Security & Risk
Has Monolith been audited?
Has Monolith been audited?
Yes, Monolith has undergone comprehensive security audits by leading blockchain security firms. We maintain a rigorous audit process and make all reports publicly available.
What is the bug bounty program?
What is the bug bounty program?
Our bug bounty program rewards security researchers for responsibly disclosing vulnerabilities:
- Critical Issues: Up to $100,000 + percentage of recovered funds
- High Severity: 50,000
- Medium Severity: 10,000
- Low Severity: 5,000
How do I report a security vulnerability?
How do I report a security vulnerability?
For security issues, please use our bug bounty program:
- Do not publicly disclose the issue
- Contact us through the designated security channels
- Provide detailed reproduction steps
- Allow reasonable time for fixes
- Receive rewards for valid disclosures
What are the most common security risks?
What are the most common security risks?
Common DeFi security risks include:
- Smart Contract Vulnerabilities: Code bugs or logic errors
- Oracle Manipulation: Price feed attacks or manipulation
- Flash Loan Attacks: Exploits using uncollateralized loans
- Reentrancy Attacks: Recursive calling vulnerabilities
- Governance Attacks: Proposal manipulation or voting exploits
How does Monolith protect against oracle manipulation?
How does Monolith protect against oracle manipulation?
We implement multiple layers of oracle protection:
- Chainlink Price Feeds: Industry-standard decentralized oracles
- Multiple Sources: Cross-validation with multiple price feeds
- Staleness Checks: Automatic deactivation during outages
- Circuit Breakers: Emergency shutdown during extreme volatility
- Time-weighted Averages: Smoothing of price data
What happens if the protocol becomes insolvent?
What happens if the protocol becomes insolvent?
Monolith includes mechanisms to handle insolvency:
- Bad debt socialization distributes losses across all borrowers proportionally
- The protocol maintains reserves to cover potential shortfalls
- Governance can implement emergency measures if needed
How are funds secured in the protocol?
How are funds secured in the protocol?
Fund security measures:
- Non-custodial Design: Users maintain control of their assets
- Smart Contract Security: Audited and formally verified contracts
- Emergency Procedures: Circuit breakers and pause functionality
- Reserve Management: Protocol reserves for stability
- Multi-signature Controls: Administrative functions require multiple approvals
What are the risks of cross-chain operations?
What are the risks of cross-chain operations?
Cross-chain risks include:
- Bridge Vulnerabilities: Interoperability protocol exploits
- Network Congestion: Delayed or failed transactions
- Consensus Risks: Different security assumptions across chains
- Liquidity Fragmentation: Assets spread across multiple networks
- Oracle Dependencies: Cross-chain price feed complexities