Audits & Security

Audits

Size has conducted 10+ external audits to date by several firms, with plans to continuously review code.

Date
Version
Auditor
Scope/ Description

2025-06-23

v1.8

Omniscia

Incremental audit, fix review

2025-06-23

v1.8

Hashlock

Incremental audit, fix review

2025-06-14

v1.8-rc

Cantina

Incremental audit, user vaults

2025-05-26

v1.8-rc

Custodia Security

Incremental audit, deploy scripts

2025-02-26

v1.7

Cantina

Full codebase

2025-02-12

v1.6.1

Custodia Security

Incremental audit, copy trading

2024-12-10

v1.5.1

Chain Defenders

Incremental audit, fallback oracle

2024-11-13

v1.5

Custodia Security

Incremental audit, cross-market liquidity

2024-06-10

v1.0

Code4rena

Full codebase, $200k competition pot

2024-06-08

v1.0-rc

Spearbit

Full codebase

2024-03-26

v1.0-beta

Solidified

Full codebase

Audits for Very Liquid Vaults

Date
Version
Auditor
Scope/ Description

2025-09-11

v0.1.0

Obsidian

Full codebase

2025-07-26

v0.0.1

Open Zeppelin

Full codebase

Internal Audits and Tests

In addition to security audits, we have conducted several internal reviews and taken various measures to ensure that our coding practices meet the highest standards:

  1. 93% test coverage (Test-to-Code > 3x)

  2. Stateful Invariant Tests (Echidna, Medusa, Foundry 38 properties)

  3. Stateless Fuzz Tests (Foundry)

  4. Static Analyzers (Slither, Solhint, LightChaserV3)

  5. Formal Verification (Halmos)

  6. Auditable protocol upgrades with Foundry scripts

Bug Bounty

A $50k bug bounty is live on Cantina.

This protocol has adopted the SEAL Safe Harbor Agreement for Whitehats, which empowers approved security researchers to intervene during active exploits to rescue funds. Full adoption details, scope, and bounty terms are publicly available here.

Get in Touch

security (at) size.credit

PreviousVery Liquid VaultsNextRisks

Last updated