Security at TradeIt
We take the security of user funds seriously. Here's an honest picture of where we are and what we're working toward.
Smart Contracts
All TradeIt smart contracts are deployed on Base and publicly verifiable. Anyone can inspect the code and transaction history.
Our Approach
How we think about and handle security at every layer of the platform.
Non-custodial by design
We never hold your funds. Entry fees are locked in smart contracts and can only be released according to the contract rules — not by us.
Open source contracts
Our smart contract code is publicly available. Anyone can read, verify, and scrutinise exactly how funds are handled.
Audit in progress
We are working with independent security researchers to audit our smart contracts. Results will be published here when complete.
Bug bounty
We reward responsible disclosure of security vulnerabilities. If you find an issue, report it to security@tradeit.finance before disclosing publicly.
Report a Vulnerability
Found a security issue? Please disclose responsibly. Email us before making any information public. We review all reports and respond within 48 hours.
- Smart contract vulnerabilities
- Fund loss or theft vectors
- Competition result manipulation
- Authentication or access control issues
Use at your own risk
TradeIt is an early-stage platform. While we take security seriously and are working toward a professional audit, no software is completely free of risk. Only participate with funds you can afford to lose.