# Abusing ZOLBO ZOLBO is designed to handle a variety of potential abuse scenarios. Below, each abuse case is briefly introduced, and a table provides detailed information on how ZOLBO mitigates these risks. *** ### **API Key Misuse** ZOLBO monitors the permissions granted through API keys to prevent unauthorized access or misuse.
AspectDetails
DescriptionUsers may set excessive API key permissions (e.g., withdrawal rights) that allow unauthorized access or manipulation of their accounts.
Mitigation StrategyZOLBO automatically checks API permissions, disabling operations until unnecessary permissions are adjusted. Users can review and modify permissions at any time​.
*** ### **Bulk Purchase and Resell Arbitrage** ZOLBO allows users to engage in bulk purchasing and reselling of ZLB tokens, a practice that benefits smaller buyers and maximizes ZOLBO’s revenue.
AspectDetails
DescriptionUsers might exploit bulk purchase discounts to resell ZLB tokens at a lower price, potentially manipulating the market.
Mitigation StrategyZOLBO encourages this practice, as it benefits smaller buyers and maximizes revenue by utilizing price discrimination strategies, similar to coupons​.
*** ### **Manipulation of Governance Voting** Large stakers might attempt to gain excessive control over governance decisions.
AspectDetails
DescriptionA user could stake a large number of ALC tokens to disproportionately influence governance decisions for personal gain.
Mitigation StrategyGovernance voting power is determined by both the number of ALC tokens staked and the duration of the staking. The ZOLBO team maintains a guaranteed 30% voting power​​.
*** ### **Overloading the System with Frequent Small Transactions** To prevent system overloading, ZOLBO limits frequent toggling of the ON/OFF button.
AspectDetails
DescriptionUsers may frequently toggle the ON/OFF button, straining the system by making frequent position changes.
Mitigation StrategyThe OFF button has two options (immediate position sale within 15 minutes and 24-hour sale). Beyond three free OFF operations per day, a fee of 5 ZLB applies​.
*** ### **Interference with Automated Trading by Manual Action** Manual intervention through direct trades or withdrawals distorts ZOLBO's automated portfolio management.
AspectDetails
DescriptionUsers might manually place trades or withdraw funds from their exchange accounts, causing margin distortions and increasing risk. Depositing additional funds does not interfere.
Mitigation StrategyZOLBO discourages manual trading and direct withdrawals from accounts. A penalty fee is applied to disincentivize these actions, helping maintain optimal portfolio strategies​​.
*** ### **Unauthorized Account Access** To prevent unauthorized access, ZOLBO employs secure login procedures.
AspectDetails
DescriptionHackers may try to gain unauthorized access to user accounts through phishing or other methods.
Mitigation StrategyZOLBO uses Google login with email verification codes. Verification is required once every 24 hours, ensuring an additional layer of security​.
*** ### **Data Privacy Exploits** ZOLBO ensures that sensitive data, such as profit information, is securely stored.
AspectDetails
DescriptionPersonal data, such as users' profit information, could be exploited or accessed without proper protection.
Mitigation StrategyZOLBO stores user data in compliance with South Korea’s data protection laws. The platform uses encryption to secure sensitive data from unauthorized access​​.
*** ### **Using Additional API Keys to Operate Multiple Accounts** Using additional API keys to operate multiple accounts can lead to inefficient performance.
AspectDetails
DescriptionUsers may try to operate multiple accounts using separate API keys, bypassing ZOLBO’s optimization, which could result in inefficiency.
Mitigation StrategyZOLBO’s strategy is optimized for each account’s balance. Operating multiple accounts increases slippage costs and lowers the Sharpe ratio, making it inefficient​.