Security

Bug Bounty

We have an ongoing bug bounty on ImmuneFi, with up to $50,000 of bounty. The contracts that are included in the bounty are ETH and WBTC Theta Vaults.

Audits

Ribbon's v1 and v2 Theta Vault contracts are audited. Despite the audits and security measures we have taken, we advice users to exercise caution and to not risk funds they are not willing to lose.
Theta Vault v2 Audits:
Theta Vault v1 Audits:

System Roles

Currently, the protocol has a few privileged roles that help bootstrap the protocol at its initial development.
Role
Description
Admin
Multisig address that is able upgrade proxies for the Theta Vault contracts.
Owner
Multisig address that is able to set new keepers, set performance or management fees and override strike prices.
Keeper
EOA used to perform day-to-day operations of a Theta Vault.
Last modified 4mo ago