NAV reporting currently depends on oracle infrastructure operated by Hyro. While settlement, share accounting, fee logic, and payouts all occur on-chain, NAV reporting is the single largest trust assumption in Phase 1. A successful oracle attack could mint shares at a false NAV.
The decentralization path: independent watchdog cross-validation today → multi-signer oracle in Phase 2 → ZK proofs of CEX state via zkTLS in the long-term roadmap.