Security
Security & Audits
Topaz is built with security as a primary design constraint. Core contracts inherit the Aerodrome / Velodrome lineage — code that has been battle-tested across billions in TVL — with targeted enhancements that were reviewed independently by Shieldify Security ahead of mainnet.
Shieldify Security Audit
Audit Report
Topaz DEX Security Review
Conducted by Shieldify Security · published on their public audits portfolio
The review covers the Topaz core protocol — ve(3,3) lock and voting mechanics, gauge factory, bribe markets, fee distribution, and the concentrated-liquidity Slipstream modules with custom fee overrides and dynamic fee tiers. The full PDF is hosted on Shieldify's GitHub for independent verification.
Every deployed contract referenced in the audit is listed on the Contracts page with verified BscScan links, so the in-scope source can be cross-checked on-chain.
Contract architecture
Core contracts inherit from OpenZeppelin's audited implementations where possible. Each external function is guarded by the appropriate pattern:
- ✓Reentrancy guards on all external entry points that move funds.
- ✓Pausable admin functions for emergency response — granular per-pool / per-gauge, not protocol-wide.
- ✓Access control on privileged setters (fee manager, emergency council, pauser, vetoer) via OpenZeppelin Ownable / role patterns.
- ✓Safe math via Solidity 0.8 overflow checks; explicit unchecked blocks only where overflow is mathematically impossible.
- ✓EIP-2771 trusted forwarder support for meta-transactions, isolated to the Forwarder contract.
- ✓Event indexing on every state change for off-chain monitoring and analytics.
Immutability and upgradability
The protocol takes a specific stance on immutability vs. evolution: core contracts are immutable, factories are upgradable, and migration is opt-in by users.
- ✓Core: Pool, Gauge, VotingEscrow, Voter, Minter, RewardsDistributor, and the Governors are not upgradable. No admin proxy. The code on BscScan today is the code forever.
- ✓Factories: PoolFactory, CLFactory, GaugeFactory, CLGaugeFactory, VotingRewardsFactory, and ManagedRewardsFactory are managed by the FactoryRegistry. New factories can be approved to enable new pool variants over time.
- ✓Migration: when a new factory is approved, existing pools and positions are not forced to migrate. LPs and voters opt in by depositing into the new generation if they choose.
Admin controls
Privileged roles are deliberately narrow. Each role can perform its specific function and nothing more — there is no super-admin that can drain funds, change emission rates outside governance, or modify user balances.
The full admin role map is documented in Protocol Governance. Current role holders are visible on-chain via the verified contracts on the Contracts page.
Risk disclosure
DeFi carries inherent risks. The most relevant to Topaz:
- Smart-contract risk: even after audit, latent bugs are possible. Use the protocol at your own risk.
- Impermanent loss: LP positions can lose value relative to holding. Concentrated ranges amplify both fee yield and IL. See the IL primer.
- Governance risk: parameters within governed ranges can change. The bounds themselves (emission caps, fee caps, lock periods) are immutable. See Protocol Governance for what governance can and can't touch.
- Oracle risk: TWAP prices are manipulation-resistant but not perfect. Oracle-dependent integrations should use appropriate cardinality and window lengths. See Oracles & TWAP.
- Regulatory risk: DeFi protocols are not regulated as financial intermediaries in most jurisdictions; your local rules may apply.
- Operational risk:phishing sites, fake support, malicious approvals. Always verify URLs and never sign transactions you don't understand.
Participants should conduct their own research and never commit more than they can afford to lose.
Responsible disclosure
If you discover a vulnerability in any deployed Topaz contract, please report it privately before disclosing publicly. Reach out via Telegram to coordinate a private channel. Active bug-bounty terms are published separately and updated as the program evolves.