Security

Safura provides robust protocol security by combining regular audits, live contract monitoring, and protective community mechanisms. Below is a detailed breakdown of the audits and security practices that help ensure the safety of Safura smart contract infrastructure.

We have completed a diff audit by auditors from AuditOne.

Audits Endorsed by Safura

To uphold the integrity and safety of Safura’s smart contracts, Safura utilized Nexus Mutual’s top-tier audited smart contracts.

• iosiro Audit – October 2023 Reviewed the Ratcheting AMM (RAMM) contracts to verify the security and functionality of the new framework.

• Chaos Labs Economic Audit – October 2023 Completed a deep economic assessment of the RAMM design to ensure sustainable tokenomics and proper incentive structures.

• iosiro Audits – Nov-Dec 2022 & Feb-Mar 2023 Evaluated all contracts in the contracts/modules folder, the foundation of Nexus Mutual V2.

• iosiro Audits – May & June 2021 Covered key components including:

  • Stacked risk contracts

  • On-chain MCR contracts

  • Swap operator

  • Distributor smart contract

  • Emergency response contract

• G0 Group Audits – June & Nov 2020, March 2021 Assessed:

  • Pooled staking contracts

  • Claim payout upgrade mechanisms

  • Distribution contracts

• Solidified Audit – April 2019 Conducted a pre-mainnet audit of the core smart contracts and system components critical to launching the protocol.

Ongoing Security Practices: RAMM Launch

To reinforce trust during the RAMM deployment, Nexus Mutual implements advanced on-chain safeguards and real-time surveillance:

• Circuit Breakers Enforces ETH withdrawal and NXM minting caps to mitigate systemic risk. These limits are eased gradually over time.

• Real-Time Monitoring Leveraging Tenderly alerts, the engineering team stays updated on any abnormal or suspicious contract behavior.

• Emergency Pause Capability The Advisory Board can immediately halt RAMM contract activity in critical situations.

Bug Bounties

As part of Safura’s security efforts, we have launched a bug bounty program running until December 31, 2026. Participants must complete KYC to be eligible, and rewards range from $300 to $10,000, depending on the severity of the reported issue. More details can be found on AuditOne's Bug Bounty page.