# Risk monitoring & response

#### Managing risk after deployment

Assessment determines whether capital is deployed.\
Monitoring determines whether capital remains deployed.

Shift’s live management cycle follows:

Detect → Evaluate → Contain → Recover → Rebalance

#### Continuous monitoring

All active positions are monitored in sync with blockchain blocks.

Metrics tracked include:

* Liquidity depth changes
* Collateral health factors
* Stablecoin peg stability
* Governance proposal submissions
* Smart contract upgrades
* Oracle price movements
* TVL shifts

Monitoring operates across assets, protocols, and networks simultaneously.

#### Trigger system

[Triggers](https://medium.com/@SHIFT_DeFi/triggers-over-trust-how-shift-automates-protection-against-defi-blowups-d2869c6a2596) are structured into two categories:

Minor triggers — signal elevated risk requiring review.\
Major triggers — signal immediate containment action.

Minor triggers may include:

* Gradual liquidity erosion
* Small price deviations (e.g., a stablecoin trading at 0.99 instead of 1.00)
* Increase in loan-to-value ratios toward elevated, but not critical levels
* Decline in collateralization levels while positions remain above liquidation thresholds 
* Governance proposal submission that may introduce new risk

Major triggers may include:

* Confirmed exploit
* Rapid stablecoin depeg
* Sudden liquidity collapse
* Malicious governance execution

Major triggers activate predefined emergency exits automatically.

Execution does not depend on human approval.

#### Emergency exits

Each strategy includes a predefined unwind pathway before capital is deployed.

Exit plans specify:

* Liquidity removal sequence
* Token conversion order
* Execution on the same network as the strategy (no cross-chain dependency during exit) 
* Slippage controls
* Execution priority

Transactions may be routed through private relayers to reduce MEV exposure during stress.

Speed of containment is measured in blocks, not hours.

#### Diversification & allocation controls

Risk containment begins with exposure sizing.

Allocation limits apply across:

* Individual assets
* Individual protocols
* Blockchain networks
* Developer entities
* Risk categories

Exposure caps prevent catastrophic concentration even in high-rated strategies.

#### Portfolio reshuffling

Yield opportunities and risk profiles change over time.

Shift continuously models the optimal risk-adjusted portfolio configuration within defined limits.

Reshuffling occurs when:

* Risk ratings change materially
* Relative yield advantage shifts
* Allocation limits drift
* Structural changes alter expected return

Every reshuffle must justify its transaction cost.

Capital is moved deliberately, not reactively.

#### External security integrations

In addition to its internal monitoring systems, Shift integrates third-party on-chain security services that analyze activity across the broader DeFi ecosystem.

These external systems operate independently and are designed to detect patterns that may not be immediately visible at the portfolio level. This includes monitoring for:

* abnormal transaction flows,
* exploit-like behavior patterns,
* unusual contract interactions,
* large or suspicious liquidity movements,
* and known attack signatures observed in other protocols.

Because these services track activity beyond Shift’s direct exposure, they can provide early warning signals — for example, if a vulnerability is being actively exploited in a protocol or in a similar system elsewhere.

These signals are integrated into Shift’s risk monitoring framework and can trigger alerts or protective actions when relevant thresholds are met.

The goal is not to outsource risk management, but to add an independent detection layer that reduces blind spots and improves reaction time.

This redundancy is intentional: multiple monitoring perspectives increase the likelihood that emerging risks are identified early and handled effectively.

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.shiftdefi.com/user-docs/the-risk-framework/risk-monitoring-and-response.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.