Is Camelot Safe?
Risk Grade: B (24/100)
Camelot is rated as moderate risk — some novel mechanisms, generally well-understood.
Moderate risk — strong Arbitrum ecosystem position but closed-source code and no bug bounty create a blind spot for security
The main decentralized exchange on Arbitrum, offering token swaps and liquidity pools with about $100M in deposits. Over 75 partner protocols use it for liquidity. Its B- grade reflects a closed-source codebase with no bug bounty program, meaning security researchers have no incentive to find bugs before hackers do.
TVL
$20M
Mechanisms
7
Interactions
5
Value Grade
B-
Key Risks for Camelot Users
The code is not public and there is no bug bounty program. If someone finds a vulnerability, they have every incentive to exploit it rather than report it
The trading engine relies on Algebra V2, a third-party library. A bug in Algebra would directly drain Camelot's pools, similar to how Curve lost $73M from a compiler bug
Only 18,386 GRAIL tokens circulate out of 73,506 total. This thin liquidity means a small buyer could manipulate the governance token price or capture the protocol cheaply
Top Risk Factors
- •No public GitHub codebase and no bug bounty program limit independent security review and vulnerability discovery
- •Concentrated liquidity V3 AMM relies on Algebra V2 implementation, inheriting third-party dependency risk
- •Extremely low GRAIL circulating supply (18K of 73K total) creates thin governance token liquidity and price manipulation risk
Risk Score Breakdown
Camelot's highest risk area is Vitality Risk (7/10). Here's how each dimension contributes to the overall 24/100 score:
Read the Full Camelot Risk Report
This protocol has 2 collapse scenarios. 2 high-severity interaction risks identified. See the full mechanism classification, interaction matrix, and deep-dive recommendations.
View Full Report →Considering an investment?