Security

Information about XCCY's security measures, audits, and responsible disclosure.

Security Overview

XCCY prioritizes security at every level of the protocol:

┌─────────────────────────────────────────────────────────────┐
│                    SECURITY LAYERS                          │
├─────────────────────────────────────────────────────────────┤
│                                                             │
│  1. Smart Contract Security                                 │
│     • Audits by professional firms                          │
│     • Formal verification where possible                    │
│     • Battle-tested libraries (OpenZeppelin)                │
│                                                             │
│  2. Access Control                                          │
│     • Role-based permissions                                │
│     • Timelock for admin actions                            │
│     • Multi-sig for critical operations                     │
│                                                             │
│  3. Oracle Security                                         │
│     • Multiple price sources                                │
│     • Staleness checks                                      │
│     • Deviation bounds                                      │
│                                                             │
│  4. Economic Security                                       │
│     • Conservative margin requirements                      │
│     • Liquidation incentives                                │
│     • Worst-case VY assumptions                             │
│                                                             │
└─────────────────────────────────────────────────────────────┘

Audits

Completed Audits

Auditor

Date

Scope

Report

[To be added]

[Date]

Core contracts

[Link]

Audit Scope

Audited contracts include:

VAMMManager
CollateralEngine
OracleHub
AprOracle
All adapters and libraries

Smart Contract Security

Best Practices Implemented

Practice

Implementation

Reentrancy Protection

ReentrancyGuard on all state-changing functions

Access Control

Ownable2Step for admin functions

Safe Math

Solidity 0.8+ with built-in overflow checks

Safe Transfers

SafeERC20 for all token operations

Custom Errors

Gas-efficient error handling

Upgradability

TransparentUpgradeableProxy pattern

Code Quality

Comprehensive test coverage
Fuzz testing for math operations
Invariant testing for critical properties
Continuous integration

Access Control

Admin Roles

Role

Capabilities

Holder

Owner

Protocol configuration

Multi-sig

VAMMManager

Update positions

Contract only

Timelock

Critical admin operations may be subject to timelock delays:

Action

Delay

Emergency pause

Immediate

Parameter changes

[Duration]

Contract upgrades

[Duration]

Oracle Security

Price Feed Security

Multiple Sources:
├── Primary: Chainlink
├── Secondary: Pendle TWAP
└── Fallback: Custom sources

Validation:
├── Staleness check (max age)
├── Deviation bounds (max change)
└── Sanity checks (reasonable range)

Rate Oracle Security

APR Sources:
├── Direct protocol queries (Aave, Compound)
├── On-chain calculations (ERC-4626)
└── TWAP for volatile sources (Pendle)

Buffer:
├── Historical rate storage
├── Interpolation for missing data
└── Multiple checkpoints

Economic Security

Margin System

The margin system is designed with conservative assumptions:

Worst Case VY: Uses conservative VY estimates for margin calculations
Discount Factors: Volatile collateral is discounted
Buffer Requirements: Positions need buffer above minimum

Liquidation Incentives

Liquidators are incentivized to maintain system health:

Receive all remaining margin from liquidated accounts
Inherit positions at potentially favorable prices
No protocol fee on liquidations

Bug Bounty

Program Details

Severity

Reward

Critical

[Amount]

High

[Amount]

Medium

[Amount]

Low

[Amount]

Scope

In-scope:

Smart contracts on mainnet
Oracle implementations
Integration vulnerabilities

Out-of-scope:

Frontend/UI issues
Already known issues
Theoretical attacks without PoC

Submission

Report vulnerabilities to: [[email protected]] (to be added)

Please include:

Description of vulnerability
Steps to reproduce
Potential impact
Suggested fix (optional)

Responsible Disclosure

Process

Report: Submit via secure channel
Acknowledge: We confirm receipt within 24 hours
Investigate: We assess severity and impact
Fix: We develop and test a fix
Deploy: Fix is deployed (with timelock if applicable)
Disclose: Public disclosure after fix is live
Reward: Bounty paid based on severity

Timeline

Step

Target Time

Acknowledgment

24 hours

Initial assessment

48 hours

Fix development

7-14 days

Deployment

Depends on severity

Known Limitations

Oracle Dependence

The protocol relies on accurate oracle data. Oracle manipulation or failure could affect:

Settlement calculations
Margin requirements
Liquidation triggers

Mitigations:

Multiple oracle sources
Sanity checks
Admin intervention capability

Smart Contract Risk

Despite audits and testing, smart contract risk exists:

Undiscovered bugs
Complex state interactions
Upgrade risks

Recommendations:

Start with small amounts
Monitor positions actively
Understand the risks

Emergency Procedures

Circuit Breakers

In case of emergency:

Protocol can be paused
Withdrawals remain possible
Positions freeze at last state

Recovery

If issues are discovered:

Pause trading
Assess impact
Deploy fix
Resume operations
Compensate affected users if needed

Security Contacts

Purpose

Contact

Security reports

[To be added]

General inquiries

[To be added]

Emergency

[To be added]

Best Practices for Users

Protect Yourself

Verify contracts: Always verify addresses before interacting
Start small: Test with small amounts first
Monitor positions: Check health factor regularly
Secure wallet: Use hardware wallet for large amounts
Understand risks: Read documentation before trading

Red Flags

Be cautious of:

Unsolicited DMs about XCCY
Fake websites or contracts
Requests for private keys
Too-good-to-be-true yields

Resources

Smart Contracts — Contract addresses
Risk Management — Understanding risks
Deployed Contracts — Verified addresses

PreviousOracle System NextGetting Started

Last updated 13 days ago