🔐Security
Fungify places a high priority on security, investing substantial amounts in comprehensive audits conducted by leading cybersecurity firms. Our commitment to security is an ongoing
Audit Reports
Below, you will find links to the audit reports from the cybersecurity firms Fungify has engaged with.
Auditor
Date
Description
Report
Oct 23rd, 2023
Fungify Pools
Nov 23rd, 2023
Fungify Pools
Dec 5th, 2023
Fungify Pools
Jan 10th, 2024
Fungify Pools
Feb 27, 2024
Fungify Pools
Jun 24, 2024
Fungify Index
Real-Time Monitoring
Fungify has contracted with BlockSec to enhance the platform's security with automatic attack detection. The BlockSec Iron Dome works by scanning the mempool for malicious transactions, synthesizing a rescue transaction, and front-running the attack.
You can read about the specifications of the BlockSec iron Dome here along with representative success stories.
Bounty Program
As part of our commitment to security, we have implemented a bounty program to encourage the identification and reporting of vulnerabilities. The scope of this bounty program applies specifically to the on-chain contracts deployed to the Ethereum mainnet. For bugs that would result in loss of protocol funds, the reward is up to 10% of the assets at risk. For bugs that would result in griefing of the protocol, the security team will make a recommendation based on the exploitability and severity of such an attack.
To report a bug, please send detailed information to [email protected]. The report should contain enough detail that the bug can be reproduced and remedied by the Fungify security team.
We ask that you do not publicly disclose the bug in any fashion, which includes publishing proof of concepts of mainnet. Please act in a respectful manner by not attempting to threaten or extort. All bounties and their payout will ultimately be decided by FUNG token holders and voted on via Snapshot.
Last updated