People aren't used to managing their money. They are used to giving others control. This makes them feel safe. And if anything happens, they are able to blame someone else. There is also the "illusion" of safety with certain guarantees from (for example) banks. Even though there are countless examples of banks not adhering to their guarantees. When you give others control of your money you are skating on thin ice as people say. You are one Lehman Brothers, or other financial crises away from losing everything.
The main risk is the user unfortunately. Crypto is by design safer than traditional finance. You own the keys to your account. No one can access your wallet without you giving them your private keys. Unfortunately since crypto is new people fall for scams and unknowingly give people permission to access their account. This could be done via fake airdrops, or even NFTs that randomly show up in your wallet. So here are a few crypto rules:
If you didn't buy it. Don't interact with it. If a million tokens randomly showed up in your wallet that you didn't pay for...it is a scam. To "sell" the tokens you have to give them permission to access your funds. This is true for any crypto including BYAS. The difference is unscrupulous people insert extra code to steal your funds.
If anyone ever asks for your seed words...don't ever enter them. Keep them to yourself. Don't store them on a computer or phone. Even in a text file or anything. If it's on your computer it can be seen. Don't take a picture of them with your cell phone. Store them offline, and don't store them all in one place. Keep a couple of the words in your head.
Continuing with the user, many people just don't know how to handle making a lot of money in a short period of time. If you are fortunate enough to get in a legitimate project at the beginning, you will go through a phase where you make 10 times your money. Understandably people sell because...wow I've never made that much. But every great project has gone up 10 times multiple times. Everybody that sold Bitcoin at $10 is kicking themselves today even if they were early adopters. You have to control your emotions and gain more understanding. BYAS may be volatile in the early stages as people adjust their emotions.
Because of the BYAS technology some centralized entities may try to restrict it's users from using BYAS. Governments, as they did with Bitcoin, may try to outright ban BYAS from being used in their country. This is to control you. You have to obey the rules of your country. If you feel like your country may try to restrict you, only you can decide what is best. There are plenty of countries that welcome crypto. Regardless, as long as you have your seed words and private keys, no one will be able to take BYAS out of your wallet. And you will receive fees for however long you are away from your account as long as their is network activity.
There are some risks to some third parties BYAS is required to use. If something happens to Pancake Swap (for example) you won't be able to buy and sell. Pancake Swap is pretty secure, and is backed by Binance. But there is a non-zero probability that something could happen. This won't affect your ability to receive fees from the network, but we would have to find another exchange for people to be able to trade. Something could also happen to your specific Web3 wallet provider. This is why we'll be working with as many Web3 wallet providers as possible. To date nothing has ever happened to Metamask as a provider. But they are a centralized entity. They have the ability to shut off individuals accounts.
As a side note we know that some users will also provide liquidity. ANY crypto liquidity on a decentralized exchange is at risk for "flash loan" attacks. BYAS fees make a flash loan less likely because quite frankly it's less profitable. A flash loan involves several transactions...EACH of those transactions will have a 3% fee. Just one Buy and Sell will cost an attacker 6%. This does not mean that BYAS is exempt from flash loan attacks. But it will be more difficult.
The best way to prevent a flash loan attack is to have a lot of liquidity. I.e. it would cost 40 million dollars to attack a 4 million dollar liquidity pool. BYAS will be working on technology that could make ALL crypto LPs impossible to flash loan attack. You're taking more of a risk being an early liquidity provider, so only risk funds you can afford to lose. Early liquidity providers also stand the most to gain.