Security
Learn about protocol audits and other steps taken to secure Oh! Finance
Security of the Oh protocol and our users is of utmost importance to the team. In addition to the significant security practices we put in place surrounding the hosting of our website and our application, the most important part of any DeFi app is the contract, securing users assets, and ensuring the core protocols used are secure.
Although we go to great lengths to secure Oh funds and protocols, please do your own research, and familiarize yourself with the Terms of Service and the Benefits & Risks of using Oh Finance.
Nobody on the Oh Finance team will ever ask you for your wallet private key, your 12-word backup phrase, or any account password. Beware of scams!

Contract Audits

Oh Finance has received a "thumbs up" audit by ArmorLabs, and we have also submitted to QuantStamp for an independent second audit.
A smart contract security audit is a technical assessment of a blockchain application and related artifacts. The main goal of auditing smart contracts is to detect and eliminate code vulnerabilities (eg: security bugs) and also to keep a check on the reliability of the contract’s interactions (eg: does the contract do what the development team says it will do - and to reduce the possibility of "rugpulling").

Strategy & Bank Contract Audit, Conducted by Halborn

Secondary Audit, Conducted by Armor Labs

Insurance

Oh! Finance is proud to partner with Bridge Mutual, an on-chain insurance underwriter, to offer protocol users the option to insure their positions.
Users can choose a dollar amount and time period to insure, then automatically get quoted for coverage. In the event of a protocol exploit, covered users can then submit claims to Bridge Mutual and receive compensation for any incurred losses.
More information about how you can insure your Oh! Finance position with Bridge Mutual coming soon.
Visit the Bridge Mutual site to learn more and to purchase or provide coverage: https://www.bridgemutual.io/​

Protocol Guardian

Under extreme circumstances which require administrative intervention, the Protocol Guardian can assume limited admin capabilities to pause a given Bank and/or Strategy. All deposits to a paused Bank are suspended and all underlying tokens are withdrawn from any affected Strategies to allow user withdrawal. Users maintain the rights to withdraw underlying at any time.
Protocol Guardian rights are currently held by the Oh! Finance Deployer.

Multi-signature Wallets

Token Rewards, LP Tokens, and other privileges are given to the follow 2/4 multi-signature wallets, managed by Gnosis Safe. Wallet signers are currently consist of members of the core team.
​
​