The Flat Money Protocol
  • ๐Ÿ“–Introduction to Flat Money
    • ๐ŸŽ“Key Definitions
  • โš™๏ธThe Flat Money Protocol
    • ๐Ÿช™The Flat Money (UNIT) Market
    • ๐Ÿ“ˆThe Perpetual Futures Market
    • โš–๏ธHow Flat Money Maintains a Delta-Neutral Marketplace
  • ๐Ÿช™Acting as a UNIT LP
  • ๐Ÿ“ˆActing as a Leverage Trader
  • ๐Ÿ”Protocol Security
  • ๐ŸŒPyth Network Price Oracle
  • *๏ธProtocol Risks
  • ๐Ÿ‘€Flat Money Points (FMP)
  • ๐Ÿ’ปDeveloper Resources
  • ๐ŸŽจFlat Money Brand Kit
Powered by GitBook
On this page
  • Security Practices
  • Smart Contract Audits
  • Bug Bounty Program
  • Exposure to Third Party Infrastructure

Protocol Security

The security of the Flat Money protocol is our top priority.

PreviousActing as a Leverage TraderNextPyth Network Price Oracle

Last updated 1 month ago

Security Practices

The Flat Money teamโ€™s security practices include fuzzing, unit testing, and routine peer reviews of the codebase. External measures include professional security reviews, contests, and pre/post-deployment bounties.

The protocol has in-built invariant checks on every user order execution. These checks ensure the integrity and accounting within the overall system at all times.

At launch, the Flat Money protocol will be audited with a bug bounty program in place, which will be managed through Immunefi. After Flat Money launches, measures will be taken to implement circuit breakers in the Flat Money smart contracts; any new features will undergo security reviews before they are put into production.

For more details, see the sections below.

Smart Contract Audits

The Flat Money team has worked with to audit the protocolโ€™s codebase multiple times. The audits along with their reports can be found below:

  • January 2024 -

  • April 2024 -

  • January 2025 -

Sherlock is an incentive-aligned auditing protocol that provides a hybrid audit, which combines the benefits of a legacy audit and an audit competition. The end result is more experienced eyes on the Flat Money codebase.

The Flat Money team is working with the Sherlock team to purchase bug bounty coverage to incentivize responsible disclosures and provide protection in the event an exploit were to occur.

Bug Bounty Program

Flat Money runs an ongoing bug bounty program with , where ethical hackers help secure DeFi contracts by identifying vulnerabilities in exchange for rewards based on severity.

Severity
Payout Amounts

Critical

USD $50,000

Exposure to Third Party Infrastructure

The Flat Money protocol is designed to have no exposure to third-party protocols and limited exposure to outside infrastructure.

The only asset used within the Flat Money protocol is Rocket Pool ETH (rETH). No other crypto assets are used within the protocol.

The protocol does use for the protocolโ€™s primary oracle infrastructure to accurately price rETH and avoid user frontrunning of the oracle. There is also oracle redundancy in place with a price feed as a final price sanity check to increase the security of Flat Moneyโ€™s oracle infrastructure.

๐Ÿ”
Sherlock
Flat Money Sherlock audit contest
Flat Money Sherlock fix review audit contest
Flat Money Sherlock Security Review
Sherlock
Flat Money Sherlock Bug Bounty
Pyth Network
Chainlink