#Audits
Exolane's smart contracts have been audited 7 times by leading blockchain security firms Sherlock and Zellic. All audit reports are publicly available, and all critical and high-severity findings were resolved and verified by auditors.
#Audit Summary
Audit Coverage: Exolane deploys the audited Perennial V2 protocol in production on Arbitrum One, which has undergone 7 independent security audits. All contracts are verified on Arbiscan with publicly readable source code.
| Audit | Auditor | Date | Focus | Status |
|---|---|---|---|---|
| V2 | Sherlock | August 2023 | Core Protocol | ✅ Complete |
| V2 | Zellic | August 2023 | Core Protocol | ✅ Complete |
| V2 Fix Review | Sherlock | September 2023 | Issue Remediation | ✅ Complete |
| V2.1 | Sherlock | October 2023 | Protocol Updates | ✅ Complete |
| V2.2 | Sherlock | March 2024 | Protocol Updates | ✅ Complete |
| V2.3 | Sherlock | August 2024 | Protocol Updates | ✅ Complete |
| V2.4 | Sherlock | February 2025 | Protocol Updates | ✅ Complete |
#What This Page Verifies
- 7 independent security audits conducted by Sherlock and Zellic on the protocol Exolane deploys in production
- All critical and high-severity findings were resolved and verified
- Exolane deploys the audited Perennial V2 protocol in production on Arbitrum One
- Complete audit report links are publicly accessible
- All contracts are verified on Arbiscan with publicly readable source code
#About Auditors
#Sherlock
Sherlock is a leading smart contract security firm that combines traditional audits with a decentralized security network.
- Methodology: Expert-led audits + competitive audit contests
- Track Record: Hundreds of DeFi protocols secured
- Coverage: Full protocol security coverage
#Zellic
Zellic is a blockchain security firm specializing in complex DeFi protocols.
- Methodology: Deep manual review + automated analysis
- Specialization: Complex financial protocols
- Approach: Adversarial security research
#Audit Scope
Our audits cover:
| Component | Audited |
|---|---|
| Market contracts | ✅ |
| Oracle integration | ✅ |
| Collateral system | ✅ |
| Liquidation logic | ✅ |
| Funding rate math | ✅ |
| Position management | ✅ |
| Access controls | ✅ |
| Vault contracts | ✅ |
#Audit Findings
#Severity Classification
| Severity | Description |
|---|---|
| Critical | Direct loss of funds possible |
| High | Significant impact to protocol |
| Medium | Moderate impact or complex exploit |
| Low | Minor issues or improvements |
| Informational | Best practices, gas optimizations |
#Finding Resolution
All Critical and High severity findings have been:
- ✅ Acknowledged
- ✅ Fixed or mitigated
- ✅ Verified by auditors
#Continuous Security
Security is ongoing, not one-time:
| Activity | Frequency |
|---|---|
| Code reviews | Every change |
| Automated testing | Continuous |
| Fuzz testing | Continuous |
| Invariant testing | Continuous |
| New audits | Major versions |
#Accessing Audit Reports
Full audit reports are available:
- Public report links: Linked directly in the table above
- GitHub: Perennial audits folder
- Related verification pages: Security Overview, Official Links, and Market Parameters
#Verification Checklist
- Open the report links above and confirm the audit dates and auditors.
- Read Security Overview to understand which admin actions and protections are currently disclosed.
- Read Market Parameters and Fee Structure for live published settings.
- Cross-check official domains and core contract addresses on Official Links.
#How to use audit reports
Audit reports verify that Exolane's smart contracts have been reviewed by independent security experts. Review them alongside the Security Overview for a complete picture of protocol protections.