Skip to main content
Vana smart contracts and core protocol components are audited by independent security firms. This page lists completed audit reports; it grows as the audit program continues.
Scope. The completed reports below cover earlier protocol components (token, staking, and data-access contracts). An audit covering the current data portability contracts has been commissioned with an independent firm — the report will be added here when it concludes. Third-party audits do not guarantee the absence of vulnerabilities; conduct your own due diligence.

Completed audit reports

Audited component(s)AuditorReport
DLPReward & VRC20NethermindView report
Data Access v0NethermindView report
Vana ContractsNethermindView report
veVANA TokensNethermindView report
DLPRoot RestructureNethermindView report
DLPRootV2NethermindView report
Vana ProtocolHashlockView report

Ongoing program

The audit program is continuous — major protocol updates and new components are audited as they ship. An audit of the data portability contracts, including the payment flow, has been commissioned with an independent firm and will be published here on completion. For the security model these audits sit within — trust boundaries, encryption, consent, and what can be independently verified today — see Security.