Security status

Security claims should be boring.

This page is the public security status surface for 4626.fun. It is intentionally conservative: no audits, bounties, live contracts, or guarantees are claimed unless they are verified and published.

Pre-launch public surface Audit claims: none published Bug bounty: TBD Disclosure: hello@4626.fun

Current status

Product

Pre-launch / demo previews

Public demo vaults are illustrative previews. Vault availability, contract status, and launch status should be verified from this page or the docs before use.

Audits

No completed audit claimed here

If an audit is scheduled, in progress, or completed, this page should link directly to the report or the public status update.

Controls to publish before launch

Contract addressesOfficial Base contract addresses, Basescan links, and deployment version. Do not rely on addresses from social posts, DMs, or screenshots.

Admin and multisig modelAny owner, Safe, signer, timelock, module, pause, or upgrade details that affect protocol control.

Emergency policyWhether pause or incident-response controls exist, who can trigger them, and how users will be notified.

Bug bountyFormal program details when available. Until then, responsible disclosure is the path.

Responsible disclosure

Report a vulnerability

Email hello@4626.fun with affected URLs or contracts, reproduction steps, expected impact, and your contact information.

Do not exploit

Do not access, modify, disclose, or destroy user data. Do not move funds, disrupt service, or publicly disclose an issue before it can be triaged.