🔐Security

Fungify places a high priority on security, investing substantial amounts in comprehensive audits conducted by leading cybersecurity firms. Our commitment to security is an ongoing

Audit Reports

Below, you will find links to the audit reports from the cybersecurity firms Fungify has engaged with.

Auditor

Date

Description

Report

Oct 23rd, 2023

Fungify Pools

Nov 23rd, 2023

Fungify Pools

Dec 5th, 2023

Fungify Pools

Jan 10th, 2024

Fungify Pools

Feb 27, 2024

Fungify Pools

Jun 24, 2024

Fungify Index

Real-Time Monitoring

Fungify has contracted with BlockSec to enhance the platform's security with automatic attack detection. The BlockSec Iron Dome works by scanning the mempool for malicious transactions, synthesizing a rescue transaction, and front-running the attack.

You can read about the specifications of the BlockSec iron Dome here along with representative success stories.

Bounty Program

As part of our commitment to security, we have implemented a bounty program to encourage the identification and reporting of vulnerabilities. The scope of this bounty program applies specifically to the on-chain contracts deployed to the Ethereum mainnet. For bugs that would result in loss of protocol funds, the reward is up to 10% of the assets at risk. For bugs that would result in griefing of the protocol, the security team will make a recommendation based on the exploitability and severity of such an attack.

To report a bug, please send detailed information to [email protected]. The report should contain enough detail that the bug can be reproduced and remedied by the Fungify security team.

We ask that you do not publicly disclose the bug in any fashion, which includes publishing proof of concepts of mainnet. Please act in a respectful manner by not attempting to threaten or extort. All bounties and their payout will ultimately be decided by FUNG token holders and voted on via Snapshot.

Last updated