We take the audit and testing of our smart contracts very seriously. To ensure safety, we have implemented fallbacks for the recovery of funds in the unlikely event of a contract bug.
Our custody contract includes the destroyContract() method. When activated, it rejects all new deposits (while still permitting withdrawals) and initiates a timer. After six months from the destruction of the contract, we can access all funds stored in the contract and return them to the users.
This is a precautionary measure to enhance security, despite being a highly unlikely scenario.