# Security

Security of the Oh protocol and our users is of utmost importance to the team. In addition to the significant security practices we put in place surrounding the hosting of our website and our application, the most important part of any DeFi app is the contract, securing users assets, and ensuring the core protocols used are secure.

{% hint style="info" %}
Although we go to great lengths to secure Oh funds and protocols, please do your own research, and familiarize yourself with the [Terms of Service](/terms-of-service.md) and the [Benefits & Risks](/general/benefits-and-risks.md) of using Oh Finance.
{% endhint %}

{% hint style="warning" %}
Nobody on the Oh Finance team will ever ask you for your wallet private key, your 12-word backup phrase, or any account password. Beware of scams!
{% endhint %}

## Contract Audits

Oh Finance has received a "thumbs up" audit by ArmorLabs, and we have also submitted to QuantStamp for an independent second audit.

A smart contract security audit is a technical assessment of a blockchain application and related artifacts. The main goal of auditing smart contracts is to detect and eliminate code vulnerabilities (eg: security bugs) and also to keep a check on the reliability of the contract’s interactions (eg: does the contract do what the development team says it will do - and to reduce the possibility of "[rugpulling](https://coinmarketcap.com/alexandria/glossary/rug-pull)").

### Strategy & Bank Contract Audit, Conducted by *Halborn*

{% hint style="success" %}
<https://assets.oh.finance/OhFinance_Halborn_Audit.pdf>
{% endhint %}

### Secondary Audit, Conducted by *Armor Labs*

{% hint style="success" %}
<https://assets.oh.finance/OhFinance_ArmorLabs_Audit.pdf>
{% endhint %}

## Insurance

Oh! Finance is proud to partner with **Bridge Mutual**, an on-chain insurance underwriter, to offer protocol users the option to insure their positions.

Users can choose a dollar amount and time period to insure, then automatically get quoted for coverage. In the event of a protocol exploit, covered users can then submit claims to Bridge Mutual and receive compensation for any incurred losses.

More information about how you can insure your Oh! Finance position with Bridge Mutual coming soon.

Visit the Bridge Mutual site to learn more and to purchase or provide coverage: <https://www.bridgemutual.io/>

## Protocol Guardian

Under extreme circumstances which require administrative intervention, the Protocol Guardian can assume limited admin capabilities to pause a given Bank and/or Strategy. All deposits to a paused Bank are suspended and all underlying tokens are withdrawn from any affected Strategies to allow user withdrawal. Users maintain the rights to withdraw underlying at any time.

Protocol Guardian rights are currently held by the **Oh! Finance Deployer**.

## Multi-signature Wallets

Token Rewards, LP Tokens, and other privileges are given to the follow 2/4 multi-signature wallets, managed by Gnosis Safe. Wallet signers are currently consist of members of the core team.

* Treasury: <https://etherscan.io/address/0xDe921b5b1C0dcD2D1C1eef6890E7d23a16A65294>
* Foundation: <https://etherscan.io/address/0xc8a5df8c703139a0e4dffd0bc21f67f20dd49ae9>
* Strategic: <https://etherscan.io/address/0x34e5b09E4da536e9e90af96fCb178C78c2671460>
* Community: <https://etherscan.io/address/0x3F62aC1a5d25f7c1F94C293D6421A91badF74681>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.oh.finance/general/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.