# Trust and Security Model

{% hint style="warning" %}
You are referring to the **`Legacy`** version of KyberSwap docs.

For the most updated information, please refer to:

* [**`Classic`**](https://github.com/KyberNetwork/kyberswap-documentation/blob/main/reference/legacy/protocol/broken-reference/README.md)
* [**`Elastic`**](/reference/legacy/kyberswap-elastic.md)
* [**`Limit Order`**](/kyberswap-solutions/limit-order.md)
* [**`Aggregator`**](/kyberswap-solutions/kyberswap-aggregator.md)
  {% endhint %}

### Who should the users trust?[​](https://docs.kyberswap.com/Legacy/trust-security-model#who-should-the-users-trust) <a href="#who-should-the-users-trust" id="who-should-the-users-trust"></a>

The users are not required to trust anyone because the protocol does not hold their funds (only when a trade is being executed). Additionally, being entirely on-chain allows users to freely verify and audit the smart contracts. For added security, a multisig wallet is used for executing admin actions.

Users can also specify a minimum conversion rate to prevent a trade from executing in the event slippage causes the conversion rate of a trading pair to fall below the minimum rate specified.

If users trade with Kyber via an affiliate’s interface, they have to check the transaction parameters, especially the *platform fee* charged, because there are no safeguards or sanity checks in the proxy contract.

### Who should reserve managers trust?[​](https://docs.kyberswap.com/Legacy/trust-security-model#who-should-reserve-managers-trust) <a href="#who-should-reserve-managers-trust" id="who-should-reserve-managers-trust"></a>

The reserves are required to trust the Kyber Network administrators not to perform malicious actions such as:

* Disabling trades without good rationale
* Change the MatchingEngine contract code such that the fairness in the selection of reserves for trades is affected
* Setting reserve rebates to zero without clear communication and coordination.

In addition, the reserve managers should be aware that their reserves could be affected by extreme market conditions like flash crashes or from sub-optimal inventory management (e.g. setting wrong prices or from large exposure to risky tokens).

### Who should Kyber trust?[​](https://docs.kyberswap.com/Legacy/trust-security-model#who-should-kyber-trust) <a href="#who-should-kyber-trust" id="who-should-kyber-trust"></a>

Kyber Network administrators need to read smart contracts of the reserves and tokens in order to list them on the network contract. They need to ensure that the token contract is not malicious, for example.

### Who should affiliates trust?[​](https://docs.kyberswap.com/Legacy/trust-security-model#who-should-affiliates-trust) <a href="#who-should-affiliates-trust" id="who-should-affiliates-trust"></a>

Affiliates have to trust Kyber not to set a malicious Kyber Network. For example, a network that doesn’t send the platform fees to the FeeHandler.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.kyberswap.com/reference/legacy/protocol/trust-and-security-model.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.