Audits & Bug Bounty
Multyr contracts are deployed on Arbitrum One. The system is currently in validation phase. Deposits are not open to the public. Behavior described on this page reflects the protocol's designed behavior; some mechanisms are active in shadow testing, others become active at public launch. See the Status page for details.
Security audits and external review are part of the protocol's security lifecycle.
Audits
External audits are engaged with top-tier auditor firms, targeted for completion in Q2–Q3 2026. Audit reports will be published once completed. Public mainnet launch follows audit completion and remediation.
Auditor firm names will be disclosed once engagement is finalized.
Bug Bounty
A bug bounty program is planned concurrent with the first audit report publication (targeted Q3 2026), hosted on Immunefi.
Tier structure and scope will be announced at launch. In the interim, responsible disclosure is welcome through:
Continuous Security
Security is not a one-time process. It includes:
- external audits
- internal testing (289 files, 3,500+ test functions — see Testing Deep Dive)
- on-chain and off-chain monitoring (see Monitoring & Automation)
- community review and responsible disclosure
Disclaimer
Audits and testing reduce risk but do not eliminate it. Users should assume that interacting with smart contracts carries inherent risk.