FractionEstate
FractionEstate
Every audit of the FractionEstate platform — internal and external — is published here in full, including the findings count and resolution status. Investor and regulatory due-diligence teams can verify our security posture against this public record.
We publish completed audit reports in full once all critical and high findings have been resolved. Reports flagged as in progress are currently under review with their respective firm; we link them once the firm has signed off on the published version.
For coordinated vulnerability disclosure outside an audit engagement, see our SECURITY.md policy.
On-chain validators (Aiken) · 2026-04-22
Resolution: 25/25 resolved
Phase F security review of every Aiken validator: slippage enforcement, datum-amount invariants, recipient signatures, settlement race fix. All 25 findings resolved before Preprod redeploy. The full report is in docs/phase-f-security-audit.md (private until external audit).
On-chain validators (Aiken) · TBD
An external Aiken validator audit is on the roadmap before mainnet promotion. Engagement details and report will be posted here when contracted.
Penetration test (web + API) · TBD
Web + API penetration test scheduled before mainnet. Includes auth/session, KYC pipeline, treasury withdrawal flows, and admin-dashboard hardening verification.
Every audit of the FractionEstate platform — internal and external — is published here in full, including the findings count and resolution status. Investor and regulatory due-diligence teams can verify our security posture against this public record.
We publish completed audit reports in full once all critical and high findings have been resolved. Reports flagged as in progress are currently under review with their respective firm; we link them once the firm has signed off on the published version.
For coordinated vulnerability disclosure outside an audit engagement, see our SECURITY.md policy.
On-chain validators (Aiken) · 2026-04-22
Resolution: 25/25 resolved
Phase F security review of every Aiken validator: slippage enforcement, datum-amount invariants, recipient signatures, settlement race fix. All 25 findings resolved before Preprod redeploy. The full report is in docs/phase-f-security-audit.md (private until external audit).
On-chain validators (Aiken) · TBD
An external Aiken validator audit is on the roadmap before mainnet promotion. Engagement details and report will be posted here when contracted.
Penetration test (web + API) · TBD
Web + API penetration test scheduled before mainnet. Includes auth/session, KYC pipeline, treasury withdrawal flows, and admin-dashboard hardening verification.