Skip to main content

List Protocol Risk Configs

List all protocol risk configurations.
cURL
curl -H "x-api-key: dev-api-key" \
     http://localhost:3000/api/v1/risk/protocols

Response

{
  "status": "success",
  "data": {
    "protocols": [
      {
        "protocol": "jupiter",
        "version": "1.0.0",
        "maxSlippageBps": 100,
        "maxPoolConcentrationBps": 5000,
        "gaslessEligible": true,
        "deltaVarianceBpsThreshold": 500,
        "updatedAt": "2026-03-08T12:00:00.000Z"
      }
    ]
  }
}

Get Protocol Risk Config

Retrieve risk configuration for a specific protocol.
cURL
curl -H "x-api-key: dev-api-key" \
     http://localhost:3000/api/v1/risk/protocols/jupiter

Path Parameters

protocol
string
required
Protocol name

Response

protocol
string
required
Protocol name
version
string
required
Config version
maxSlippageBps
number
Maximum allowed slippage in basis points (0-10000)
maxPoolConcentrationBps
number
Maximum pool concentration in basis points
allowedPools
array
Array of allowed pool addresses
allowedPrograms
array
Array of allowed program IDs
oracleDeviationBps
number
Maximum oracle price deviation in basis points
requireOracleForSwap
boolean
Whether oracle price check is required for swaps
maxQuoteAgeSeconds
number
Maximum age of swap quote in seconds
deltaVarianceBpsThreshold
number
Delta variance threshold for delta guard (basis points)
gaslessEligible
boolean
Whether protocol supports gasless transactions
updatedAt
string
required
ISO 8601 timestamp

Update Protocol Risk Config

Update or create risk configuration for a protocol.
cURL
curl -X PUT \
  -H "x-api-key: dev-api-key" \
  -H "Content-Type: application/json" \
  -d '{
    "maxSlippageBps": 75,
    "maxPoolConcentrationBps": 4000,
    "gaslessEligible": false,
    "deltaVarianceBpsThreshold": 300
  }' \
  http://localhost:3000/api/v1/risk/protocols/jupiter

Path Parameters

protocol
string
required
Protocol name

Request Body

All fields are optional. Only provided fields are updated.
maxSlippageBps
number
Maximum slippage (0-10000 basis points)
maxPoolConcentrationBps
number
Maximum pool concentration (0-10000)
allowedPools
array
Array of allowed pool addresses
allowedPrograms
array
Array of allowed program IDs
oracleDeviationBps
number
Oracle deviation threshold (0-10000)
requireOracleForSwap
boolean
Require oracle price verification
maxQuoteAgeSeconds
number
Maximum quote age in seconds
deltaVarianceBpsThreshold
number
Delta guard threshold (0-10000)
gaslessEligible
boolean
Allow gasless transactions

List Portfolio Risk Controls

List all portfolio risk controls.
cURL
curl -H "x-api-key: dev-api-key" \
     http://localhost:3000/api/v1/risk/portfolio

Get Portfolio Risk Controls

Retrieve risk controls for a specific wallet.
cURL
curl -H "x-api-key: dev-api-key" \
     http://localhost:3000/api/v1/risk/portfolio/550e8400-e29b-41d4-a716-446655440000

Path Parameters

walletId
string
required
Wallet UUID

Response

walletId
string
required
Wallet UUID
maxDrawdownLamports
number
Maximum allowed drawdown in lamports
maxDailyLossLamports
number
Maximum allowed daily loss in lamports
maxExposureBpsPerToken
number
Maximum exposure per token in basis points (0-10000)
maxExposureBpsPerProtocol
number
Maximum exposure per protocol in basis points (0-10000)
autoPauseOnBreach
boolean
default:true
Automatically pause wallet on risk breach
updatedAt
string
required
ISO 8601 timestamp

Update Portfolio Risk Controls

Update or create risk controls for a wallet.
cURL
curl -X PUT \
  -H "x-api-key: dev-api-key" \
  -H "Content-Type: application/json" \
  -d '{
    "maxDrawdownLamports": 100000000,
    "maxDailyLossLamports": 50000000,
    "maxExposureBpsPerToken": 2500,
    "maxExposureBpsPerProtocol": 5000,
    "autoPauseOnBreach": true
  }' \
  http://localhost:3000/api/v1/risk/portfolio/550e8400-e29b-41d4-a716-446655440000

