Audits & Responsible Disclosure

!

Status

• Audit firm(s): TBA.
• Reports: will be published in this section (with versioning and checksums).
• Scope (initial): PutManagerPutManagerThe contract that orchestrates PCA participation, FT issuance into PUT positions, and post‑offering actions such as invest, withdraw, exit, and state transitions.View glossary entry, FT Token, ftYieldWrapper and associated libraries. Additional audits precede enabling Spot/Lend/Futures with real funds.

Approach

• Multiple reviews (internal + external) before enabling capital‑bearing features.
• Re‑audit on material changes or new major modules.
• Gating & caps post‑deployment until audit findings are addressed and monitoring is live.
• Public artifacts: audit reports, diffs vs. deployed bytecode, and "what changed since audit" notes.

Bug Bounty (planned)

• Public bounty with clear scope, severity tiers, and payouts.
• Acknowledgment policy and response SLAs published with the bounty.