Security & Audits

At Huma, robust security is embedded at every layer—from smart contracts and backend systems to user interfaces and internal operations—ensuring LPs can participate with confidence.

Minimized Admin Rights

All administrative functions are secured with multisigs, so no single party can act alone. Our smart contracts are specifically engineered to allow admin control over the protocol treasury while preventing access to user funds. This design offers optimal protection for LP funds: even if a multisig were ever compromised, attackers would be unable to access user assets.

Top-Tier Audits

Before any major update goes live on mainnet, it undergoes a comprehensive audit. Our contracts are rigorously reviewed by leading security firms across multiple ecosystems:

Solana programs audited by Halborn
↳ [Huma 2.0 Audit Report]
↳ [Huma Permissioned Audit Report]
EVM smart contracts audited by Spearbit
↳ [Audit Report 1] ↳ [Audit Report 2]
Stellar contracts audited by Certora
↳ [Audit Report].

We also maintain an active bug bounty program in collaboration with Spearbit/Cantina to encourage ongoing white-hat reviews.

Infrastructure & Operational Security

Security doesn't stop at smart contracts. We've implemented strong protection across our infrastructure and team operations:

End-to-end penetration testing of backend systems
Device-level monitoring and endpoint protection (EDR + DM) for all team members

At Huma, we are committed to continuously enhancing our security posture as the protocol evolves, ensuring a secure environment for all participants.

PreviousSmart Contracts NextLegal

Last updated 29 days ago