Funds are SAFU
Security is our priority at Tempus and the Tempus team has done multiple things in order to increase the security of its smart contracts.
As part of the development process, all new code must be covered with both unit and integration tests. Pull Requests cannot be merged if there are failing tests or test coverage falls below a certain threshold. There are multiple automated tools being used as integral parts of CI to discover smart contract vulnerabilities.
Tempus has carried out three audits of the protocol so far:
Tempus has two active bug bounties:
All of Tempus' deployed smart contracts are part of these bug bounties, as well as the frontend app (app.tempus.finance).
The last step of protection is protocol-level smart contract exploit protection, for which Tempus has partnered with Sherlock.
Tempus is covered by up to $10,000,000 of protocol-level exploit coverage on all pools that are available on the Ethereum network. Initially, the Sherlock coverage will cover smart contract exploits at Ethereum L1. However, we hope to expand coverage to L2 in due course.
The partnership with Sherlock means that users are not required to obtain their own coverage and can rely on Sherlock to ensure that they are reimbursed in the event of a smart contract exploit.