#Security Overview
Security is a core priority for Exolane. This section explains the public security model and the verification path for the main trust claims Exolane makes about custody, governance, and audits.
#Verification Path
Use these pages together when evaluating Exolane:
- Audits for public audit lineage and report links
- Official Links for official domains, contacts, and core contract addresses
- Market Parameters for published live market tiers, fees, and oracle settings
- Risk Disclosure for the risk categories that still remain even with non-custodial contracts and public docs
#Security Principles
#1. Non-Custodial by Design
✅ Users always control their funds
✅ Smart contracts enforce all rules
✅ No admin function can transfer user collateral
✅ No backend servers hold user funds
⚠️ Multisig can pause operations in emergencies
⚠️ Material protocol changes are controlled on-chain with a 7-day delay — see Governance section#2. Transparent and Audited
✅ All contracts are verified on-chain
✅ Multiple independent audits completed
✅ Contracts publicly readable on Arbiscan#3. Minimal Trust Assumptions
✅ Oracle-based pricing (Pyth Network)
✅ Deterministic settlement
✅ Rule-based liquidations
✅ Timelock on parameter changes#Smart Contract Security
#Public Audit Lineage
Exolane's docs currently point users to a public audit lineage on the same Perennial V2 codebase that the protocol says it runs in production.
| Source | Focus | Where to verify |
|---|---|---|
| Sherlock | Public Perennial V2 audits and follow-up reviews | Audits |
| Zellic | Public Perennial V2 core review | Audits |
See Audits for the full linked report list and codebase-lineage explanation.
#Contract Verification
Published contract addresses, official domains, and governance addresses are listed on Official Links and Available Markets. Users can then cross-check deployed code and permissions on Arbiscan.
#Governance & Access Control
#Role Hierarchy
┌─────────────────────────────────────────┐
│ ACCESS CONTROL │
├─────────────────────────────────────────┤
│ │
│ TimelockController (7-day delay) │
│ └── Protocol parameters │
│ └── Market creation │
│ └── Extension registration │
│ │
│ Multisig (Emergency) │
│ └── Pause functionality │
│ │
│ Coordinator (per Market) │
│ └── Risk parameters only │
│ │
└─────────────────────────────────────────┘#Published Admin Actions
| Action | Who | Delay | User implication |
|---|---|---|---|
| Pause trading operations | Multisig | Instant | Emergency control; docs state withdrawals remain available |
| Update risk parameters | Coordinator | Instant | Per-market settings such as margins, fees, and funding cap remain adjustable within protocol limits |
| Update protocol-level bounds | Timelock | 7 days | Material protocol-level changes are delayed on-chain |
| Add new markets or extensions | Timelock | 7 days | New listings and protocol extensions are not instant |
#Published Admin Limits
| Protection | Detail |
|---|---|
| Transfer user funds directly | No admin function exists for this |
| Bypass oracle settlement | Settlement logic is enforced by market contracts |
#Oracle Security
#Pyth Network
- Multiple independent price publishers
- Aggregated prices reduce manipulation risk
- On-chain verification of all prices
#Staleness Protection
- 40-second maximum price age
- Trading pauses if oracle stale
- Liquidations blocked on stale prices
#User Security
#Best Practices
- Secure your wallet — Hardware wallet recommended
- Verify URLs — Only use exolane.com
- Check transactions — Review before signing
- Use stop-losses — Limit potential losses
- Understand leverage — Higher risk with higher leverage
#What Exolane Cannot Protect Against:
| Risk | Responsibility |
|---|---|
| Compromised wallet | User |
| Phishing attacks | User |
| Social engineering | User |
| Over-leveraging | User |
#Incident Response
#If Issues Occur:
- Detection — Monitoring alerts or user reports
- Assessment — Severity and scope analysis
- Pause — Emergency pause if needed
- Fix — Deploy fix or mitigation
- Communication — Public disclosure
#Emergency Pause
The multisig can pause markets in emergencies:
- Prevents new positions
- Allows position closes (with pause exemption)
- Protects users from ongoing damage
#Security Resources
#Reporting Vulnerabilities
If you discover a security vulnerability:
- Do NOT disclose publicly
- Contact [email protected]
- Provide detailed description and reproduction steps
- Wait for acknowledgment before any disclosure
Use [email protected] for responsible disclosure. Do not assume a public bug bounty or reward program unless Exolane announces one through an official channel listed on Official Links.
#Summary
| Aspect | Status |
|---|---|
| Audits | Multiple completed |
| Non-Custodial | Yes |
| Admin Controls | Limited, timelocked |
| Oracle Security | Pyth Network |