Risk Disclosure

Fusion Software LLC (“Defied,” “we,” “our,” or “us”) operates defied.money as a non-custodial software interface providing access to public, permissionless smart contracts deployed on the Base blockchain network. This Risk Disclosure is intended to provide users, prospective users, and regulatory authorities with a clear and comprehensive explanation of the nature of our Services, the risks involved in using them, and the basis on which we operate.

Please read this document carefully before using the Services. By accessing or using the Services, you acknowledge that you have read, understood, and accepted the risks described herein.

Defied is not a regulated financial institution.

Fusion Software LLC is a software company incorporated in Bulgaria, operating within the European Union. Defied is not a bank, payment institution, electronic money institution, investment firm, or crypto-asset service provider (CASP) as defined under Regulation (EU) 2023/1114 on Markets in Crypto-Assets (“MiCA”) or any other applicable financial services regulation.

Defied does not provide regulated financial services.

We do not provide any of the following regulated activities:

• Custody or safekeeping of crypto-assets on behalf of users
• Operation of a trading platform for crypto-assets
• Exchange of crypto-assets for fiat currency or other crypto-assets as a principal
• Execution of orders for crypto-assets on behalf of users
• Reception and transmission of orders for crypto-assets
• Portfolio management or investment advice
• Payment services as defined under the Payment Services Directive (PSD2)

Basis for operating without a CASP license.

The core Services provided by Defied,including stablecoin transfers, stablecoin swaps, and access to decentralized lending protocols,are provided in a fully decentralized manner without Defied acting as an intermediary. In accordance with Article 2(4) of MiCA, the regulation does not apply to crypto-asset services provided in a fully decentralized manner without any intermediary.

Specifically:

• Stablecoin transfers on Base are executed directly by users via their self-custodial wallets, interacting with public smart contracts that Defied does not own or control
• USDC/EURC swaps are executed directly against public liquidity pools on the Base network, accessible by anyone without Defied's involvement
• Deposits into lending protocols (Aave, Compound, Morpho, Lido) are made directly by users to those protocols' public smart contracts, which are independently accessible without Defied's interface

Defied provides a user interface,a front-end convenience layer,to these publicly accessible protocols. Users may interact with all underlying protocols directly at any time, without using Defied. Our interface does not custody funds, execute transactions on behalf of users, or act as a counterparty to any transaction.

Fiat on-ramp and off-ramp services.

The conversion of fiat currency (euros or dollars) to and from stablecoins is facilitated entirely by Bridge.xyz, a regulated third-party service provider operating under its own licenses and regulatory authorizations. Defied does not provide fiat conversion services and does not hold, transmit, or convert fiat currency. All KYC/AML obligations in connection with fiat conversion are discharged by Bridge.xyz under its own regulatory framework.

Virtual card services.

Virtual debit card functionality is provided exclusively by Gnosis Pay, operating under its own regulatory authorizations. Defied does not issue, operate, or manage payment cards or electronic money.

The stablecoins supported by Defied,USD Coin (USDC) and Euro Coin (EURC),are issued by Circle Internet Financial, a regulated entity operating in compliance with applicable financial regulations.

EURC is an e-money token (EMT) as defined under MiCA, issued by Circle in compliance with MiCA's requirements for e-money token issuers, including authorization, reserve backing, and redemption rights. EURC is backed 1:1 by euro-denominated reserves.

USDC is issued by Circle under applicable US regulatory frameworks and is backed 1:1 by US dollar-denominated reserves held in regulated financial institutions.

Defied does not issue, mint, redeem, or control either stablecoin. We provide an interface through which users may access these assets on the Base network. The regulatory obligations of stablecoin issuance rest entirely with Circle as the issuer.

Users should be aware that even MiCA-compliant stablecoins carry risks, including but not limited to issuer insolvency, reserve mismanagement, and regulatory changes affecting the issuer. Defied makes no representations regarding the ongoing compliance or solvency of any stablecoin issuer.

Smart contracts are experimental technology.

The protocols accessible through Defied,including Aave, Compound, Morpho, Lido, and others,operate via smart contracts deployed on public blockchain networks. Smart contracts are self-executing code that, once deployed, operate autonomously without human intervention. While the protocols surfaced by Defied have undergone extensive security audits, no smart contract can be guaranteed to be free from bugs, vulnerabilities, or exploits.

Risks include but are not limited to:

• Smart contract vulnerabilities: Bugs or logic errors in smart contract code that could be exploited by malicious actors, potentially resulting in partial or total loss of deposited funds
• Oracle failures: Protocols that rely on price oracles may be subject to oracle manipulation attacks, which could result in unintended liquidations or other adverse outcomes
• Liquidity risk: In periods of extreme market stress, liquidity in lending protocols may be insufficient to allow immediate withdrawal of deposited funds
• Protocol upgrades and governance: Protocol parameters, including interest rates, collateral requirements, and supported assets, may be changed by protocol governance at any time without Defied's involvement or consent
• Blockchain network risk: The Base network, like all blockchain networks, is subject to potential disruptions, forks, congestion, and other technical failures that may prevent or delay transactions
• Bridge and cross-chain risk: Cross-chain operations facilitated through LI.FI involve additional layers of smart contract complexity and may carry elevated risk compared to single-chain operations

Defied does not audit, control, or maintain any of the underlying protocols. We cannot guarantee the security, availability, or continued operation of any third-party protocol. You should conduct your own due diligence before depositing funds into any protocol.

