LogoLogo
  • TruFin Protocol
  • Overview
    • TruFin
  • TruStake Vaults
    • TruStake (MATIC) Staker
    • TruStake (Aptos) Staker
    • TruStake (NEAR) Staker
    • TruStake (Injective) Staker
    • TruStake (Solana) Staker
    • How the TruStake Vaults work
    • User Interface
    • Allocating Rewards
      • Starting a New Allocation
      • Keeping track of your Allocations
      • Changing an existing Allocation
      • Distributing Allocated Rewards
      • Seeing your Allocation History
    • Calculating Vault Performance
    • Validators
    • Fees
  • TruStake Staker Examples
  • Tokens
    • TruMATIC Token
      • Contract Addresses
      • Wallets
      • Transferring
      • Staking & Unstaking
      • Bridging
        • Add TruMATIC to your Token List
        • Bridge TruMATIC from Ethereum to Polygon
        • Bridge TruMATIC from Polygon to Ethereum
    • TruAPT Token
      • Contract Address
      • Wallets
      • Transferring
      • Staking & Unstaking
    • TruNEAR Token
      • Contract Address
      • Wallets
      • Transferring
      • Staking & Unstaking
    • TruINJ Token
      • Contract Address
      • Wallets
      • Transferring
      • Staking & Unstaking
    • TruSOL Token
      • Contract Address
      • Wallets
      • Transferring
      • Staking & Unstaking
  • Getting Access
    • Accessing the Protocol
    • Jurisdictions
  • Resources
    • Website
    • App
  • Developers
    • Security & Audits
  • Integrated Third Parties
    • Elliptic
  • Polices
    • Polices and Terms
    • Digital Asset Warning
Powered by GitBook
On this page
  • Security Audits (active vaults)
  • Who has admin control of the TruMATIC contracts?

Was this helpful?

  1. Developers

Security & Audits

PreviousJurisdictionsNextDigital Asset Warning

Last updated 3 months ago

Was this helpful?

Security Audits (active vaults)

At TruFin, securing our smart contracts and safeguarding users’ assets comes before anything. The protocol has therefore undertaken three independent security audits by the most distinguished names in the field, OpenZeppelin, Nethermind and Zokyo.

  • TruMATIC audits:

Who has admin control of the TruMATIC contracts?

TruFin's contracts for TruMATIC are controlled by a multisig account (0x71598A2209b4a9C3E23260Ac373180f4B637136d) which is managed by a combination of contributors, investors, and external advisors. The confirmation count is 5 out of 7 signatures required.

N.B. All core team members designated as signers adhere to strict private key and wallet management best practices, utilising individual hardware wallets on a segregated basis.

The responsibilities of the above multi-sig include:

  • Add or remove validators supported by the protocol

  • Change the address of the whitelist contract - this contract manages the whitelist used to allow or deny users into the protocol

  • Change the treasuryAddress address - this address receives the fees charged by the protocol

  • Change the amount taken as fee from rewards by the protocol

  • Change the amount taken as fee upon reward distribution by the protocol

  • Change the amount used to offset rounding

  • Modify the ownership of the contract

Digital assets are highly volatile. TruFin users agree to the T&Cs .

OpenZeppelin
Nethermind
Zokyo
found in full here