# Abusing ZOLBO

ZOLBO is designed to handle a variety of potential abuse scenarios. Below, each abuse case is briefly introduced, and a table provides detailed information on how ZOLBO mitigates these risks.

***

### **API Key Misuse**

ZOLBO monitors the permissions granted through API keys to prevent unauthorized access or misuse.

<table><thead><tr><th width="146">Aspect</th><th>Details</th></tr></thead><tbody><tr><td>Description</td><td>Users may set excessive API key permissions (e.g., withdrawal rights) that allow unauthorized access or manipulation of their accounts.</td></tr><tr><td>Mitigation Strategy</td><td>ZOLBO automatically checks API permissions, disabling operations until unnecessary permissions are adjusted. Users can review and modify permissions at any time​.</td></tr></tbody></table>

***

### **Bulk Purchase and Resell Arbitrage**

ZOLBO allows users to engage in bulk purchasing and reselling of ZLB tokens, a practice that benefits smaller buyers and maximizes ZOLBO’s revenue.

<table><thead><tr><th width="134">Aspect</th><th>Details</th></tr></thead><tbody><tr><td>Description</td><td>Users might exploit bulk purchase discounts to resell ZLB tokens at a lower price, potentially manipulating the market.</td></tr><tr><td>Mitigation Strategy</td><td>ZOLBO encourages this practice, as it benefits smaller buyers and maximizes revenue by utilizing price discrimination strategies, similar to coupons​.</td></tr></tbody></table>

***

### **Manipulation of Governance Voting**

Large stakers might attempt to gain excessive control over governance decisions.

<table><thead><tr><th width="143">Aspect</th><th>Details</th></tr></thead><tbody><tr><td>Description</td><td>A user could stake a large number of ALC tokens to disproportionately influence governance decisions for personal gain.</td></tr><tr><td>Mitigation Strategy</td><td>Governance voting power is determined by both the number of ALC tokens staked and the duration of the staking. The ZOLBO team maintains a guaranteed 30% voting power​​.</td></tr></tbody></table>

***

### **Overloading the System with Frequent Small Transactions**

To prevent system overloading, ZOLBO limits frequent toggling of the ON/OFF button.

<table><thead><tr><th width="135">Aspect</th><th>Details</th></tr></thead><tbody><tr><td>Description</td><td>Users may frequently toggle the ON/OFF button, straining the system by making frequent position changes.</td></tr><tr><td>Mitigation Strategy</td><td>The OFF button has two options (immediate position sale within 15 minutes and 24-hour sale). Beyond three free OFF operations per day, a fee of 5 ZLB applies​.</td></tr></tbody></table>

***

### **Interference with Automated Trading by Manual Action**

Manual intervention through direct trades or withdrawals distorts ZOLBO's automated portfolio management.

<table><thead><tr><th width="140">Aspect</th><th>Details</th></tr></thead><tbody><tr><td>Description</td><td>Users might manually place trades or withdraw funds from their exchange accounts, causing margin distortions and increasing risk. Depositing additional funds does not interfere.</td></tr><tr><td>Mitigation Strategy</td><td>ZOLBO discourages manual trading and direct withdrawals from accounts. A penalty fee is applied to disincentivize these actions, helping maintain optimal portfolio strategies​​.</td></tr></tbody></table>

***

### **Unauthorized Account Access**

To prevent unauthorized access, ZOLBO employs secure login procedures.

<table><thead><tr><th width="139">Aspect</th><th>Details</th></tr></thead><tbody><tr><td>Description</td><td>Hackers may try to gain unauthorized access to user accounts through phishing or other methods.</td></tr><tr><td>Mitigation Strategy</td><td>ZOLBO uses Google login with email verification codes. Verification is required once every 24 hours, ensuring an additional layer of security​.</td></tr></tbody></table>

***

### **Data Privacy Exploits**

ZOLBO ensures that sensitive data, such as profit information, is securely stored.

<table><thead><tr><th width="135">Aspect</th><th>Details</th></tr></thead><tbody><tr><td>Description</td><td>Personal data, such as users' profit information, could be exploited or accessed without proper protection.</td></tr><tr><td>Mitigation Strategy</td><td>ZOLBO stores user data in compliance with South Korea’s data protection laws. The platform uses encryption to secure sensitive data from unauthorized access​​.</td></tr></tbody></table>

***

### **Using Additional API Keys to Operate Multiple Accounts**

Using additional API keys to operate multiple accounts can lead to inefficient performance.

<table><thead><tr><th width="135">Aspect</th><th>Details</th></tr></thead><tbody><tr><td>Description</td><td>Users may try to operate multiple accounts using separate API keys, bypassing ZOLBO’s optimization, which could result in inefficiency.</td></tr><tr><td>Mitigation Strategy</td><td>ZOLBO’s strategy is optimized for each account’s balance. Operating multiple accounts increases slippage costs and lowers the Sharpe ratio, making it inefficient​.</td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.zolbo.ai/getting-started/abusing-zolbo.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.