# Security & Audits At Huma, robust security is embedded at every layer—from smart contracts and backend systems to user interfaces and internal operations—ensuring LPs can participate with confidence. ## **Minimized Admin Rights** All administrative functions are secured with multisigs, so no single party can act alone. Our smart contracts are specifically engineered to allow admin control over the protocol treasury while preventing access to user funds. This design offers optimal protection for LP funds: even if a multisig were ever compromised, attackers would be unable to access user assets. ## **Top-Tier Audits** Before any major update goes live on mainnet, it undergoes a comprehensive audit. Our contracts are rigorously reviewed by leading security firms across multiple ecosystems: * **Solana** programs audited by **Halborn** and **Sec3** ↳ *\[*[*Huma Prime Audit Report*](https://github.com/sec3-service/reports/blob/master/reports/sec3_huma_vault.pdf)*]* ↳ *\[*[*Incremental Audit Report 1*](https://github.com/sec3-service/reports/blob/master/reports/sec3_huma_vault_incremental_20260131.pdf)*]* ↳ *\[*[*Huma 2.0 Audit Report*](https://www.halborn.com/audits/huma-finance/solana-programs-060022)*]* ↳ *\[*[*Incremental Audit Report 1*](https://www.halborn.com/audits/huma-finance/huma-solana-programs-687cbd)*]* ↳ *\[*[*Huma Institutional Audit Report*](https://www.halborn.com/audits/huma-finance/huma---pr-124-d3c7e8)*]* ↳ *\[*[*Incremental Audit Report 1*](https://www.halborn.com/audits/huma-finance/huma---solana-program-audit-pr-113-2b46cf)*]* * **EVM** smart contracts audited by **Spearbit** ↳ *\[*[*Audit Report 1*](https://github.com/00labs/huma-contracts-v2/blob/develop/audit/spearbit.pdf)*]* ↳ *\[*[*Audit Report 2*](https://github.com/00labs/huma-contracts-v2/blob/develop/audit/spearbit-incremental-Nov-2024.pdf)*]* * **Stellar** contracts audited by **Certora** ↳ *\[*[*Audit Report*](https://certora.cdn.prismic.io/certora/Z0dE1pbqstJ971DG_HumaCertoraAuditReport.pdf)*]*. We also maintain an active **bug bounty program** in collaboration with **Spearbit/Cantina** to encourage ongoing white-hat reviews. ## **Infrastructure & Operational Security** Security doesn't stop at smart contracts. We've implemented strong protection across our infrastructure and team operations: * **End-to-end penetration testing** of backend systems * **Device-level monitoring and endpoint protection** (EDR + DM) for all team members At Huma, we are committed to continuously enhancing our security posture as the protocol evolves, ensuring a secure environment for all participants. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.huma.finance/ecosystem-resources/security-audits.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.