Although stablecoins are designed to maintain a stable value relative to a reference currency, they are not risk-free. Risks associated with stablecoin holdings include:

• De-pegging risk: A stablecoin may lose its peg to the reference currency due to market conditions, issuer insolvency, or reserve mismanagement, resulting in a loss of value
• Issuer risk: The issuer of a stablecoin may become insolvent, face regulatory action, or otherwise be unable to honour redemptions
• Regulatory risk: Changes in applicable law or regulation may adversely affect the availability, usability, or value of stablecoins in certain jurisdictions
• Counterparty risk: Stablecoins held in lending protocols are subject to the counterparty risk of borrowers in those protocols

Funds held in stablecoins or deposited in DeFi protocols are not protected by any National Deposit Guarantee Schemes. Defied is not a financial institution and does not offer any form of deposit protection.

Access to decentralized lending protocols through Defied may allow users to earn yields on their stablecoin balances. Users must understand the following:

• Yields are variable: All yields displayed through the Services reflect current third-party protocol rates at the time of display. These rates fluctuate continuously based on supply and demand dynamics within each protocol and may decrease significantly at any time
• Yields are not guaranteed: Past yields are not indicative of future performance. Defied makes no representations, warranties, or guarantees regarding the level of yield that may be achieved
• Yields are not investment returns: Access to lending protocol yields through Defied does not constitute an investment product, collective investment scheme, or any other regulated financial product. Users are interacting directly with public smart contracts, not investing through Defied
• Yields may be subject to tax: Returns earned through decentralized protocols may be subject to income tax, capital gains tax, or other taxes in your jurisdiction. You are solely responsible for determining your own tax obligations

Your wallet security is your responsibility.

When you register with Defied, a non-custodial wallet is created on your behalf through Privy, our wallet infrastructure partner. This wallet is tied to your email address. Defied and Privy do not have access to your private keys and cannot recover your wallet on your behalf.

The following security risks apply:

• Email account compromise: If a third party gains unauthorized access to your email account, they may be able to access your Defied wallet. You are strongly advised to use a strong, unique password for your email account and to enable two-factor authentication (2FA) immediately
• Phishing attacks: Malicious actors may attempt to impersonate Defied through fake websites, emails, or social media accounts in order to obtain your credentials. Always verify that you are accessing the Services through defied.money
• Device compromise: If the device you use to access the Services is compromised by malware or unauthorized access, your wallet may be at risk. Keep your devices and software up to date and use reputable security software
• Private key export: If you choose to export your private key from Privy, you become solely responsible for its security. Anyone with access to your private key has full control over your wallet and funds
• Irreversibility of transactions: All blockchain transactions are final and irreversible. If you send funds to an incorrect wallet address or fall victim to a scam or phishing attack, Defied has no ability to reverse or recover the transaction

We strongly recommend enabling two-factor authentication on your email account before using the Services.

The regulatory environment for crypto-assets, stablecoins, and decentralized finance is evolving rapidly across the European Union and globally. Changes in applicable law or regulation may:

• Restrict or prohibit the use of certain stablecoins or DeFi protocols in certain jurisdictions
• Impose new obligations on users, including reporting or tax obligations
• Affect the availability or functionality of the Services in certain jurisdictions
• Require Defied to modify, restrict, or discontinue certain features of the Services

Defied monitors the regulatory environment and will make reasonable efforts to ensure the Services remain compliant with applicable law. However, we cannot guarantee that the Services will remain available or unchanged in all jurisdictions. Users are responsible for ensuring that their use of the Services complies with the laws of their own jurisdiction.

• Service availability: The Services may be unavailable from time to time due to maintenance, technical failures, third-party outages, or other factors beyond our control. Defied does not guarantee uninterrupted access to the Services
• Third-party dependency: The Services depend on a number of third-party providers, including Privy, Bridge.xyz, Gnosis Pay, LI.FI, and the Base network. Failure or disruption of any of these providers may affect the availability or functionality of the Services
• Interface risk: Even where underlying protocols are functioning normally, access through the Defied interface may be disrupted. Users may interact with all underlying protocols directly via their wallet at any time

Funds held in your Defied wallet or deposited in any decentralized protocol are not:

• Protected by National Deposit Guarantee Schemes
• Insured by any government or regulatory body
• Recoverable by Defied in the event of loss

You should only use the Services with funds you can afford to lose in their entirety.

To the fullest extent permitted by applicable law, Fusion Software LLC and its officers, directors, employees, and agents shall not be liable for any loss or damage,including loss of funds, loss of data, or loss of access,arising from:

• Smart contract vulnerabilities, exploits, or failures in any third-party protocol
• De-pegging or failure of any stablecoin
• Compromise of your email account or wallet credentials
• Irreversible blockchain transactions, including transactions made in error
• Unavailability of the Services for any reason
• Changes in applicable law or regulation
• Actions or failures of any third-party service provider, including Bridge.xyz, Privy, Gnosis Pay, or LI.FI
• Any force majeure event

Nothing in this Risk Disclosure limits or excludes liability for death or personal injury caused by negligence, fraud, or any other liability that cannot be excluded under applicable EU law.

If you have questions about this Risk Disclosure or about the risks associated with using the Services, please contact us:

Fusion Software LLC
81B Bulgaria Blvd, Sofia, Bulgaria
hello@defied.money

For regulatory enquiries, please contact us at the same address, marking your correspondence clearly as a regulatory enquiry.