# Overview Security is a core consideration in how Superlend is designed, built, and operated. Superlend is a non-custodial protocol that enables users to interact with onchain markets, vaults, and strategies. User funds are always held in smart contracts, and Superlend never takes custody of assets. This section outlines how security is approached across the protocol, what protections are in place, and what risks remain. *** #### Core Security Principles Superlend’s security model is built around the following principles: * Non-Custodial by Design\ User assets remain in smart contracts at all times. Superlend cannot access or move user funds arbitrarily. * Protocol-Native Integrations\ Where possible, Superlend relies on established, audited DeFi primitives rather than custom-built financial logic. * Minimal Custom Logic\ Superlend introduces only the logic required for orchestration, automation, and configuration. Core financial operations rely on battle-tested protocols. * Transparency\ All contracts, interactions, and positions are onchain and publicly verifiable. *** #### Scope of Responsibility Security on Superlend spans multiple layers: * Smart contract correctness * Oracle reliability * Risk parameters and market configuration * Strategy design for vaults However, not all risks can be eliminated. Users remain exposed to market risk, smart contract risk, and protocol dependency risk. *** #### What Security Does Not Mean Security does not imply: * Guaranteed returns * Absence of market risk * Protection from all losses * Insurance against adverse conditions Users should always understand the product they are interacting with. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.superlend.xyz/security/overview.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.