- The integration of multiple bridges and DEXs allows Rubic to switch off the provider that gets out of operation, and redirect the user to a different, working one.
- Rubic has a large infrastructure, team, and developer support, which allows for elaborating on more innovative measures to ensure the safety of swaps.
Rubic’s Security Principles
Sustainability
Due to the aggregation of 340+ bridges and DEXs, Rubic guarantees swaps and sufficient liquidity for a swap even if some of the providers stop operating, run out of liquidity, or get hacked. Thanks to Rubic’s model architecture (Cross-Chain, On-Chain, Status Manager, Token Manager, Revert Manager), it continues to execute basic functions even if there’s something wrong with other modules.Decentralization
Rubic doesn’t exploit any external servers: only Frontend and Blockchain. This significantly decreases attack vectors (like DDOS). To find the best swap deal for most of the cross-chain and on-chain providers, Rubic appeals to the provider’s API, and then the data is processed through their services.Open-Source Software
We’re built on open-source software: Our site, validators code, and smart contracts are publicly visible for maximum transparency (Github).Grants
Rubic has received grants from major blockchain platforms: Celer, deBridge, NEAR, Harmony One, Symbiosis, Bitgert, Polygon, and Telos.Team
The Rubic team has 20+ members. Our founders have large amounts of experience in the crypto space - starting in 2017 - and you can follow them on their socials. Check out LinkedIn or Twitter.Security Measures
- Audit by MixBytes
- Bug Bounty Program
- Status Monitoring
- Additional security practices: performance monitoring, accident management, and Rubic’s API & SDK Process Management.
Rubic’s Security Pillars
Performance Monitoring
To ensure the high performance of Rubic’s cross-chain tools, Rubic’s team utilizes Provider/Blockchain Monitoring Dashboard, scores providers for stuck transactions, daily volume, refunds, and checks out API live status. Rubic utilizes automated tools for monitoring social networks for any potential risks with bridges or chains. If any issues arise, we use direct channels of communication with all bridges and providers to react quickly.Accident Management
If any critical issue arises with one of Rubic’s integrated providers/blockchains, Rubic’s platform as well as Rubic’s API/SDK continue to function by taking the following measures: All of Rubic’s integrators are immediately notified (via Discord, Telegram).- A compromised provider/bridge is paused in the smart contract and switched off for all integrators, whereas Rubic continues operating by redirecting transactions to other providers.
- In case of any issues with Rubic’s API & SDK, Rubic takes the same actions — immediate notification of its integrators and switching off of the compromised provider/bridge. Rubic’s technical support is also ready to assist 24/7.
Rubic’s API & SDK Process Management
Continuous integration and collaboration with other projects allow Rubic to build up the most robust principles of testing, staging, and production environment. Seamless, fast, and secure API & SDK management is fulfilled by the following:- A code approval process includes the review of several developers and a release approval process includes the review of the Product Manager and QA.
- The smart contracts are audited.
- Rubic uses direct communication channels for updates (new version release updates, comments) to reduce the possibility of installing a compromised version.
Token Security Feature
Rubic App token selector has a special sign in front of every token. The sign shows whether the token is reliable, or if it could be a scam (as per the GoPlus database).
- The token is in the Go+ Trust List.
- The token has no elements of concern.
- The token code contains some low-risk elements of concern.
- The token code contains some high-risk elements of concern.