Security
Last updated
Last updated
Clip Finance is dedicated to ensuring the security of its users. Our preventative strategies include multiple third-party code audits, protocol insurance funds, and a bug bounty program. We've also implemented risk mitigation techniques to proactively monitor safety and security as the Clip ecosystem expands.
The Clip Finance code is audited by Three Sigma. The audit report is uploaded as a PDF.
Automated liquidity management component
Public references of audits https://github.com/threesigmaxyz/publications
Clip will have an insurance and recovery fund to protect users in the case of an exploit. As our TVL increases, we will also be implementing third-party insurance to further protect investors.
Our insurance fund is funded by the protocol revenues. If any of the risks realize and Clip's protocol or any of the external protocols are exploited, the insurance fund is used to cover the losses of our users. If the insurance fund can't cover the losses, we'll deploy the recovery fund. The recovery fund (also funded by the protocol revenues) will distribute payments to the affected users on a pro-rata basis for up to three years or until the loss has been reimbursed. The size of the payments depends on the protocol revenue, as a fixed percentage of the revenue is directed to the recovery fund.
All strategies are assessed by our comprehensive risk-scoring matrix. The resulting score heavily influences the strategies we choose to deploy. More details on this matrix can be read here.
Clip believes its preventative measures and risk mitigation strategies will be effective. That said, when it comes to protocol security - you can never be too careful.
Our code is 100% open-source, enabling the community to identify concerns and provide feedback on our contracts. On top of this, we will have a bug bounty program which will be announced before the launch. This will financially incentivize white hat hackers to search for imperfections in our protocol.
