All of the actions performed using DeFi Saver are done in a trustless manner using logic stored in DeFi Saver’s smart contracts.
The source code of DeFi Saver smart contracts is publicly available in our Github repository and you can find additional information on our smart contracts architecture in our developer docs.
Audits
DeFi Saver Automation has been audited in February 2021 by Dedaub and you can find our brief summary post here, as well as their full report here.
Smart contracts powering the new DeFi Saver architecture and the Recipe Creator have been audited by ConsenSys Diligence and Dedaub. You can find more info in one of our blog posts, as well as both of the reports here.
We want to highlight the importance of external audits and note that all feature releases and integrations will be audited before they are deployed in production.
Insurance
We are looking into adding options of utilising DeFi insurance protocols directly within the app in the future and will share any details on this as soon as this functionality is ready.
Historical security issues
As of now, there have been two security incidents at DeFi Saver:
- Exchange vulnerability discovered in June 2020, affecting users of our separate Exchange users from early 2020 until that point.
No funds were lost or stolen. No other parts of the app were affected. More info can be found here. - Compound import (migrate) contract vulnerability discovered in January 2021, affecting users that specifically used the import (migrate) option for their Compound position.
No funds were lost or stolen. No other parts of the app were affected. More info can be found here.
Final notes
Although security is our topmost priority, we suggest that users always consider the possibility of potential smart contract risk, given how young the decentralized finance ecosystem is and how connected multiple protocols and numerous smart contracts can be.
