Audits & Security


Tangible’s token contracts have been extensively audited by an external party, who utilized a combination of static analysis, automated tools, and a vigorous manual review process to provide security recommendations and sign-off. Our goal is to continuously add new audits to our repository, endeavoring to establish impenetrable security over the protocol and user funds.

No new code will be deployed without audit, unless during a period of crisis.

Tangible Custody will be audited annually. The audit will specifically cover the provenance of our goods, the integrity of our supply chain, and the flow of funds from purchasers to suppliers. It will also cover the details and quantities of all physical goods, to ensure they align precisely with every TNFT ever minted. This audit will be made publicly available.


All critical contracts in our protocol sit behind a proxy which allows the team and/or future governance votes to make critical updates without full redeployments. Given the nascent nature of this category, mutability is critical to survival, including giving the team immediate recourse in the event of an exploit of our protocol or a partner's.

As an RWA protocol, some level of centralization is already inherent in the protocol's design. That feature is embraced to ensure the users who have put their trust in Tangible will never have it broken due to the protocol’s inability to quickly respond to a crisis at the contract level.

Last updated