Risk Disclosures

An honest assessment of risks associated with the MARK token and the Mark Protocol project. This document is intended for users, reviewers, and anyone performing due diligence.

This is a cryptocurrency project. Cryptocurrency involves substantial risk, including total loss of funds. Do not interact with MARK unless you fully understand and accept the risks described below. This is not an investment product. No returns are promised or implied.

Risk Summary

Risk Category Severity Likelihood Potential Impact
Market / Price RiskHighExpectedTotal value loss
Smart Contract BugLowLowSevere
Liquidity RiskMediumMediumUnable to sell
Founder / Key-PersonHighLow–MediumDevelopment stops
RegulatoryMedium–HighUnknownLegal restrictions
CentralizationMediumExists nowTrust-dependent
Chain / InfrastructureLowLowTemporary downtime
User ErrorN/ACommonIrreversible loss

Market Risk

Severity: High

The price of MARK is determined entirely by market forces on decentralized exchanges. No entity guarantees the value of MARK. Cryptocurrency markets are volatile and unpredictable. The token may decline to zero value.

There is no price floor, no buyback mechanism, and no reserve backing the token's value. Volatility is not a bug — it is inherent to all freely traded tokens.

Mitigation: None. This risk is inherent and cannot be eliminated.

Smart Contract Risk

Severity: Low (but impact is high if realized)

The MARK contract inherits from OpenZeppelin's audited ERC-20 and ERC20Permit implementations. Custom logic is limited to the constructor, which mints the fixed supply and reverts on a zero-address recipient. The total custom code is approximately 28 lines.

However:

  • The contract has not been formally audited by a third-party security firm
  • No bug bounty program exists at launch
  • The contract is immutable — if a vulnerability is found, it cannot be fixed
  • OpenZeppelin dependencies could contain undiscovered issues

Mitigation: Intentional simplicity (minimal attack surface), comprehensive test suite (46 tests, including fuzz and invariant testing), and reliance on battle-tested libraries.

Liquidity Risk

Severity: Medium

Initial liquidity will be limited. Large trades will cause significant price impact (slippage). If liquidity decreases over time, the token may become difficult or impossible to sell at any price.

LP tokens are locked for a fixed period, but after expiry, liquidity could be removed. Low trading volume compounds this risk.

Mitigation: 50% of supply allocated to the liquidity pool. LP lock for 6–12 months. Lock proof published on-chain.

Centralization & Governance Risk

Severity: Medium

While the smart contract has no owner or admin privileges, the project is controlled by a single founder who:

  • Controls the 35% operations allocation
  • Holds the 15% founder allocation
  • Manages the project's web presence and social accounts
  • Makes all development decisions unilaterally

This means 50% of the token supply is under one person's influence. There is no on-chain governance, no multisig (at launch), and no DAO. Trust in the founder is required for everything except the immutability of the token contract itself.

Mitigation: Transparent allocation disclosure. All wallet addresses published. Multisig for operations wallet planned. On-chain vesting planned for founder allocation.

Regulatory & Legal Risk

Severity: Medium–High

Cryptocurrency regulation varies by jurisdiction and is actively evolving. MARK has not been registered with any regulatory body. No legal opinion on token classification has been obtained. Laws may change in ways that affect legality, usability, or value.

The project does not classify the token legally. Whether MARK constitutes a security, commodity, or other regulated instrument depends on your jurisdiction's laws.

Mitigation: No promises of returns. No revenue sharing. No investment language. Users must determine their own compliance obligations.

Operational & Key-Person Risk

Severity: High

The project depends on a single founder. There is no team, no board, no succession plan, and no redundancy. If the founder becomes unavailable, all development and communication stops.

The token contract itself continues to function independently — transfers, approvals, and trading are unaffected. But the attestation product, documentation, and community support stop.

Mitigation: Open-source code allows community forks. Immutable contract ensures token functionality persists.

Third-Party Dependency Risk

Severity: Low–Medium

The project depends on:

  • Base (L2): Operated by Coinbase. Has centralized sequencer risk.
  • OpenZeppelin: Audited but updates could affect compatibility.
  • Uniswap/Aerodrome: DEX availability and pool functionality.
  • LP Locker: Third-party service for LP lock integrity.
  • BaseScan: For contract verification visibility.

None of these dependencies are under the project's control.

User Error Risk

Severity: Variable (often total loss)

Common user errors in crypto are irreversible:

  • Sending tokens to the wrong address — tokens are lost permanently
  • Sending tokens to the contract address — tokens are trapped permanently
  • Losing wallet seed phrase — all tokens are lost permanently
  • Interacting with fake contracts — tokens stolen
  • Approving malicious contracts — tokens drained

Mitigation: Always verify contract addresses via BaseScan. Use small test transactions first. Never share seed phrases. Verify URLs directly.

Do not invest more than you can afford to lose entirely. This document does not cover every possible risk. Undiscovered risks may exist. This is not financial or legal advice. Consult qualified professionals before interacting with any cryptocurrency project.