Nested
  • Overview
  • General information
    • Fees distribution
    • Airdrop
      • Genesis Epoch
      • Other epochs
  • Instructions for use
    • βœ…Wallet and fiat on-ramp
      • Wallets management
        • Magic Link - recommended for newbies
        • How to extract your private key from a Magic Link wallet?
        • MetaMask
      • Purchase your first crypto
    • 🎭Manage Profile
      • Profile overview
      • Edit a profile
      • Share a profile
    • πŸ“ˆManage Portfolios
      • Original Portfolios
        • Create a portfolio
        • Edit Portfolio
          • Simple Deposit
          • Proportional Deposit
          • Buy
          • Edit allocations
          • Simple withdrawal
          • Proportional withdrawal
          • Buy/Sell/Convert
          • Deposit / Buy crypto / Convert
      • Copied Portfolios
        • Copy a portfolio
        • Deposit/Withdraw on a portfolio
        • Update a portfolio
      • Send a portfolio
      • Share a portfolio
      • Portfolio Overview
    • πŸ’°Manage Royalties
      • Royalties Overview
      • Claim
    • ⚠️Risks & Security
      • Using Nested safely
      • Disclaimer
      • Smart Contracts
        • Ethereum
        • Avalanche
        • Polygon
        • BNB Chain
        • Optimism
        • Arbitrum
    • 🎯Trouble Shooting
    • ☎️Additional support & content
      • More Support
      • More Content
  • Common questions
    • Why do we use NFTs?
    • How are assets stored and secured?
    • Are Nested portfolio assets rebalanced?
    • What happens when a user updates a Nested portfolio?
    • How illiquid assets are managed during the liquidation process?
  • Other
    • Terms & Conditions
    • Trading competitions - Terms & Conditions
Powered by GitBook
On this page
  • Smart contracts
  • Smart contract failures - bugs
  • Smart contract upgrades - Admin Keys
  • Smart contract attacks
  • Third parties
  • Network attacks
  • Web app

Was this helpful?

  1. Instructions for use
  2. Risks & Security

Smart Contracts

This page explains the various security risks inherent to smart contracts and the web in general

PreviousDisclaimerNextEthereum

Last updated 2 years ago

Was this helpful?

Smart contracts

All the Nested smart contracts addresses are mentioned in the following subpages of the documentation. For instance, you can find Ethereum Nested smart contracts here: Ethereum

Smart contract failures - bugs

Nested smart contracts were .

However, security audits do NOT eliminate risks completely. Please don’t supply your life savings – or assets you cannot afford to lose – to Nested.

Smart contract upgrades - Admin Keys

The Nested protocol is decentralized.

However, the engineers insuring maintenance are able to pause and unpause the smart contracts at will in case of a major issue.

Smart contracts CAN be upgraded with a timelock, which leaves ample time for the community to review changes.

Some functions of the protocol are privileged, and can be called by the technical team doing maintenance.

Nested will be transitioning to a DAO to be fully decentralized as soon as possible

We are securing smart contract access with multi-signatures wallets.

Smart contract attacks

The smart contracts involved in the Nested protocol have been battle-tested on code4rena ( & ), which has the reputation of gathering some of the best white hat hackers.

All major issues raised during the audit have been fixed.

There is no guarantee that smart contracts are flawless though – no system is entirely unbreakable.

Third parties

The Nested protocol greatly benefits from DeFi composability. Some protocols external to Nested are used to provide financial services to users. It includes, and is not limited to: 0x, Paraswap. It also includes all underlying protocols used by the ones listed.

Network attacks

Network failure & attack

Nested is a multichain protocol. There are inherent risks to using any of the blockchains supported e.g. 51% attack, network downtime etc.

Front Running & liquidity issues

On EVM-compatible (Ethereum-like) networks, users compete to have their transactions validated first. Often, bots try to front-run users to extract value. Nested protects users by allowing them to set the slippage (price tolerance) in all transactions.

Web app

DNS attack

A DNS attack on our website could allow a hacker to redirect users from Nested to a malicious website.

Nested will never ask any user for private keys, passwords, login information, or seed phrases of any sort. If you were to encounter such behavior from entities claiming to represent us, please block them and notify us immediately.

Stay safe!

πŸ’‘ Users are responsible to set the slippage accordingly to protect themselves from any front running and .

⚠️
audited
1st public contest
2nd public contest
sandwich attacks