Audits & Testing
The PoolTogether Protocol has undergone three formal professional third party audits. Two have been conducted by Open Zeppelin. And one was conducted by Ditcraft.
Additionally the PoolTogether core team has a long term security relationship with ConsenSys Diligence including additional code reviews.
Notwithstanding, portions of the PoolTogether Protocol codebase will continue to evolve and it should never be expected that 100% of the deployed code has been formally audited.
We encourage responsible disclosure of any vulnerabilities in the smart contracts and will pay up to $25,000 for those. See the Bounties for more details.
Last updated