Previous to releasing v1, we conducted an initial audit with Coinspect.

However, the protocol should still be treated with caution given it still hasn't been live for a long period of time.

Audits

Responsible disclosure

We currently do not have a bug bounty program for Firm protocol. However, since v1 is currently deployed in live networks, user funds could be at risk should a critical vulnerability exist.

If you believe you have found a vulnerability in Firm protocol, please responsibly disclose it by emailing security@firm.org.