Skip to main content


Security is the number one focus during the development process, however, it's impossible to guarantee a risk-free environment. The following sections explain the risks when using the decentralized RMM Protocol or Primitive Products.

Smart Contract Risks

Were the RMM contracts audited?

Yes. RMM protocol contracts have been audited by five security firms, making it one of the most audited set of smart contracts in DeFi (if not the most). You can learn more about it on our dedicated page.

While these audits give high confidence in the protocol's security, the smart contracts still have the possibility of containing bugs. Along with the audits, Primitive has a $1,000,000 bug bounty on Immunefi.

Are there any admin Keys?

No, RMM smart contracts are completely decentralized and permissionless, the Primitive team has NO control over them.

Are the contracts upgradeable?

The core contracts of the RMM protocol are immutable, which means that they cannot be updated.

Usage Risks

Are there any financial risks using RMM?

Yes, we recommend reading the knowledge base and guides in the Primitive Library or asking questions in the Primitive Discord server if some aspects of the protocol remain unclear.

Oracle Risks

Are there any risks linked to oracles?

None! RMM Protocol does not use, rely upon, or need price feed oracles.