Audit and Bug Bounty

Security of the platform is our highest priority. All contract code and balances are publicly verifiable, and security researchers are eligible for a bug bounty for reporting undiscovered vulnerabilities.


Open Zeppelin has performed an audit on the oval-contracts repository. The audit can be viewed here.

Bug Bounty Program

Bugs in Oval are eligible for up to $1,000,000 in bounty. Please report bugs to

For more information about bug bounty eligibility, please see the UMA bug bounty page.

Last updated