Skip to main content

Security

NOTE: These docs are under active development ๐Ÿ‘ทโ€โ™€๏ธ๐Ÿ‘ท

Float takes security and the safety of users very seriously.

The team behind Float previously performed smart contract audits for clients and had various of their own smart contracts audited before release.

We try out best to engineer code that allows users to feel safe when interacting with the protocol.

To give you a better idea of our smart contract flow, before any code is merged into master, we have other engineers review the changes manually. We also have continuous integration testing in place where a suite of smart contract tests we have written trigger and run before any changes can be merged in. Having audited other protocols in the past, we are acutely aware of many attack vectors and always pay attention to these.

We recommend all users to always carefully review protocol code and do detailed research before interacting with any protocol, including Float. Remember, there is no such thing as a free lunch, no matter how attractive things may appear!

Even given all our security measures, there is no garuntee of an absence of bugs.

Float Artic - Sherlock Audit - Nov 2022#

In November 2022, Float's new protocol release, Float Arctic, conducted a $25,000 smart contract audit competition with Sherlock. With more than 70+ participants, including industry recognized security experts, Float Artic contract have been audited and no material bugs were found.

"With the parameters the Float team had setup for mainnet launch no issues were found on the contracts" - Jason Smythe, Co-Founder at Float

The audit report can be found here and the content repository can be found here.

Here's also a video provding an overview of the smart contracts for the Sherlock competition.

"Float like a butterfly, uint256 like a bee" - Unknown

A.P. Morgan Sailing Club - Byterocket - Oct 2022#

In October 2022, Float released a NFT Collection, called the A.P. Morgan Sailing Club. The smart contract was audited by Byterocket and all findings have been remediated / mitigated.

"The protocol review and analysis did neither uncover any game-theoretical nature problems nor any other functions prone to abuse. In general, we are happy with the overall quality of the code and its documentation. The developers have been very responsive and were able to answer any questions that we had" - Byterocket

The audit report can be found here.

Float Alpha - Code 432n4 Audit - Aug 2021#

In August 2021 the Float protocol conducted a $50,000 smart contract audit competition with Code 432n4. The results of which will be published soon. Other protocols using Code432n4 include Sushiswap, PoolTogether, BadgerDAO, Convex Finance and more.

Code 432n4 published a piece on the audit here.

The contest repo is also viewable here.