Skip to main content

Security

Institutional-grade security

All OctoVault contracts are open-source and available on GitHub. The protocol is designed with transparency, immutability, and strict access control in mind.

  • Role-based access control and explicit timelocks protect all governance actions.
  • A Guardian veto mechanism ensures rapid response and prevention in emergencies.
  • Funds are fully non-custodial, remaining within the vault or connected Adapters and Modules.
  • Only allow-listed Adapters and Modules can move assets.
  • Vaults are immutable, ensuring no upgrade risk or hidden contract changes.
  • Every operation emits on-chain events, providing a full audit trail through standard ERC-4626 accounting.
  • External audits are conducted prior to mainnet deployments to verify security and correctness.