Security
Audits, Multisigs & On-Chain Monitoring
Last updated
Audits, Multisigs & On-Chain Monitoring
Last updated
At Level, we take a security-first approach to developing, deploying, and monitoring our smart contracts.
In addition to an internal review, Level works with top auditors like Spearbit Cantina, Pashov, and 0xMacro to secure our smart contracts. Read more here:
We have partnered with Cantina to launch a bug bounty program where security researchers can submit findings. Details of the program can be found here.
Our admin multisig is a 5 of 8 Gnosis Safe multisig. All multisig signers are cold wallets, and the Level cannot sign transactions without the approval of external signers, who are security firms like Spearbit.
The operator multisig is a separate 2 of 5 Gnosis Safe multisig which is able to execute low risk tasks such as deploying the reserve managers' collateral into lending protocols. The operator multisig is not responsible for handling any protocol funds. Only the admin multisig can change the contract addresses that operators can move funds between.
The protocol treasury multisig is another separate 3 of 4 Gnosis Safe multisig which is able to reward staked lvlUSD. All multisig signers are cold wallets.
We use Hexagate, an on-chain monitoring solution, to alert us about suspicious activity ranging from suspicious multisig transactions to potential malicious contract deployments and automatically pause contracts in response to critical issues. Our partners work with other on-chain protocols to secure billions in value, such as Coinbase, EigenLayer, and Uniswap.