# Protocol Risk Assessment Framework

### High Level Framework

At its core, LazyOtter's protocol risk assessment framework encompasses a comprehensive evaluation of not just the technical risks (e.g. smart contract logic faults or errors, which are mostly covered by the auditors), but also the economic and operational risks. This structured approach allows for a thorough examination of potential vulnerabilities and threats in the realm of DeFi. To achieve this, our analysis is meticulously divided into five categories within each of the three overarching risk domains, resulting in a robust framework comprising a total of 15 categories.

To ensure the validity and applicability of this framework, we have conducted an extensive study that scrutinizes over 300 DeFi protocol incidents. Through this analysis, we have identified recurring patterns and root causes, which have been skillfully organized into relevant categories. By leveraging real-world events that have unfolded within the dynamic DeFi landscape, the risk assessment framework remains grounded in actual occurrences, thereby substantiating its credibility and efficacy in evaluating the risks associated with various protocols.

<figure><img src="/files/enoxO5pNxXZKZ66cDkyN" alt=""><figcaption></figcaption></figure>

### Risk Weighting

A final risk rating is based on a weighted average scoring of the three categories. The designated weight is

* [Technical Risk](/lazyotter/products/risk-evaluation/protocol-risk-assessment-framework/technical-risk.md) (40%)
* [Economic Risk](/lazyotter/products/risk-evaluation/protocol-risk-assessment-framework/economic-risk.md) (40%)
* [Operation Risk](/lazyotter/products/risk-evaluation/protocol-risk-assessment-framework/operation-risk.md) (20%)

{% hint style="info" %}
Note that this weight is applicable for Lending protocols only> The weight for DEX or other types of protocols may differ.
{% endhint %}

The weight designation is based on the following factors:

* Frequency & severity of past incidents that fall into the category (e.g. higher weighting indicates a relatively high frequency or severity)
* Objectivity of the assessment (e.g. a more objective or fact-based assessment is assigned a higher weight).&#x20;


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://lazyotter.gitbook.io/lazyotter/products/risk-evaluation/protocol-risk-assessment-framework.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.