Risks

These are the five disclosures every creator and trader needs to read before signing. The on-page modal at /create shows the short version; this page is the long-form context. If something here is unclear, do not deploy and do not swap until you understand the trade-off.

1. The contracts have not been externally audited

The production contracts have been through an extensive internal review (Foundry coverage ≥ 90%, 50,000-run invariants, Halmos symbolic proofs, Slither + Aderyn static analysis, mainnet-fork integration tests, Claude-driven code review). They have not been through a paid Code4rena warden engagement or a Spearbit / Cantina audit.

This is not equivalent to a third-party audit. The mitigation stack reduces risk but does not eliminate it. If you are uncomfortable with this posture, do not use peg.fun.

See Security for the disclosure channel and the full internal review stack.

2. Liquidity is permanently burned at graduation

When a token's curve reaches the 4.16 ETH graduation threshold, the curve's ETH and remaining tokens are atomically deployed as a Uniswap v4 LP position, and that position is sent to the zero address.

The LP cannot be removed by anyone, ever. Not the creator. Not peg.fun. Not the holder community.

This is the trade-off:

  • In exchange for: permanent, no-rug-pull-ever liquidity that holders can rely on.
  • You give up: any recovery path if something goes catastrophically wrong post-graduation.

If a critical bug is found in the contracts after graduation, the burned LP is gone, peg.fun cannot recover it. The renounced posture is intentional, but it has no escape hatch.

See LP burn.

3. The contract becomes immutable after graduation

Post-graduation:

  • The token contract's migration authority is locked.
  • The creator vault's rotation is locked.
  • The hook owns its LP forever.
  • There is no admin key, no pause function, no upgrade path, no fee-rate change.

Even peg.fun cannot pause, upgrade, or recover funds.

This is the deliberate "permissionless, eternal" trade-off. The token contract you deploy is the token contract that exists forever. If something needs to change, you can't change it. If the AI pipeline picks the wrong art, the wrong art is on-chain forever. If a small contract bug surfaces after graduation, no one can patch it.

This posture is what makes peg.fun a "permanent, rug-safe" protocol. It is also what makes it a "ship with extreme care" protocol.

4. Aggregator and v3-router buyers silently lose objects

This is intentional, and it is the most-easily-misunderstood risk.

peg.fun uses DirectSwap (its own router) for all post-graduation trades because the Uniswap Universal Router, the Uniswap widget, and every DEX aggregator (1inch, CowSwap, ParaSwap, Matcha, etc.) break the object-mint guard inside the PegToken contract. The guard requires the buyer's address to be bound and the PEG to arrive directly from the PoolManager, aggregators violate both conditions.

Buyers who route through aggregators receive the ERC-20 PEG correctly but do not get the associated objects. Those object slots are forfeited at the contract level. There is no off-chain remedy and no refund.

If you want your objects, use peg.fun's native swap UI. The form on every token's detail page calls DirectSwap by default. See Why aggregators destroy objects for the long version.

5. The 0.001 ETH AI Easy Mode service fee is non-refundable

If you pay the 0.001 ETH AI Easy Mode session fee but Replicate and OpenAI fail end-to-end, the fee is forfeit, peg.fun does not run a refund queue, does not batch refunds through the treasury, and does not deploy a distributor contract.

This is the operational-simplicity trade-off:

  • In exchange for: the simplest possible founder operational footprint (no weekly refund batches, no SLA to honor, no refund-related code to audit).
  • You bear: the risk of AI provider outages.

If you see AI_PROVIDER_FAILED_NON_REFUNDABLE in the create flow, the fee has already been spent. Try again later, provider availability is usually restored within minutes, or use Pro mode (when it ships), which bypasses the AI service entirely.

The full mitigation stack

The risks above are real. The mitigations:

  • ≥ 90% Foundry test coverage on src/ overall; ≥ 95% on the critical paths (hook + weight math + fee accumulator).
  • 50,000-run invariant testing on the balance-weight math.
  • Halmos symbolic proofs of the vault solvency invariant (hook.balance >= sum(pendingClaim) + sum(pendingRefunds)).
  • Slither + Aderyn static analysis, HIGH/CRITICAL blocking CI.
  • Mainnet-fork integration tests against real Uniswap v4 PoolManager bytecode.
  • Claude-driven internal review over the production contracts.
  • Public Sepolia testnet drills ≥ 7 days before each mainnet ship.
  • Private vulnerability disclosure channel (see Security).
  • No admin gating post-graduation, no party can compromise the protocol after deploy.
  • Permissionless posture, no whitelist, no canary window, free-for-all from block 1.

This stack is the strongest combination available without a paid audit. It is the founder's best effort within solo-founder budget constraints.

If you take one thing away

Use the native swap UI. Read aggregator-loss. Understand that graduation is permanent. Those three things cover the vast majority of the trader-side risk surface.

For creators, the analogous list: understand renounced ownership, understand burned LP, understand that the AI session fee is non-refundable. Read What migration does, LP burn, and AI Easy Mode before paying the 0.001 ETH session fee.

Related