Security

Security

Pool Party is a self-custodial DeFi platform on Base. Your funds stay in your own wallet until you deposit them into a strategy smart contract, and every deposit, position, and withdrawal is on-chain and publicly verifiable. This page states plainly what that protects you from, what it does not, and how to verify things for yourself.

Self-custodial by design

Pool Party never takes custody of your assets. There is no deposit account, no internal balance, and no employee who can move, freeze, or seize your funds. You connect your own wallet, you sign every transaction, and positions are held by smart contracts you interact with directly. If pool-party.xyz went offline tomorrow, your positions would remain yours on-chain.

What self-custody does not remove

Self-custody removes counterparty custody risk. It does not remove smart contract risk (code can have bugs), market risk (token prices move, impermanent loss is real), or key risk (whoever holds your seed phrase holds your funds). Honest security means naming all three, not promising they are gone.

Audits

Our policy is simple: we only badge an audit we can link. Each published audit report will be listed on this page with the auditor's name, the report date, a link to the full report, and the audited contract addresses with BaseScan links. If a report is not listed here yet, do not assume coverage. Treat that as the current state and size your positions accordingly.

Admin keys and upgrades

Who can upgrade a contract matters as much as the audit. We will document the admin-key and upgrade model for each contract on this page (who holds keys, whether a multisig or timelock applies) alongside its address. Until an address and its model are published here, verify the contract you are interacting with directly on BaseScan.

How to verify for yourself

Report a vulnerability

If you believe you have found a security issue, report it privately. Reach the team through GitHub or the moderators in our Discord. Please do not disclose publicly before we have had a chance to respond.