Security
Safura Protocol Security Overview
Safura provides robust protocol security by combining regular audits, live contract monitoring, and protective community mechanisms. Below is a detailed breakdown of the audits and security practices that help ensure the safety of Safura smart contract infrastructure.
We have completed a diff audit by auditors from AuditOne.
Audits Endorsed by Safura
To uphold the integrity and safety of Safura’s smart contracts, Safura utilized Nexus Mutual’s top-tier audited smart contracts.
iosiro Audit – October 2023 Reviewed the Ratcheting AMM (RAMM) contracts to verify the security and functionality of the new framework.
Chaos Labs Economic Audit – October 2023 Completed a deep economic assessment of the RAMM design to ensure sustainable tokenomics and proper incentive structures.
iosiro Audits – Nov-Dec 2022 & Feb-Mar 2023 Evaluated all contracts in the contracts/modules folder, the foundation of Nexus Mutual V2.
iosiro Audits – May & June 2021 Covered key components including:
G0 Group Audits – June & Nov 2020, March 2021 Assessed:
Claim payout upgrade mechanisms
Distribution contracts
Solidified Audit – April 2019 Conducted a pre-mainnet audit of the core smart contracts and system components critical to launching the protocol.
Ongoing Security Practices: RAMM Launch
To reinforce trust during the RAMM deployment, Nexus Mutual implements advanced on-chain safeguards and real-time surveillance:
Circuit Breakers Enforces ETH withdrawal and NXM minting caps to mitigate systemic risk. These limits are eased gradually over time.
Real-Time Monitoring Leveraging Tenderly alerts, the engineering team stays updated on any abnormal or suspicious contract behavior.
Emergency Pause Capability The Advisory Board can immediately halt RAMM contract activity in critical situations.
Bug Bounties
As part of Safura’s security efforts, we have launched a bug bounty program running until December 31, 2026. Participants must complete KYC to be eligible, and rewards range from $300 to $10,000, depending on the severity of the reported issue. More details can be found on AuditOne's Bug Bounty page.
Last updated