Finn Exchange is built with safety in mind. Every step of the way we made sure that no attack angles existed. All funds are stored safely on the Finn Exchange smart contract. Below is a list of some of the security measures employed:
- IP-restricted access to frontend CDN
- Domain SSL long term certificate
- 2FA authentication for datacenter access
- MetaMask and Ledger Nano S integration
- Pipeline deployment for frontend code
We do not store any fund related information on the backend. The user owns his/her private keys. Nobody can access the funds without having the private keys.
- IP-restricted access
- Strong Firewall protection
- Trading contract cannot be changed in the base contract after deployment
- All fund operations require a signature from the owner.
- Escape hatch for stuck contracts (if the oracle doesn't settle the futures contract within 2 hours, all collaterals are released)
- The Oracle contract cannot be changed after deployment (to prevent price feed hacking)