TermMax Docs

πŸ›‘οΈSecurity

At TermMax, the security of our platform and the safety of our users' assets are our top priorities. In the rapidly evolving world of Decentralized Finance (DeFi), we recognize that robust security measures are essential to maintain trust and ensure the integrity of our services.

Spearbit's Cantina Competitions

To achieve the highest level of security, we are partnering with Spearbit, a renowned security auditing firm specializing in blockchain protocols. Specifically, we are utilizing their innovative Cantina Competitions to conduct comprehensive security reviews of our smart contracts.

Cantina Competitions are crowdsourced security audits designed to be efficient, high-signal, and thorough. They bring together some of the best security researchers in the blockchain ecosystem to perform extensive code reviews. This approach ensures maximum code coverage and leverages diverse expertise to identify potential vulnerabilities that might be missed in traditional audits.

  • Efficient and Comprehensive: The competition format encourages rapid yet thorough examination of the codebase.

  • High-Signal Findings: By engaging top security talent, Cantina Competitions focus on uncovering critical issues with minimal noise.

  • Community Engagement: This model fosters a collaborative environment where multiple experts contribute to enhancing the security of the protocol.

We are organizing a two-week Cantina Competition dedicated to TermMax. During this period:

  • Extensive Code Review: Security researchers will rigorously analyze our smart contracts and underlying protocols.

  • Vulnerability Identification: The goal is to uncover any potential security flaws, from critical vulnerabilities to minor issues.

  • Feedback and Improvement: Findings from the competition will be used to strengthen our platform before mainnet deployment.

Ongoing Immunefi Bug Bounty Program

In addition to the Cantina Competition, we are going to launch an ongoing Bug Bounty Program through Immunefi. Our Term Structure zkTrue-up contract is already listed on Immunefi, inviting whitehat hackers to diligently examine its security. This program allows whitehat hackers and security researchers to report vulnerabilities at any time, ensuring continuous security assessment.

  • Continuous Vigilance: The program is always active, encouraging timely reporting of any discovered issues.

  • Incentivizing Security Research: We offer rewards to individuals who identify and responsibly disclose valid security vulnerabilities.

  • Community Collaboration: By involving the broader security community, we enhance the robustness of our platform.

24/7 On-Chain Security Analysis

To proactively monitor and safeguard our platform, we will partner with a top-tier security service provider to implement 24/7 on-chain security analysis:

  • Real-Time Monitoring: Continuous surveillance of our smart contracts and wallets detects any unusual or risky activities immediately.

  • Immediate Response: Our team is alerted to potential threats as they occur, allowing us to take swift action to mitigate risks.

  • Advanced Tools: Utilizing state-of-the-art security tools and analytics, we stay ahead of potential vulnerabilities and attacks.

  • Auto-Pause Mechanism: We have implemented an auto-pause mechanism that automatically pauses the system whenever a potential attack is detected. This proactive feature prevents the protocol from being exploited in real time, minimizing the risk of loss and allowing our team to investigate and respond effectively.

Best Security Practices

Beyond these measures, we adhere to industry-leading security practices:

  • Rigorous Testing: All smart contracts undergo extensive unit and integration testing before deployment to identify and fix any potential issues.

  • Open Source Transparency: Our codebase will be publicly available for community examination and contributions, promoting transparency and fostering collective trust.

  • Non-Upgradeable Smart Contracts: Our smart contracts are designed to be non-upgradeable, except for the routers. This approach prevents any unauthorized or malicious upgrades that could compromise user assets.

  • Emergency Stop Functionality: Our smart contracts include an emergency stop mechanism. In the event of a security breach or attack, the admin can halt contract operations to prevent further loss and allow the team to address the issue promptly.

Our proactive approach to security, exemplified by partnering with Spearbit's Cantina Competitions and Immunefi Bug Bounty Program, and conducting 24/7 on-chain security analysis, underscores our dedication to providing a secure and reliable platform. We believe that engaging the wider security community and employing continuous monitoring are crucial in building trust and ensuring the long-term success of TermMax.

By prioritizing security at every step, we aim to offer our users peace of mind as they engage with our innovative DeFi solutions.

PreviousTrading StrategiesNextRisks

Last updated