🔎Glue's Security

Our core philosophy emphasizes the necessity for users to feel secure throughout the Glue ecosystem. We recognize that for retail users to fully embrace our platform, they must trust its security, particularly within our designated "Walled Garden."

We aim to build confidence by endorsing specific protocols and ensuring they meet our security standards. Our commitment extends beyond merely providing infrastructure; we actively work to address vulnerabilities and mitigate risks that could impact users.

We are implementing ecosystem audits as a key strategy to enhance security. This proactive approach allows us to identify and address potential vulnerabilities within the protocols integrated into our ecosystem.

We understand that if a protocol experiences a security breach, it affects Glue users as well. Therefore, our responsibility is to ensure that such issues are addressed promptly, even if the problem originates outside of our direct control. We aim to provide a secure environment by not only responding to incidents but also by preventing them.

We believe it is insufficient to simply distance ourselves from the problem; instead, we are committed to taking concrete actions to support affected users and resolve issues effectively. In the event of a security incident, Glue will actively engage with law enforcement to investigate and address the situation. Our response includes efforts to identify scammers and recover lost funds where possible.

We are dedicated to maintaining transparency with our users about our security measures and any updates related to our platform. Regular communication will include detailed reports on security audits, updates on new features or improvements, and information on how we are addressing any emerging threats.

Our aim is to keep users informed and reassured about the ongoing efforts to protect their experience on Glue.

Glue is committed to achieving a balance between user accessibility and security. The platform is designed to be intuitive and easy to learn, with the goal of enabling users to become proficient within half a day or less.

At the same time, Glue places a strong emphasis on security to protect users from scams and other risks. Although perfect solutions may not be available immediately, Glue’s focus is on improving accessibility to drive broader adoption. The platform targets retail users, differentiating itself from more complex DeFi platforms by providing a user-friendly experience that encourages daily use.

From a product perspective, it's important to note that multisig (multi-signature) is natively built into both Layer 1 and Layer 2. This native integration simplifies its use and enables a range of other applications beyond just wallets. This makes the multisig feature powerful and versatile, supporting many use cases while offering improved security.

The native multisig capability allows third parties to build services on top of Glue. For example, a security company could act as an additional signatory, providing an extra layer of approval for transactions. This prevents unauthorized access to your wallet, as any significant changes would require multiple approvals, ensuring security. This feature is not just limited to wallets but also extends to other applications, like financial advisories and institutional trading, offering a robust security mechanism and operational flexibility.

The Glue Security Fund aims to address security proactively by funding audits for companies on our platform, which enhances user safety.

Glue Security Fund is established from minimal transaction fees and is used to support security initiatives, such as auditing projects and recovering funds from malicious activities.

The bug bounty program is still in development, and we’re exploring various options to integrate it effectively with our security measures. Join our official channels to stay in the loop and to not miss any announcements.

Yes.

The Glue Security Fund is designed to be open to community input. Proposals for the deployment of capital from the fund can be submitted and voted on by the community. This approach allows developers to contribute ideas and work on enhancing security practices and tools, thereby accelerating the development of robust security measures.

Security audits can indeed be prohibitively expensive, often far exceeding what is necessary. Historically, the costs have been inflated, which can be a barrier for many projects. To address this, Glue is establishing the Glue Security Fund, which will cover the cost of audits for major, integrated, or strategic partners within the Glue ecosystem.

This initiative aims to enhance overall system security, provide financial relief to developers, and encourage more projects to build on Glue. By handling audits ourselves, we can ensure that the cost is manageable and that projects have an incentive to maintain high security standards.

One issue with current audit practices is that some projects receive audit reports with significant vulnerabilities but choose to ignore them, leading to potential exploits.

At Glue, we aim to rectify this by ensuring that audit results are handled transparently. Our goal is to address vulnerabilities openly and help projects fix them before launch, rather than allowing issues to be hidden. This approach helps prevent exploits and ensures that projects are held accountable for security issues.