Audits & bug bounty
ClearPortX contracts will be audited by recognized Daml and DeFi security firms before any mainnet deployment. This page will be updated as audits complete and reports become public.
Audit status
Section titled “Audit status”| Module | Auditor | Status | Report |
|---|---|---|---|
| DLMM Exchange | TBD | Scoping | — |
| Money market | TBD | Pre-scoping | — |
| CPX Staking | TBD | Pre-scoping | — |
Responsible disclosure
Section titled “Responsible disclosure”We operate a responsible-disclosure policy. If you believe you have found a security vulnerability in any ClearPortX contract, script, or infrastructure component, please report it privately before sharing publicly.
Contact: security@clearportx.com
Please include:
- A clear description of the vulnerability
- Reproduction steps or proof-of-concept where possible
- Your preferred contact method for follow-up
- Any suggested fix or mitigation
We will acknowledge receipt within 48 hours and work with you on disclosure timing. Verified critical vulnerabilities are eligible for bounty payouts.
Bug bounty
Section titled “Bug bounty”A formal bug-bounty program with published payout tiers will launch alongside our first mainnet deployment. Until then, we pay fair and timely bounties on a discretionary basis for valid reports.