# Vaults as guardrails Most people picture a "vault" as a container — somewhere funds go to sit safely. In Chamber, the container framing misses the point. A Chamber vault is a **constraint system**. It's a set of rules, encoded in smart contracts, that define what the person (or bot, or AI agent) running the vault can and cannot do with the money inside. The funds aren't "in" the vault the way money is in a safe. They're *subject* to the vault — bounded by what the vault's rules will let happen to them. ## Why this framing matters Onchain asset management historically offered two options, both bad: * **Custodial.** Hand money to a manager or platform and hope they do right by you. * **Permissionless trading bots.** Give a script full control over your wallet and hope the script is bug-free. Chamber vaults are a third option: the manager has broad operational freedom *within rules nobody can override*. The rules are: * **Which assets can be held.** A manager can't suddenly route the vault into random tokens — only the vault's [enabled assets](/manage/permissions-access.md) are allowed. * **Which protocols can be used.** Only the protocols on Chamber's allowlist (Aave, Uniswap, Toros, etc.) — never arbitrary contracts. * **What fees can be charged.** Performance, management, entry, and exit fees are capped, and increases require a [14-day announcement](/manage/fees-performance.md). * **Who can move funds.** Depositors control their own shares. The manager controls trading only — they cannot withdraw depositor funds. Most of these are enforced by the [Guard System](/security/guard-system.md) at the contract level: every trade the manager submits is checked against the vault's enabled assets and the protocol allowlist, and anything that violates them reverts before it can touch vault funds. Fee caps and the 14-day announcement work slightly differently — they're enforced at the point the manager tries to change fees, not on every trade — but the effect is the same: the manager can't "promise" to follow the rules and then break them. The contract literally won't let them. ## The implication for AI trading This is the reason Chamber can safely host AI-assisted management. An AI agent operating on the vault has exactly the same surface area as a human manager: the same whitelist, the same protocol allowlist, the same fee caps. It cannot do more, cannot do worse, cannot route around the rules. You don't have to trust the AI more than you'd trust a human. You trust the rules — which are the same for both. > The goal is not to trust the agent more. The goal is to make the vault safer by design. ## What guardrails don't protect against The vault constrains *what the manager can do with the money*. It does not constrain *whether their decisions are good*. A manager operating entirely within the rules can still: * Lose money on bad trades. * Hold concentrated positions that drop. * Accrue management fees while the vault underperforms. * Run a strategy that simply doesn't work. Guardrails bound the downside caused by malice or bug; they do not bound the downside caused by ordinary market risk or poor judgment. See [Deposit → Risks](/deposit/risks.md) for the fuller picture. ## A useful mental model Think of a Chamber vault the way you'd think of a managed account at a broker with pre-agreed rules: * The broker can trade within a stated mandate. * They can't move your money to their own account. * They can't change the mandate without notice. * You can withdraw any time. The difference is that Chamber's "broker" is the onchain contract, not a legal entity or a trust relationship. The rules are executable code, and breaking them is impossible rather than punishable. ## Related * [Guard System](/security/guard-system.md) — the technical enforcement layer. * [Permissions & access](/manage/permissions-access.md) — how asset whitelists work. * [Vault tokens & mechanics](/concepts/vault-tokens.md) — what a vault share is, onchain. * [NAV & accounting](/concepts/nav-accounting.md) — how the value of a share is calculated. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.chamberfi.com/concepts/vaults-as-guardrails.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.