Audits and Security
Review Nexus Mutual's audits, bug bounties, and initiatives to strengthen our ecosystem.
Below are a list of audits conducted on Nexus Mutual's smart contracts in order of newest to oldest. You can also review Nexus Mutual's GitHub where these reports are hosted.
iosiro audits | November - December 2022, February - March 2023
iosiro was commissioned by Nexus Mutual to conduct an audit on all contracts under the
iosiro audits | May 2021 & June 2021
iosiro was commissioned by Nexus Mutual to conduct a smart contract audit on:
- The stacked risk, on-chain MCR, and swap operator contracts
- The distributor smart contract
- The emergency response smart contract
G0 Group audits | June 2020, November 2020, & March 2021
The G0 Group was commissioned by Nexus Mutual to conduct a smart contract audit on:
Solidified audit | April 2019
Solidified was commissioned by Nexus Mutual to conduct a smart contract audit on the smart contracts and associated components.
Nexus Mutual works to ensure the smart contract system is safe and secure. Regular audits are an important part of maintaining the security of the smart contract system, but there are other approaches the mutual takes to keep the protocol secure.
Bug bounty program
Nexus Mutual works with Immunefi to manage a bug bounty program. On Immunefi, hackers secure DeFi contracts, save funds from theft, and get paid for responsibly disclosing vulnerabilities. We are able to secure the Nexus Mutual protocol through this program with Immunefi.
Through this program, whitehat hackers are incentivized to disclose vulnerabilities in the mutual's smart contract system in exchange for payouts equal to the level of severity.
Smart Contracts and Blockchain
- Critical | Up to $50,000 USD
- High | Up to $25,000 USD
- Medium | Up to $10,000 USD
- Low | Up to $2,000 USD
Note: Bounties listed in USD but paid out in stablecoins.
Check out the bug bounty program on Immunefi for more details.