Skip to main content

Security

Locale Lending implements a layered security model spanning user, application, smart contract, and data layers.

Security Architecture

Security Layers
Application Security
Input validationRate limitingAccess control
Smart Contract Security
Audited contractsReentrancy guardsPausable
Protocol Security
Multi-sig adminTimelockEmergency stop
Cryptographic Layer
ZK ProofszkTLS AttestationsTEE Verification

Smart Contract Security

Audit Status

Audits Pending

Smart contract audits are in progress. This section will be updated with audit reports upon completion.

ContractAuditorStatus
StakingPoolTBDPending
SimpleLoanPoolTBDPending
BorrowerCredentialTBDPending
InvestorCredentialTBDPending
ProofVerifierTBDPending

Security Patterns

UUPS Upgradeable Proxy

All contracts use the Universal Upgradeable Proxy Standard:

FeatureDescription
Upgrade AuthorizationOnly DEFAULT_ADMIN_ROLE can upgrade
Timelock ProtectionPlanned delay on upgrades
Gas EfficientMinimal proxy overhead

Benefits:

  • Bug fixes without migration
  • Gas-efficient proxy pattern
  • Upgrade authorization controls

Reentrancy Protection

All fund-handling functions are protected with OpenZeppelin's ReentrancyGuard modifier:

Protected FunctionsDescription
stakeDeposit funds into pools
withdrawWithdraw funds from pools
disburseLoan disbursement
repayLoan repayment

Role-Based Access Control

RolePermissions
DEFAULT_ADMIN_ROLEFull administrative access
POOL_ADMIN_ROLEPool configuration
MINTER_ROLECredential minting
REVOKER_ROLECredential revocation
PAUSER_ROLEEmergency pause

Emergency Pause

Critical contracts can be paused in emergencies:

ActionRequired Role
PausePAUSER_ROLE (any of 5 guardians)
UnpauseDEFAULT_ADMIN_ROLE

Known Limitations

LimitationPlanned Mitigation
Centralized Admin KeysMulti-signature governance
Upgradeable ContractsTimelock on upgrades

Application Security

Authentication

  • Wallet-Based — Web3 wallet signatures
  • JWT Tokens — 1-hour expiry
  • Refresh Tokens — Extended sessions
  • httpOnly Cookies — XSS protection
  • CSRF Protection — Token validation

API Protection

ProtectionImplementation
Rate Limiting100-1000 req/min by endpoint type
Input ValidationZod schema validation
SQL InjectionPrisma parameterized queries
XSSContent Security Policy

Webhook Security

  • Signature Verification — Plaid webhook signatures
  • Secret Tokens — Automated task authentication
  • IP Allowlisting — Trusted sources only

Data Security

Encryption

Data TypeProtection
Plaid TokensAES-256 at rest
API KeysAWS KMS
TransitTLS 1.3

Privacy Principles

What we store:

  • Hashed commitments
  • Zero-knowledge proofs
  • Verification status

What we never store:

  • Raw financial data
  • Personal documents
  • Bank credentials

Operational Security

Multi-Signature Requirements

ActionRequired Signatures
Contract Upgrades3 of 5
Admin Role Grants2 of 3
Parameter Changes2 of 3
Emergency Pause1 of 5 (any)

Key Management

  • Hardware wallets for admin keys
  • 90-day API key rotation
  • AWS KMS for secrets

Monitoring

  • Real-time transaction monitoring
  • Anomaly detection
  • Alert escalation procedures

Bug Bounty Program

Locale operates a bug bounty program for responsible disclosure:

SeverityReward
CriticalUp to $50,000
HighUp to $20,000
MediumUp to $5,000
LowUp to $1,000

Scope

In scope:

  • Smart contracts
  • API endpoints
  • Frontend application
  • Authentication flows

Out of scope:

  • Social engineering
  • DoS attacks
  • Third-party services

Reporting

Incident Response

Response Timeline

PhaseTimeline
DetectionAutomated + manual monitoring
Triage< 1 hour
Containment< 4 hours
ResolutionDepends on severity
Post-mortemWithin 7 days

Communication

  • User notification for data breaches
  • Public disclosure after resolution
  • Regular security updates

Next Steps