CAP takes security very seriously. Contracts and system security have been time-tested with a grand total of $0 hacked or lost since the protocol was first launched in 2020. Code and processes are thoroughly reviewed, stress-tested, and independently audited.

Arbitrum Security

Contract security starts with underlying blockchain security. Arbitrum is a layer 2 scaling network built on one of the most secure and time-tested blockchains, Ethereum. As an optimistic rollup, Arbitrum is rooted in Ethereum's security:

1. Transactions are batched and submitted to Ethereum while computation and storage is done on Arbitrum itself (layer 2).

2. When a transaction batch is posted, a period begins where anyone can challenge its validity. If that period expires with no successful challenges, the transactions become final.

This, along with a slew of other mechanisms, ensures that Arbitrum inherits Ethereum's robust security and remains trustless. Arbitrum has been running in production since 2021 and secures billions of dollars in assets.

Oracle Security

CAP contracts rely on accurate price data to determine when order execution and liquidations occur, which in turn determine profits and losses for both traders and liquidity providers.

CAP uses Pyth to price orders on-demand. Pyth sources prices from several of the most liquid and reliable global trading venues, minimizing reliance on a single source and the likelihood of price wicks or data errors.

When a Chainlink feed is available for a given market, prices sourced from Pyth are bound by the Chainlink price for even more security. Chainlink bounding parameters are indicated in the market details modal in your dashboard.

Learn more about order settlement.

Risk Mitigation

Ensuring protocol integrity is essential to security. Learn more about CAP's risk mitigation tactics.

Bug Bounties

CAP offers attractive bounties to white hat hackers who find medium-severity and high-severity exploits. Reach out to a senior community member on Discord to learn more.