Security
Bug Bounty
Balancer's bug bounty program is among the largest in DeFi (opens in a new tab) with a maximum payout of 1,000 ETH for properly disclosed critical vulnerabilities. For more information of Balancer's Bug Bounty program, please visit our Immunefi page (opens in a new tab).
::: warning Bounties only apply to protcol smart contracts. Bug reports pertaining to Balancer's web interfaces, both in terms of UI/UX or servers/infrastructure, are not eligible. :::
Audits
Balancer has completed full audits with Certora, OpenZeppelin, Trail of Bits, and ABKD.
Scope | Company | Report |
---|---|---|
Vault, Weighted Pool, Stable Pool | OpenZeppelin | 2021-03-15 (opens in a new tab) |
Vault, Weighted Pool, Stable Pool | Trail of Bits | 2021-04-02 (opens in a new tab) |
Vault | Certora | 2021-04-22 (opens in a new tab) |
MultiRewards, Stable Pool | OpenZeppelin | 2021-10-09 (opens in a new tab) |
Linear Pool, Stable Phantom Pool | Trail of Bits | 2021-10-08 (opens in a new tab) |
Timelock Authorizer | ABDK | 2022-05-27 (opens in a new tab) |
Batch Relayer | Trail of Bits | 2022-05-27 (opens in a new tab) |
Composable Stable Pool | Certora | 2022-09-23 (opens in a new tab) |
Composable Stable Pool | Trail of Bits | 2022-09-02 (opens in a new tab) |
Managed Pool | Trail Of Bits | 2022-10-25 (opens in a new tab) |
Audit reports can also be found in the Balancer V2 Core repository (opens in a new tab).
Balancer x Certora Accelerator
On the 10th of October 2022 (opens in a new tab), Balancer launched the Balancer Certora Security Accelerator in partnership with Certora (opens in a new tab). The Security Accelerator helps projects building on Balancer increase their code security.
The Accelerator provides code reviews and grants access to Certora’s formal verification Prover. This alignment strengthens the soundness of the code base and streamlines the go-to-market process for projects building on Balancer.
The Balancer x Certora Security Accelerator offers the following benefits:
- Two weeks of manual code review by Certora engineers familiar with Balancer’s codebase
- Set up and introduction of Certora’s formal verification Prover
- $10.000 USD worth of credits for Certora’s formal verification Prover
- Integration assistance by Balancer on code functionality and business logic