Security

The DeFi applications have been constantly exposed to cybersecurity risks, which InsurAce intends to resolve via finely designed insurance products. As a fundamental risk management platform for the whole DeFi ecosystem, the security for the InsurAce platform per se will be more critical than any other application. To build a highly secure and resilient protocol, we will adopt the best practices in the industry, such as:

(1) Smart contract audits

We will invite third-party independent audit companies to audit the smart contracts of InsurAce, detect, identify, and eliminate the potential contract vulnerabilities through rigorous code review, testing, and white-hat hacking before the protocol launch. The audit reports will be released to the public.

(2) Deploy up-to-date security solutions

There are security solutions to monitor the network's health status, on-chain activities, oracle dependencies, admin key details, and more. InsurAce will adapt to surveil and enhance the platform's security.

(3) Develop effective security incident response processes

With the implementations of the above security controls, it is equally important to respond to cybersecurity incidents appropriately. In the event when a security breach occurs, the InsurAce security team will respond timely with contingency plans, such as:

  1. Suspend or terminate part or all functions of smart contracts;

  2. Add a pending session to some suspicious and large transactions;

  3. Revert suspicious transactions and trace back the root cause;

Overall, it is never overstated to enhance the platform's security capabilities. With InsurAce as a secure and resilient insurance protocol, the whole DeFi community will also be benefited in the long run.