart-contract risk. The Automator and DEX contracts could contain bugs. Super9MM runs an internal audit process, but treat any new protocol with caution and start small.
  • Impermanent loss & market risk. Automation manages IL; it doesn't remove it. You can still end a position down if the market moves hard against you.
  • Keeper liveness. If the keeper is offline, automations pause until it's back. Your funds remain safe and you can always act manually, but auto-management isn't guaranteed in real time.
  • Thin liquidity. On low-volume pools, rebalances can cost more in slippage than the fees earned.

See Risks & disclosures for the full list.

Your safety checklist

  • Set a tight enough price guard / slippage cap for your pool (see Slippage & safety).
  • Use pause if you ever want automation to stop.
  • Start with a small position to get comfortable before scaling up.
ℹ️

The bottom line: Super9MM can manage your position, but it can never take it. Custody stays with you.