# Security

{% hint style="danger" %}
Please reach out to **<security@loopfi.xyz>** if you have a security disclosure.
{% endhint %}

## Bug Bounty

There is an ongoing bug bounty for $100.000 on **code4rena**.

* **Bug Bounty:** <https://code4rena.com/bounties/loopfi#top>

## Audits

### **Audit 1 - Watchpug (Full protocol)**

* **Points Program:** <https://notes.watchpug.com/p/18f13f46b9eE_mgb>
* **Loop Protocol:**

  Report #01 <https://notes.watchpug.com/p/18ea3089e2esgBHp> \
  Report #02 [https://notes.watchpug.com/p/1909aa8a565HVvGe ](<https://notes.watchpug.com/p/1909aa8a565HVvGe >)\
  Report #03 <https://notes.watchpug.com/p/190becc04cemgrXz> \
  Report #04 <https://notes.watchpug.com/p/190c8fbf44ek5zZ4> \
  Report #05 <https://notes.watchpug.com/p/190dd9d39acrEJAv>

### **Audit 2 - Code4rena (Full protocol)**

* **Points Program:**&#x20;
  * <https://code4rena.com/reports/2024-05-loop>
  * <https://code4rena.com/audits/2024-05-loopfi#top>
* **Loop Protocol:**&#x20;
  * <https://code4rena.com/audits/2024-07-loopfi>

### **Audit 3 - Code4rena (Full protocol)**

* **Loop Protocol:**&#x20;
  * <https://code4rena.com/audits#completed-audits>

### **Audit 4 - Watchpug (USD Looping + Penpie)**

* **USD Looping:**&#x20;
  * [https://notes.watchpug.com/p/194fd8129c57dF1P](<https://notes.watchpug.com/p/194fd8129c57dF1P&#xA;>)
* **Penpie Integration:**
  * <https://notes.watchpug.com/p/195172e920dMC94_>
  * <https://notes.watchpug.com/p/1954ad23d79snXh9>
  * [https://notes.watchpug.com/p/1956031b374KRSUi](<https://notes.watchpug.com/p/1956031b374KRSUi&#xA;>)

## Risks

The Loop Protocol is designed with an emphasis on safety and security, yet, the inherent risks associated with any DeFi smart contracts are present. Our contributors have conducted extensive reviews of the smart contracts and conducted third-party audits to detect potential platform vulnerabilities before launch.

However, the potential of partial or total loss of your funds due to certain risks cannot be disregarded:

* **Smart Contract Vulnerabilities**
* **Depeg Events / Liquidations**
* **3rd Party Protocol Risk (i.e., Pendle)**
* **Bad Debt**
* **Key Management**
* **Reliance on Ethereum**
* **LRT Risk (i.e., Slashing)**

### Economic Risk

Additionally, some sections of the site display information about reward rates, yield rates or other transaction-related rates. These rates include additional tokens that could be earned through Loop and might be presented as "APYs", "APRs", or other similar terms. These are forward-looking projections, which, despite being based on historical data, are subject to many simplifications, assumptions, risks, and uncertainties. These could lead to a substantial variation in the eventual token-denominated 'Rate.' While these rates are not meant to be exact predictions of the actual future Rate of a Pool, they serve as illustrative projections likely to be eventually inaccurate.<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.loopfi.xyz/extras/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.