THENA was adapted from Velodrome codebase, which is directly derived from the Solidly smart contracts that have been open sourced in March 2022. The AMM part of Solidly has been audited by PeckShield that revealed 5 low-severity and 1 informal findings. There have been no security-related incidents involving Solidly smart contracts since their deployment on Fantom in February 2022.
The Velodrome codebase went through a security audit and a peer review as part of a Code4rena bug bounty contest. All high or medium risk issues were either resolved pre-deployment, except for one known issue (users can claim eligible rewards from ExternalBribe contracts more than once) that has been addressed via a wrapped contract solution.
We have launched a bug bounty program together with Immunefi. The maximum bounty is set at $150,000.
All transactions will have to go through a multisig.
- Setup: 4/6 signers needed for a transaction, 3 from THENA, 3 doxxed entities from Ankr, GrizzlyFi, and DEUS Finance
- Timelock: 12 hours (implemented soon)