Security Overview
Tetu's development team makes every effort to ensure that smart contracts are safe and work as expected.

Tests

We are using Hardhat framework with typescript configuration.
Test framework - Mocha.
All test code has strict typification with typechain that dramatically reduces possible mistakes.
Over 200 tests for the base functionality and over 600 tests for strategy implementations.

Static analyzers

All code checked with solhint and slither

Test environment on Rinkeby

Fully functional code are deployed on Rinkeby test net.
Every business logic was tested on deployed contract with additional tests.
You can always try the last version contracts/UI on https://staging.tetu.io/

Audit

Tetu is audited by DeFiYield and PeckShield.

Central governance with GnosisSafe

Tetu team doesn't have access to users' funds.
All critical contracts that keep users' funds have 48 hours Timelock.
Any actions that can change critical contracts state under the control of MultiSig wallet 3/4.

Contract monitoring

We use https://tenderly.co/ for monitoring any unusual activity

Strict checking external platforms contracts

Each strategy development includes not only implementing base functionality but analyze the farmable platform and the fetching of all critical metrics.

Possible attack vectors and defense

Flash loan and Arbitrage

Currently, Tetu's smart contracts are not eligible for this kind of attack.
Our vaults have whitelist protection for deposit operations.
This makes the likelihood of any type of attack involving asset manipulation impossible.

Re-Entrancy

Currently, Tetu's smart contracts are not eligible for this kind of attack.
In case we use untrusted external calls, OpenZappelin best practive protection will be implemented.

Arithmetic Over/Under Flows

All math operations use OpenZappelin library SafeMath.

Functions visibilities

All critical functions checked with unit testing for unavailability for use on non-governance addresses.

Race conditions / Front running

User's assets are not eligible for this kind of attack in our contracts.
However, reward selling, theoretically, can be target of front running from sandwich bots.
For this reason, we use secured RPC providers like https://taichi.network/
And wrap our calls to other contracts for improve the protection of smart contracts' actions against front running.

Denial Of Service (DOS)

Currently, we are not eligible for this kind of attack.
We don't use any loops with external changeable arrays.
External calls have no way to provide DoS for our contracts.
Any new integrations will be checked for this kind of behavior.
Any ownership changes in our contracts have unit tests and can't lose control unexpectedly.
Our contracts are under the control of MultiSig wallet and any operations will be double-checked with Tetu team.

Floating Points and Numerical Precision

Any calculations triple-checked with different numbers and have 100% test coverage

Timestamp Dependence

We do not have any calculations that are possible to get additional money with logic based on block timestamp.

Other Possible Contract Weakness

Other possible attack vectors are too rare, out of date, or obviously covered with unit tests and static analyzers.