Security
Security is the cornerstone and bedrock behind any decentralized platform. We define protocol security as encompassing asset safety, personal information protection, and smart contract reliability. In response to these considerations, we have implemented a series of stringent security measures, from contract design to protocol monitoring.
Simple is More Secure
SOFA's smart contracts, which carry the platform's core functionalities, follow the principle of "simple is more secure". This principle seeks to avoid unnecessary complexity to reduce potential security risks. The interaction between smart contracts is meticulously designed to ensure a streamlined and clear logical process, thereby minimizing the possibility of errors and vulnerabilities. Furthermore, all of the protocol's smart contracts are open source and transparent, providing a full auditable trial to any 3rd party observer.
Upgrade Mechanism
All Vault contracts will inherit OpenZepplin's Upgradeable contracts. Upon governance vote approval, contracts can be logically upgraded without changing the contract wallet address to ensure asset safety. This mechanism allows vulnerability fixes and function optimization with minimal disruption.
Multiple Smart Contract Audits
SOFA will continue to seek professional smart contract audits confirmations from the industry's top security firms to identify and fix potential security flaws. By the project launch, SOFA's contract code would have undergone several rounds of stringent inspections to meet the highest standard of security audits available. Furthermore, the same rigorous audit process will be repeated upon any significant protocol or functionality upgrades.
Find our audit reports here.
24/7 Monitoring for Anomalous Activity
To continuously ensure asset safety, SOFA has implemented a 24/7 anomalous activity monitoring system for the entire protocol. This system can detect and respond to unusual transaction patterns or behaviors in real-time, such as potential security attacks or abnormal fund flows. Upon detecting threats, our monitoring system can quickly trigger alerts and take necessary steps to prevent protocol damage.
Decentralized Attack Resistance
As a native DeFi protocol, SOFA operates over a decentralized server network, meaning there is minimal risk of system downtime due to a single point of failure. With blockchain's distributed architecture, data is replicated and stored across various nodes, enhancing the system's resilience and resistance to cyber attacks.
Decentralized server solutions offer the following advantages over conventional data servers:
- Enhanced Stability: By dispersing service nodes worldwide, we can ensure high reliability for our websites and dApp services, providing undisrupted services to protocol users.
- Improved Availability: Decentralized structure ensures that there are no central nodes that could become bottlenecks or single points of failure.
- Attack Resistance: Malefactors would need to compromise multiple nodes simultaneously to impact the service, significantly lowering the chance of success and bolstering protocol safety.
Protecting User Privacy
In addition to upholding our decentralisation principles, SOFA is a big proponent of user privacy and data protection. The protocol does not collect or store any personal information that can be used to identify users outside of their wallet addresses.
With judicious contract design, professional audit validation, around-the-clock monitoring, and decentralized operations, SOFA is dedicated to providing a safe, reliable, and privacy-protecting environment for all DeFi users.