Failure / Threat Matrix
Continuity-Governed Response Mapping
Purpose
The Failure / Threat Matrix defines how the Sagitta Protocol responds to adverse conditions across financial, technical, and governance domains.
Each failure class is mapped to a governing authority and a deterministic outcome. The matrix demonstrates that no failure mode results in depositor principal loss or uncontrolled system collapse.
This matrix describes what happens, not how it is implemented.
Threat Classification Matrix
Allocation Underperformance
Allocation batch returns less capital than deployed
Treasury + Reserve
Ordered loss absorption; reserve-relative settlement
Principal preserved; yield adjusted
Sustained Allocation Failure
Repeated underperformance across batches
Treasury + Reserve + AAA
Allocation contraction; strategy restriction; reserve prioritization
Principal preserved
Stablecoin Depeg
Stability Unit deviates materially from peg
Continuity Engine
Currency substitution; valuation normalization
Principal preserved in substituted unit
Reserve Asset Volatility
Reserve asset correlation or valuation shift
Reserve + Continuity Engine
Coverage recalibration; reserve reinforcement
Principal preserved
Vault Contract Failure
Vault accounting or contract fault
Continuity Engine + Reserve
State reconstruction; insured restoration
Principal restored
Escrow Execution Failure
Counterparty or venue failure during execution
Escrow + Continuity Engine
Capital recall; execution isolation; substitution
Principal preserved
Treasury Token Market Attack
Liquidity manipulation or hostile market activity
Treasury + Continuity Engine
Token isolation; lifecycle restriction
Allocation continues; principal preserved
Treasury Token Governance Capture
Token-based governance attack
Continuity Engine
Governance scope restriction; authority freeze
Principal preserved
DAO Governance Deadlock
Governance paralysis or quorum failure
Continuity Engine
Continuity authority enforcement
Principal preserved
Oracle Failure
Pricing or data feed disruption
Continuity Engine
Oracle substitution; conservative valuation
Principal preserved
Infrastructure Failure
Chain halt, RPC failure, or network outage
Continuity Engine
Execution halt; evacuation; reconstitution
Principal preserved
Multi-Component Failure
Concurrent subsystem failures
Continuity Engine
Evacuation; degradation; phased recovery
Principal preserved
Catastrophic System Event
Extreme external or systemic shock
Continuity Engine
Full evacuation; reserve enforcement; reconstitution
Principal preserved
Blockchain Failure
Chain halt, consensus failure, censorship, or irrecoverable network disruption
Continuity Engine
Execution halt; asset evacuation; chain substitution; state reconstitution
Principal preserved
Interpretation Guidance
Governing Authority indicates which system enforces response
System Response reflects doctrine-level action, not execution detail
Depositor Outcome remains invariant across all threat classes
This matrix demonstrates that every identified failure mode resolves to containment, substitution, or recovery, never depositor impairment.
Design Implication
Sagitta does not optimize for uninterrupted yield.
It optimizes for:
capital preservation
deterministic response
survivability under stress
Failure is treated as a managed state, not an exception.
Closing Statement
This matrix operationalizes the Sagitta System Invariants.
It ensures that:
risk is bounded
authority is predefined
outcomes are predictable
Sagitta does not ask what happens if things fail.
It defines what happens when they do.
Last updated