Security Audits
BNHP undergoes continuous security auditing by industry-leading firms. All audit reports are published in full to ensure maximum transparency.
Audit Schedule
| Auditor | Scope | Status | Report |
|---|---|---|---|
| CertiK | Core Protocol Contracts | Scheduled Q3 2025 | Pending |
| Trail of Bits | DEX Engine & Oracle | Scheduled Q3 2025 | Pending |
| OpenZeppelin | Token & Vesting Contracts | Scheduled Q2 2025 | Pending |
| Halborn | Bridge & Cross-chain | Scheduled Q4 2025 | Pending |
Audit Process
Each audit follows a structured process to ensure comprehensive coverage:
Scope Definition. Before each audit, BNHP's engineering team works with the auditing firm to define the exact scope of the review, including all in-scope contracts, dependencies, and known areas of concern.
Manual Review. Auditors perform a line-by-line manual review of all in-scope code, looking for logic errors, reentrancy vulnerabilities, integer overflows, access control issues, and other common smart contract vulnerabilities.
Automated Analysis. In addition to manual review, auditors run automated tools including Slither, Mythril, and Echidna to identify potential vulnerabilities that may be missed by manual review.
Remediation. All findings are shared with the BNHP engineering team, who address each issue before the final report is published. Critical and high-severity findings must be resolved before deployment.
Public Disclosure. Final audit reports, including all findings and their resolutions, are published on this page and on the auditing firm's website.
Responsible Disclosure
If you discover a security vulnerability in the BNHP protocol, please report it through our Bug Bounty Program rather than disclosing it publicly. We are committed to working with security researchers to address vulnerabilities quickly and fairly.