[EXPLICIT_INVARIANT] Asset precision must be strictly limited within the protocol-defined range, meaning any listed asset must satisfy the invariant MIN_ALLOWED_UNDERLYING_DECIMALS ≤ asset decimals ≤ MAX_ALLOWED_UNDERLYING_DECIMALS. The code must verify this condition when listing assets. Assets outside this range cannot be listed. If assets outside this range are allowed to be added, it may lead to precision overflow, calculation errors, or fund loss. <|INVARIANT_SPLIT|> [EXPLICIT_INVARIANT] Collateral risk score must be constrained by protocol hard upper limits. Even though governance roles are trusted, the code level must enforce 0 ≤ collateralFactor ≤ MAX_ALLOWED_RISK. Any function that sets or updates risk scores must validate this invariant to prevent governance from setting risk scores beyond the protocol's upper limit. Violation of this constraint may lead to under-collateralization and protocol bad debt. <|INVARIANT_SPLIT|> [EXPLICIT_INVARIANT] Liquidation bonus must satisfy the protocol-defined lower bound constraint, meaning maxLiquidationBonus ≥ PROTOCOL_MIN_LIQUIDATION_BONUS must be verified when setting and updating all liquidation bonuses. A liquidation bonus that is too low may result in insufficient incentives for liquidators, causing unhealthy positions to not be liquidated in a timely manner, thereby jeopardizing the protocol's solvency. <|INVARIANT_SPLIT|> [EXPLICIT_INVARIANT] The product of liquidation bonus and risk score must satisfy the global upper limit constraint, meaning the invariant maxLiquidationBonus × collateralFactor ≤ GLOBAL_UPPER_LIMIT must be verified in any operation that modifies liquidation parameters or risk scores. Violation of this constraint may lead to liquidators receiving excessive rewards, causing unfair losses to liquidated users or protocol fund outflows. <|INVARIANT_SPLIT|> [EXPLICIT_INVARIANT] Liquidation fee must be limited by the protocol maximum value, meaning liquidationFee ≤ PROTOCOL_MAX_LIQUIDATION_FEE must be enforced in all functions that set liquidation fees. Even governance operations cannot bypass this hard limit. Excessive liquidation fees will harm user interests and may cause the protocol to be perceived as unfair, resulting in loss of user trust.