Mongo Finance
Mongo Finance Logo
MONGOFINANCE

Security & Audits

We'd rather be honest with you upfront than reassure you with words we can't back up yet. Here's exactly where things stand on security — no fluff.

⚠️ Not yet audited

We're on the Monad testnet and our smart contracts haven't gone through a formal third-party security audit. That's the truth, and we think you deserve to know it clearly before interacting with anything.

This is testnet — treat it like one. Don't use funds you'd be upset to lose. Audits are locked in as a milestone goal and will happen before any meaningful mainnet launch.

What we're doing in the meantime

Unaudited doesn't mean careless. These are the standards we hold ourselves to right now:

Thorough test coverage

Every contract ships with unit and integration tests. We don't push code we haven't broken and put back together at least a few times first.

Proven foundations

Where possible, we build on architectures that have already been picked apart by the best security researchers in the space. MongoSwap is based on UniswapV2 — billions in TVL and years of scrutiny behind it. We don't reinvent what's already battle-hardened.

Everything is documented

How each protocol works is written out in this documentation. If something looks wrong, smells off, or doesn't add up — we genuinely want to hear about it. Open DMs, no gatekeeping.

The audit plan

Once we hit our funding milestones, audits are the first thing on the priority list — not an afterthought. Here's the order we'll go in:

1

MongoDirect Escrow Engine

The P2P matching and settlement contract. It's the most user-facing piece of infrastructure we have, so it goes first. Users' funds flow through it directly — it has to be airtight.

2

$MONGO Staking & Reward Distribution

The staking contract and fee distribution logic. Once real token value is at stake, this needs a clean bill of health.

3

MongoSwap AMM

Liquidity pools, routing logic, and dynamic fee mechanics. UniswapV2 as the base gives us a solid head start, but we'll still get it reviewed independently.

If you have questions about security or want to flag something, reach out directly on X (@mongo_finance).