Security

Status: Mainnet Beta

Security is the absolute number one priority at Derivio. Multiple security audits were conducted by third-party audit firms, and bug bounties are available for white-hat hackers and the broader security community.

Derivio is currently in public beta. Please do your own research and use Derivio at your own risk.

Bug Bounty

If you find a bug or vulnerability in the smart contracts or website, please report to security@derivio.xyz.

• Critical vulnerability: Up to $300,000

• High vulnerability: Up to $25,000

• Medium or lower vulnerability: Up to $10,000

We are in the process of setting up a public bug bounty program with a third-party trusted platform. Please stay tuned.

Oracle

Derivio uses Pyth Network as the primary price oracle, which provides decentralized, real-time aggregated prices from Pythnet. For more information, see https://pyth.network.

Derivio allows the following backup oracle if Pyth is unavailable: weighted average of centralized exchange prices.

Audits

June 2023: OtterSec audit

130KB

2023_06_Ottersec_Derivio_audit_final.pdf

pdf

July 2023: Halborn audit

4MB

2023_07_Halborn_Derivio_audit_final.pdf

pdf