Security at Haven1

At Haven1, user safety isnโ€™t an after-thoughtโ€”itโ€™s a launch requirement.

Every protocol deploying on Haven1 must pass two independent security audits before going live. Below youโ€™ll find the audit history for Haven1โ€™s own code-base and core infrastructure, followed by details of our active bug-bounty programmes.


1. Protocol & Contract Audits

Category
Scope
Auditor(s)

Permissioned-layer contracts

Chain-level permissioning

Core smart-contracts

Token logic, staking, governance, foundation treasury

HSwap (HSOP) DEX

AMM pool contracts, router, fee modules

Bridge

ERC-20 wrappers, lock-and-mint, burn-and-release flows

Certik, Zokyo

Guardian API

Module to prevent spam on chain and stop malicious txs

Certik, Zokyo

Why two audits? Independent assessments reduce blind spots, uncover edge-case exploits, and ensure mitigations are verified.


2. Active Bug-Bounty Programmes

Platform
Program Link
Severity
Reward Range*

CertiK SkyHarbor

Critical

Upto $100,000

High

Upto $10,000

Medium

Upto $2000

Immunefi

Critical

Upto $100,000

High

Upto $10,000

Medium

Upto $2000

*Ranges shown are upper-bounds; see programme pages for full terms, scope, and submission guidelines.


3. Recommendations for apps building on Haven1

  1. Complete (at least) two reputable audits.

  2. Publish reports publicly for transparency.

  3. Run an ongoing bug-bounty or join aggregated bounty platforms.


4. Stay Informed

Last updated