LogoLogo
  • Introduction
    • Get started
  • Kiln Products
    • Overview
    • 🧱Validators
      • ⛓️Protocols
        • Algorand (ALGO)
        • Aptos (APT)
        • Avalanche (AVAX)
        • Babylon (BABY)
        • Berachain(BERA/BGT)
        • Cardano (ADA)
        • Celestia (TIA)
        • CoreChain (CORE)
        • Cosmos (ATOM)
        • Cronos (CRO)
        • DyDx (DYDX)
        • Ethereum (ETH)
        • Eigenlayer (EIGEN)
        • Fetch.ai (FET)
        • Flare (FLR)
        • Harmony (ONE)
        • Injective (INJ)
        • Iota (IOTA)
        • Kava (KAVA)
        • Kusama (KSM)
        • Mantra (OM)
        • MultiversX (EGLD)
        • Near (NEAR)
        • Oasis (ROSE)
        • Osmosis (OSMO)
        • Peaq (PEAQ)
        • Polkadot (DOT)
        • Polygon (POL - ex MATIC)
        • Sei (SEI)
        • Solana (SOL)
        • Stacks (STX)
        • Starknet (STRK)
        • Story(IP)
        • Sui (SUI)
        • Symbiotic (SYM)
        • Tezos (XTZ)
        • The Open Network (TON)
        • Tron (TRX)
        • Zetachain (ZETA)
    • 🎆Connect
      • Accessing Kiln Connect
      • API specs
      • Postman Demo
      • SDK
        • Getting started
        • How to find Kiln's validators
        • Upgrade guide from v2 to v3
      • Tutorials
        • SOL - Tag a stake
        • DYDX - How to bridge your rewards
      • Kiln Connect FAQs
    • 🚀Dashboard
      • Architecture
      • Staking
        • Cardano (ADA)
        • Celestia (TIA)
        • Cosmos (ATOM)
        • Cronos (CRO)
        • DYDX (DYDX)
        • Ethereum (ETH)
          • Native EigenLayer Restaking
          • Deposit into compounding validators
          • Convert skimming validators to compounding validators
        • Fetch.ai (FET)
        • Injective (INJ)
        • Kava (KAVA)
        • Kusama (KSM)
        • Mantra (OM)
        • Near (NEAR)
        • Osmosis (OSMO)
        • Polkadot (DOT)
        • Polygon (POL)
        • Solana (SOL)
        • Tezos (XTZ)
        • The Open Network (TON)
        • TRON (TRX)
        • ZetaChain (ZETA)
      • Reporting
        • Cardano (ADA)
        • Celestia (TIA)
        • Cosmos (ATOM)
        • Cronos (CRO)
        • DYDX (DYDX)
        • Ethereum (ETH)
        • Fetch.ai (FET)
        • Injective (INJ)
        • Kava (KAVA)
        • Kusama (KSM)
        • Mantra (OM)
        • Near (NEAR)
        • Osmosis (OSMO)
        • Polkadot (DOT)
        • Polygon (POL)
        • Solana (SOL)
        • Tezos (XTZ)
        • The Open Network (TON)
        • Tron (TRX)
        • ZetaChain (ZETA)
      • Unstaking
        • Cardano (ADA)
        • Celestia (TIA)
        • Cosmos (ATOM)
        • Cronos (CRO)
        • DYDX (DYDX)
        • Ethereum (ETH)
          • Native EigenLayer Withdraw Flow
          • Partial withdraw liquidity
        • Fetch.ai (FET)
        • Injective (INJ)
        • Kava (KAVA)
        • Kusama (KSM)
        • Mantra (OM)
        • Near (NEAR)
        • Osmosis (OSMO)
        • Polkadot (DOT)
        • Polygon (POL)
        • Solana (SOL)
          • Deactivate
          • Merge
          • Split
          • Withdraw
        • Tezos (XTZ)
        • Tron (TRX)
        • The Open Network (TON)
        • ZetaChain (ZETA)
      • Import stakes
      • Move stakes
      • Invite a user to your organization
      • Troubleshooting
      • 🎓Tutorials
        • Cosmos Chains - Auto-compound a stake
      • Dashboard FAQs
    • 📥dApp
      • ETH staking
      • EigenLayer
        • Operator delegation
        • Native restaking
        • Liquid restaking
      • 🔒Security
      • Kiln dApp FAQ
    • ⛓️Onchain
      • 🙋‍♀️Dedicated Validators
        • Key concepts
          • Deposit Flow
          • Rewards Management
          • Unstaking
        • How to integrate
          • 1. Contract Interactions
          • 2. Administration
      • 🤽‍♂️Pooled Staking
        • Key concepts
          • Staking Positions
          • Oracle Reports
          • Exit & Withdrawal
        • How to integrate
          • 🐎Getting Started
          • 🏗️Architecture overview
          • 😊User experience
          • 📃Integration contract
          • ⛑️Contract governance
          • ℹ️Contract ABI
          • 📥Using TheGraph
          • 🥩Staking Interactions
            • Staking
            • Rewards
            • Unstaking & Withdrawals
      • 🎡Tokenized Validators
      • 🎩Node Operators: how to integrate
        • Dedicated Validators (v1)
          • Manage Validators
        • Pooled Staking
          • 1. Using TheGraph for Setup
          • 2. Deploying vPool
          • 3. Key Provisioning in vFactory
          • 4. Oracle Daemon
          • 5. Depositing via Integration Contracts
          • 6. Exit Daemon
          • 7. Deploy Integration Contract (optional)
      • 🔓Security
        • Staking Risks
        • Audits & Bug Bounties
        • Business Continuity
        • Source code
    • 💰DeFi
      • 🦋Morpho via Kiln DeFi
      • 💻How to integrate?
        • Smart contract interactions
        • Governance
        • Reporting data
        • Administration
        • Supported DeFi Protocols
        • Additional Rewards Management
      • 🔓Security
        • Risks
        • Audits & Bug Bounty
        • Pause
        • Source code
        • Compliance Features
      • Kiln DeFi FAQ
    • 🪄Widget
      • 🧑‍🎨Customize - Widget Editor
      • ☄️Integrate - No/Low Code
    • 🛠️More Tools
      • ETH Batch Deposit Contract
      • Safe CD
  • Integrations
    • 🔭Plan your integration
    • 🔌Integrate Kiln products
    • 📱Wallets
      • Stake from Ledger Live
        • Direct Staking
        • Using Kiln Widget
          • DeFi Lending in Ledger Live
        • Using Kiln dApp
          • Dedicated Validators
          • Pooled Staking
          • EigenLayer Restaking
      • Stake from Safe{Wallet}
        • How to stake ETH on Safe & FAQ
        • DeFi Lending in Safe{Wallet}
        • Using Kiln dApp
      • Stake from Squads
    • 🏢Custody platforms
      • Stake from Anchorage
      • Stake from Bitgo
      • Stake from Coinbase Custody/Prime
      • Stake from Copper
      • Stake from Cordial Systems
      • Stake from DFNS
      • Stake from Finoa
      • Stake from Fireblocks
      • Stake from Fordefi
      • Stake from Hex Safe
      • Stake from Ledger Enterprise
      • Stake from Metamask Institutional
      • Stake from Rakkar
      • Stake from Utila
  • Working with Kiln
    • ☑️Staking & DeFi Track Record
    • ✅Security & Insurances
    • ☎️Support
      • FAQs
        • Enzyme FAQ
        • EigenLayer FAQ
        • Kiln x Safe{Wallet} FAQ
        • Ledger Live FAQ
Powered by GitBook
On this page
  • Kiln Onchain Dedicated Staking v1
  • Resources
  • Audits
  • Bug Bounty
  • Kiln Onchain Platform ("v2")
  • Kiln Operator Infrastructure
  • Bug Bounty

