Trust & Security

At Refluid, we prioritize the security and trust of our users. We are committed to maintaining the integrity and reliability of our protocol through robust security measures, including regular audits and a bug bounty program.

Audits

Refluid undergoes regular third-party security audits conducted by reputable audit firms. These audits evaluate the protocol's codebase, smart contracts, and infrastructure for potential vulnerabilities, ensuring that the platform operates securely and as intended.

We maintain transparency in our audit processes, providing users with access to audit reports and findings. Additionally, we comply with industry standards and best practices for smart contract security and blockchain development.

Bug Bounty Program

Purpose

Our bug bounty program encourages security researchers and ethical hackers to identify and report vulnerabilities in the Refluid protocol. By incentivizing responsible disclosure, we aim to enhance the security of our platform and protect user funds.

Scope

The bug bounty program covers all aspects of the Refluid protocol, including smart contracts, APIs, web interfaces, and infrastructure. Participants are encouraged to report any vulnerabilities they discover, regardless of severity.

Rewards

Rewards are offered for valid reports of security vulnerabilities, with the amount determined based on the severity and impact of the vulnerability. Rewards may include monetary compensation, recognition, and eligibility for additional benefits.

Responsible Disclosure

Participants in the bug bounty program are expected to adhere to responsible disclosure practices. This includes providing detailed information about the vulnerability, refraining from exploiting the vulnerability for personal gain, and cooperating with Refluid to address and resolve the issue.

Reporting Vulnerabilities

Submission Process

Vulnerabilities can be reported to Refluid through our designated bug bounty platform or via email. Reports should include a detailed description of the vulnerability, steps to reproduce, and any supporting evidence or documentation.

Assessment and Validation

Upon receiving a vulnerability report, our security team conducts a thorough assessment to validate the report and determine its severity and impact. Once confirmed, we work to address and resolve the vulnerability as quickly as possible.

Communication and Updates

We maintain open communication with participants throughout the vulnerability disclosure and resolution process. Updates on the status of reported vulnerabilities, including any fixes or mitigations implemented, are provided in a timely manner.

Trust and security are paramount at Refluid, and we are committed to maintaining a secure and reliable platform for our users. Through regular audits, a robust bug bounty program, and responsible disclosure practices, we strive to protect user funds and ensure the integrity of the Refluid protocol.