Security Overview
🔒 Audit Status
The Dropsy smart contract is not yet released on mainnet and has not been audited by any third-party security firm.
The protocol will be released as a Beta version, allowing the community to interact with it in a controlled environment while we prepare for a formal audit. The current program has been developed following best practices, extensively tested, and reviewed in reference to major Solana protocol audit reports.
🛡️ Our Security Approach
-
Built entirely with the Anchor framework for safety and deterministic behavior.
-
Extensive unit tests covering core functionality and edge cases.
-
Fuzz testing to simulate unexpected inputs and ensure robust contract behavior.
-
Public testing programs to allow the community to interact safely in devnet.
-
Bug bounty programs to incentivize responsible disclosure of vulnerabilities.
-
Program design and implementation were reviewed based on audit reports from major Solana protocols.
-
Modular and isolated program logic for easier review, maintenance, and upgrades.
🔭 Looking Ahead
Dropsy will undergo a third-party security audit in the future, and the audit report will be published in the Audits section once available.
The Dropsy protocol is provided as-is. While it has been developed following best practices, tested extensively, and reviewed against major Solana protocol audits, no guarantees are made regarding the absence of bugs, vulnerabilities, or other issues. Users interact with the protocol at their own risk.