Was this helpful?

Export as PDF
  1. Kiln Products
  2. Onchain
  3. Security

Audits & Bug Bounties

PreviousStaking RisksNextBusiness Continuity

Last updated 7 months ago

Was this helpful?

Kiln aims to provide a secured and enhanced experience of staking through the different Kiln On-Chain smart contract platforms.

On-Chain products have been audited multiple time by various security firms and are under exhaustive monitoring and security practices to limit security risks as much as possible.

Kiln Onchain Dedicated Staking v1

Resources

Resource
Link

Source Code (Smart Contracts only)

Ledger Live mainnet

Ledger Live testnet

Other mainnet and testnet deployments

Audits

Security firm
Audit link
Scope
Date

not available

July 21st 2022 March 15th 2023

July 22nd 2022

July 27th 2023

not available

July 21st 2022 March 15th 2023

Bug Bounty

A $1,000,000 max bounty program is live since 21 August 2023. All bug reports must come with a working PoC impacting asset listed in the "Assets in Scope" section of the program which only addresses smart contracts.

Kiln Onchain Platform ("v2")

Security firm
Audit link
Date

July 27th 2023

Kiln Operator Infrastructure

Kiln is SOC 2 Type I and SOC 2 Type II certified and has been undergoing multiple penetration testings and audits from third parties.

Bug Bounty

  • Immunefi

A $500,000 max bounty program is live since September 9th 2024. All bug reports must come with a working PoC impacting asset listed in the "Assets in Scope" section of the program which only addresses smart contracts.

Audit report is available upon request .

Certifications and audits reports are available upon request .

⛓️
🔓
Cantina
Immunefi
here
Cantina
https://github.com/kilnfi/staking-contracts/tree/master
https://etherscan.io/address/0x1e68238ce926dec62b3fbc99ab06eb1d85ce0270
https://goerli.etherscan.io/address/0xe8Ff2a04837aac535199eEcB5ecE52b2735b3543
https://github.com/kilnfi/staking-contracts/tree/master/deployments
Ledger Donjon
Smart Contracts
Halborn
Report
Smart Contracts
Spearbit
Report
Smart Contracts
Ledger Donjon
Ledger Nano Plugin
Spearbit
here