Opium Network
  • Opium Documentation
  • Introduction to Opium
    • What is Opium
    • FAQs
  • Restrictions
    • Restrictions
  • Security and Audits
    • Disclaimer
    • Audits
    • Bounty program
  • Governance
    • Decentralized setup
    • Governance flow
      • Proposal creating
      • Process of voting – technical description
    • $Opium governance token
  • For users
    • Opium.Finance
    • opium.exchange
  • FOR DEVELOPERS
    • Deployment Addresses
      • Opium Protocol v2
      • Opium Protocol v1
    • High-level overview
    • Opium Protocol V2
      • Core
      • Registry
      • SyntheticAggregator
      • OracleAggregator
      • OpiumProxyFactory
      • OpiumPositionToken
    • Opium Protocol V1
      • Core
      • Registry
      • TokenMinter
      • TokenSpender
      • SyntheticAggregator
      • OracleAggregator
      • Helpers
      • Interfaces
      • Common Errors
        • OracleAggregator Errors
        • Core Errors
      • oID - Oracle recipe
      • sID - Derivative recipe
      • EIP-2547: Composable Multiclass Token
    • Tutorials
      • OracleId examples
      • SyntheticId examples
      • End-to-end tutorial
    • Opium API
      • Subgraph V2
      • Subgraph V1
    • SDK
      • Opium V2 SDK
      • Opium Finance Pools SDK
      • Swap Rate SDK/API
  • Complex description
    • Glossary
    • Opium derivatives
    • Oracle and derivative recipes
    • Oracle and derivative registers
    • Opium margin
    • Opium swaps (TMtm)
    • Opium order books
Powered by GitBook
On this page

Was this helpful?

  1. Security and Audits

Disclaimer

The Opium protocol is a smart escrow or a set of smart contracts available on demand as software to facilitate trustless contracts. It doesn't offer a service or advice of any kind, neither can it be considered a finished product. Despite all major components being operable, the protocol as a whole is under active development and testing by the community. It is within the scope of the bug bounty program; the code is open-source and available on GitHub; contributions are accepted as a part of governance mining.

There are several inherent risks associated with the protocol, the most typical being:

  • Delays in or complete failure of transactions being confirmed

  • Faults, defects, hacks, exploits, errors, or unforeseen circumstances occurring in respect of the platform or the technologies that the platform depends on

  • Loss of private keys

  • Attacks on the platform or the technologies that the platform depends on including for example distributed denial of service, Sybil attacks, phishing, social engineering, hacking, smurfing, malware, double spending, majority-mining, consensus-based or other mining attacks, misinformation campaigns, forks, and spoofing.

The first version of the protocol is live on Ethereum mainnet and was audited by two companies, SmartDec and MixBytes. The audit does not give any warranties on the security of the code, utility of the code, sustainability of the business model, regulatory regime for the business model, or any other statement about fitness of the contracts to purpose, or their bug free status. The audit findings are for discussion and educational purposes only. You should always conduct your own research and risk analysis.

PreviousRestrictionsNextAudits

Last updated 3 years ago

Was this helpful?