SECURITY & TRUST

Security Is Architecture, Not a Feature.

TrustSwap's smart contracts are non-custodial by design, independently audited by multiple security firms, and open-source — so any party can verify the architecture before trusting it with assets.

Non-Custodial Architecture
4 Independent Audits
Open-Source Contracts

Audited By

CertiK·Hacken·BailSec·Zokyo
ARCHITECTURE

Designed to Remove the Need for Trust.

The most reliable security mechanism is one that does not require users to trust a central party. Assets are controlled by smart contracts — not by TrustSwap.

Non-Custodial by Design

TrustSwap does not hold, control, or have access to any assets locked through Team Finance. Assets are controlled exclusively by the smart contracts you deploy — TrustSwap cannot move them under any circumstances.

Architecturally enforced — not a policy.

Open-Source Contracts

Team Finance smart contracts are open-source and publicly verifiable on all supported blockchains. No hidden logic. No proprietary black boxes.

Verified on-chain.

Immutable Deployments

Once deployed, token lock and vesting contracts are immutable. Their terms cannot be altered by TrustSwap, the project team, or any third party after deployment.

Cannot be altered post-deployment.

No Admin Keys on User Contracts

TrustSwap does not retain administrative keys or upgrade permissions on user-deployed contracts. You own your contracts.

Zero admin access retained.
Every architectural claim on this page is documented in our public audit reports. No security property is asserted without independent verification.
INDEPENDENT SECURITY AUDITS

Verified by Multiple Independent Security Firms.

Team Finance smart contracts have been independently audited by leading blockchain security firms. Each audit report is publicly available in full — no summaries, no redacted findings.

CertiK

CertiK

SCOPE: Team Finance V2 — Full Contract Suite, 2023.

✓ Production Cleared

Full contract suite reviewed and cleared for production deployment.

Hacken

Hacken

SCOPE: Team Finance V1 — Locking & Vesting, 2022.

✓ Independently Verified

Locking and vesting infrastructure independently verified.

BailSec

BailSec

SCOPE: Team Finance V2 — Staking Module, 2023.

✓ Senior Auditor Reviewed

Staking module cleared through senior auditor review prior to launch.

Zokyo

Zokyo

SCOPE: Team Finance V2 — Token Locks & Vesting, 2024.

✓ EVM Verified

Token lock and vesting contracts verified across EVM deployments.

Every Line of Code Audited Before It Goes Live.

TrustSwap maintains ongoing relationships with four independent security firms. No contract is deployed to production without prior independent review. All audit reports are publicly available in full.

KYC-Verified Capital Raises

Every capital raise facilitated through the TrustSwap Launchpad requires mandatory identity verification. All participants undergo full KYC, KYB, and AML screening before accessing any raise — powered by two of Web3's leading compliance infrastructure providers.

Blockpass
KYC / KYB / AML screening
Sekuritance
Identity verification & sanctions screening
ONGOING SECURITY PRACTICES

Security as a Continuous Practice.

Audits establish a baseline. Ongoing operations maintain it.

Bug Bounty Programme

TrustSwap operates an active bug bounty programme rewarding security researchers who identify and responsibly disclose vulnerabilities. Rewards tiered by severity.

Up to $50,000 USD

Responsible Disclosure Policy

Security researchers who identify potential vulnerabilities are asked to contact TrustSwap privately before public disclosure. We acknowledge all reports within 2 business days.

Contract Monitoring

Team Finance contracts are monitored continuously for anomalous activity across all supported networks. Automated alerting for unusual transaction patterns, volume spikes, and parameter anomalies.

New Contract Audits

All new smart contracts destined to production undergo independent security audit before launch. No new contract code reaches production without independent review — regardless of scope size.

RESPONSIBLE DISCLOSURE

Found a Vulnerability? Tell Us First.

If you have identified a potential security vulnerability in TrustSwap's smart contracts or infrastructure, contact us privately before any public disclosure. We take all reports seriously, respond promptly, and operate a bug bounty programme for qualifying disclosures.

1

Submit Your Report

Email a description to info@trustswap.org. Include the affected component and steps to reproduce if possible.

2

Assessment & Acknowledgement

We will acknowledge your report within 3 business days and provide an initial severity assessment.

3

Remediation & Reward

Once validated and remediated, we will notify you and process any applicable bug bounty reward.

Reports sent to info@trustswap.org are reviewed by the TrustSwap security team. Response guaranteed within 2 business days.

Built for Projects That Cannot Afford to Get Security Wrong.

Every architectural decision, every audit commitment, and every disclosure policy is designed for the projects and investors who trust Team Finance with their on-chain assets.

SECURITY RESEARCHERS

Report a Vulnerability.

Identify something we've missed? Contact info@trustswap.org privately before disclosure.

Submit a Report →