The most important starting point for security in any blockchain or DeFi project is always smart contract risk. We are working together with proven experts from the Ethereum and Solidity community in order to build bulletproof systems that satisfy our high standard for security. Throughout the development, the smart contracts have been peer-reviewed by different developers and auditors, and have also undergone an official audit (see below). We built our smart contracts on safe and battle-tested dependencies from companies like OpenZeppelin and directly implemented various proven safety measures in our smart contracts to ensure that we can prevent and (in the unlikely case that this happens) even recover any lost funds.
We are working with expert developers and always test our software extensively before deploying anything to production. However, we want to be 100% sure that our smart contracts don't bear any risks for our users and we haven't missed anything. This is why we are constantly in contact with various auditors, asking for second opinions. Our first official audit was conducted by CertiK, one of the leading providers for audits and security solutions. You can find the official audit report below. Additionally, their 24/7 security intelligence is constantly monitoring our smart contracts and their activity.
While no vulnerabilities have been found, all of their other findings in the audit have been addressed by our developers immediately.
Xion Finance Final Audit Report: https://bit.ly/3dllPXC
Xion Finance Audit Profile on CertiK: https://www.certik.org/projects/xion
Our backend mainly facilitates various tasks to support our frontend, e.g. through indexing all of our blockchain events and providing them to the frontend via a fast and efficient API. Additionally, however, we are monitoring various XGT-based liquidity pools on several blockchains (like the xDai network and Ethereum mainnet) in order to provide our users with XGT rewards through farming. As this requires an on-chain transaction and we are providing values to our smart contract, we need to ensure that only our backend is able to do this. In order to mitigate any risks associated with a backend handling private keys that could potentially be abused, we are making use of services like AWS Key Management System, where the corresponding private key of our backend is stored in a secure enclave, never leaving it and thus not being prone to any attacks.
Currently, our smart contracts have certain functions that can be called by an admin address in order to change certain values, e.g. the address of the xDai bridge if that ever changes. Additionally, this address is able to upgrade the smart contracts. This address is controlled via a Gnosis Safe, controlled by multiple members of our team in an n-out-of-m signature scheme to further enhance our security in case one of our team members gets compromised. Any significant changes and interactions with the smart contracts through that address will be publicly announced by us, so any user will be aware of these changes.
The upgradeability aspect is especially useful in the early stages of our protocol since we want to be able to react swiftly to any new feature ideas and mitigate any problems. We are currently pursuing plans to further decentralize our protocol in order to hand over the little control that we have to our community, e.g. via a DAO.