HomeSecurity
9 Security Features Implemented

Security & Audits

BridgeFlow is built with a security-first mindset. Every known DeFi vault attack vector has been systematically addressed.

Security Audit Status: Pending

BridgeFlow is currently awaiting a formal third-party security audit. The protocol implements comprehensive security mitigations, but use caution and start with small amounts until the audit is complete. We will publish the full audit report here once available.

9
Security Features
5
Contracts
M-of-N
Multisig Required
24h
Adapter Timelock

Security Features

Risk Disclosure

DeFi protocols carry inherent risks. Please understand the following before depositing:

Smart Contract Risk

Medium

All contracts are unaudited at launch. Use at your own risk. Start with small amounts.

Protocol Risk (Aave/Compound)

Low

Funds in Aave V3 / Compound V3 are subject to those protocols' own risks, including oracle manipulation or governance attacks.

Oracle Risk (Chainlink)

Low

AI optimization relies on Chainlink Functions. A compromised DON or stale data could lead to suboptimal yield allocation.

Bridge Risk (CCTP)

Low

Circle CCTP is operated by Circle Inc. Cross-chain messages depend on Circle's attestation service availability.

Admin Key Risk

Low-Medium

Multisig ownership mitigates this significantly, but a compromised multisig could pause, change fees, or migrate adapters after the 24h timelock.

Liquidity Risk

Low

Under extreme conditions, underlying protocol liquidity constraints could delay withdrawals. Emergency path always available.

Report a Bug

We take security seriously. If you discover a vulnerability in BridgeFlow's smart contracts or infrastructure, we want to hear from you.

Responsible disclosure: Please allow 72 hours for an initial response before public disclosure. Do not exploit vulnerabilities on mainnet.

Smart Contracts API Reference GitHub