Path Parameters

walletId
string
required
Wallet UUID

Request Body

All fields are optional. Only provided fields are updated.
maxDrawdownLamports
number
Maximum drawdown threshold in lamports
maxDailyLossLamports
number
Maximum daily loss threshold in lamports
maxExposureBpsPerToken
number
Maximum token exposure (0-10000 basis points)
maxExposureBpsPerProtocol
number
Maximum protocol exposure (0-10000 basis points)
autoPauseOnBreach
boolean
default:true
Auto-pause on breach

Delta Guard

The delta guard system verifies expected vs observed lamport movement in transactions.

How It Works

  1. Before transaction: Record wallet balance
  2. After confirmation: Check actual balance change
  3. Compare to expected change from transaction intent
  4. If deviation exceeds threshold: Flag or auto-pause

Configuration

Global Tolerance: 
DELTA_GUARD_ABSOLUTE_TOLERANCE_LAMPORTS=5000
Per-Protocol Threshold: 
{
  "protocol": "jupiter",
  "deltaVarianceBpsThreshold": 500
}

Example

Expected change: -1,000,000 lamports (swap input)
Actual change:   -1,004,500 lamports (with fees)
Deviance:          4,500 lamports
Threshold:         5,000 lamports
Result: PASS

Chaos Engineering

Chaos mode injects controlled failures for resilience testing.

Get Chaos Config

cURL
curl -H "x-api-key: dev-api-key" \
     http://localhost:3000/api/v1/chaos

Response

enabled
boolean
required
Whether chaos mode is enabled
failureRates
object
Failure rate percentages by stage
latencyMs
number
Additional latency to inject (milliseconds)
{
  "status": "success",
  "data": {
    "enabled": false,
    "failureRates": {
      "simulation": 0.0,
      "build": 0.0,
      "sign": 0.0,
      "send": 0.0
    },
    "latencyMs": 0
  }
}

Update Chaos Config

cURL
curl -X PUT \
  -H "x-api-key: dev-api-key" \
  -H "Content-Type: application/json" \
  -d '{
    "enabled": true,
    "failureRates": {
      "simulation": 0.1,
      "build": 0.05
    },
    "latencyMs": 100
  }' \
  http://localhost:3000/api/v1/chaos

Request Body

enabled
boolean
Enable/disable chaos mode
failureRates
object
Failure rates by stage (0.0-1.0)
latencyMs
number
Artificial latency in milliseconds
Only enable chaos mode in testing environments. Never use in production.

Risk Monitoring Best Practices

Set protocol-specific slippage limits based on liquidity
Configure portfolio limits to prevent overexposure
Enable auto-pause for critical wallets
Monitor delta guard violations via audit events
Regularly review and update risk configs
Test chaos scenarios before production deployment

Example: Conservative Risk Profile

{
  "protocolRisk": {
    "jupiter": {
      "maxSlippageBps": 50,
      "maxPoolConcentrationBps": 3000,
      "requireOracleForSwap": true,
      "oracleDeviationBps": 100,
      "maxQuoteAgeSeconds": 30,
      "deltaVarianceBpsThreshold": 200,
      "gaslessEligible": false
    }
  },
  "portfolioRisk": {
    "maxDrawdownLamports": 50000000,
    "maxDailyLossLamports": 25000000,
    "maxExposureBpsPerToken": 2000,
    "maxExposureBpsPerProtocol": 3000,
    "autoPauseOnBreach": true
  }
}

Example: Aggressive Risk Profile

{
  "protocolRisk": {
    "jupiter": {
      "maxSlippageBps": 200,
      "maxPoolConcentrationBps": 7000,
      "requireOracleForSwap": false,
      "deltaVarianceBpsThreshold": 1000,
      "gaslessEligible": true
    }
  },
  "portfolioRisk": {
    "maxDrawdownLamports": 500000000,
    "maxDailyLossLamports": 250000000,
    "maxExposureBpsPerToken": 5000,
    "maxExposureBpsPerProtocol": 7000,
    "autoPauseOnBreach": false
  }
}

Build docs developers (and LLMs) love

Get started for freeTalk to us