The main objective behind CIAN was to create a fully secured and decentralized application in order to optimize and simplify users' investments while acting as a gateway. CIAN does not custody or control your assets.
After connecting your wallet, you will be given your own smart account, which is only accessible by you, and created CIAN smart contracts. Smart accounts were specifically coded so that, only the owner & creator (you) have the right to withdraw funds from them. CIAN smart contracts have for sole right to move your funds across user-approved protocols.
To ensure complete security and transparency, every transaction within user-defined automation tasks is to be approved by a “signature” before execution. That said, many users value the effort saved by the automation and expressed their interest in limiting the amount of signatures needed for specific tasks. We, therefore, implemented this option for users to choose the level of automation.
In order to automate execution, we utilize EIP-2612 to keep the user’s signature alive for a designated time. Users will be notified to provide their signature again before the EIP-2612 permit reaches its deadline.
The platform itself presents no risk of secret key exposure. Since your assets remain at all times bonded to your smart account, the only risk in case of a security breach would be for your assets to circulate across your selected pools. No funds could ever be withdrawn from your smart account unless requested by you.
That said, no DeFi investments come without risks. Before making a deposit, it is best to research and understand the risks involved with each protocol involved. CIAN smart contracts are currently Audited by PeckShield.