Security is something Float takes very seriously. Protocols we have engineered and released in the past for clients hold more than $40 000 000 dollars in value and see daily interaction. It's a great responsibility to engineer safe code that allows users to feel safe when interacting with the protocol.
To give you a better idea of our smart contract flow, before any code is merged into master, we have other engineers review the changes manually. We also have continuous integration testing in place where a suite of smart contract tests we have written trigger and run before any changes can be merged in. Having audited other protocols in the past, we are acutely aware of many attack vectors and always pay attention to these.
We are in the process of recording videos where we deep dive and talk through the smart contracts to help give users a better understanding of the underlying protocol.
We recommend all users to always carefully review protocol code and do detailed research before interacting with any protocol, including Float Capital. Remember, there is no such thing as a free lunch, no matter how attractive things may appear!
In August 2021 the Float Capital protocol conducted a $50,000 smart contract audit competition with Code 432n4. The results of which will be published soon. Other protocols using Code432n4 include Sushiswap, PoolTogether, BadgerDAO, Convex Finance and more.
Code 432n4 published a piece on the audit here.
The contest repo is also viewable here.