# Audits & Security

### Audits

Tangible’s token contracts have been extensively audited by an external party, who utilized a combination of static analysis, automated tools, and a vigorous manual review process to provide security recommendations and sign-off. Our goal is to continuously add new audits to our repository, endeavoring to establish impenetrable security over the protocol and user funds. 

**No new code will be deployed without audit,** unless during a [period of crisis](/protocol-overview/legal.md#periods-of-crisis).

Tangible Custody will be audited annually. The audit will specifically cover the provenance of our goods, the integrity of our supply chain, and the flow of funds from purchasers to suppliers. It will also cover the details and quantities of all physical goods, to ensure they align precisely with every TNFT ever minted. This audit will be made publicly available.

<table><thead><tr><th width="507">Audit (Issuer - Product)</th><th>Date Posted</th></tr></thead><tbody><tr><td><a href="https://omniscia.io/reports/tangible-ustb-contract-655fb224a7ddc0001831f72e/">Omniscia - USTB Contract Security Audit</a></td><td>Jan 31, 2024</td></tr><tr><td><a href="https://omniscia.io/reports/tangible-cross-chain-rebasing-token-655fab113e426a0018b0bffd/">Omniscia - Cross Chain Rebasing Token Security Audit</a></td><td>Jan 31, 2024</td></tr><tr><td><a href="https://omniscia.io/reports/tangible-nft-baskets-65b179009eeaeb0018a4839d/">Omniscia - Baskets</a></td><td>Feb 14, 2024</td></tr><tr><td><a href="https://omniscia.io/reports/tangible-tnft-v2-654b658635a6d00018202a55/">Omniscia - TNFT V2 Security Audit</a></td><td>Mar 4, 2024</td></tr><tr><td><a href="https://drive.google.com/file/d/1M_tVgECgx4NTOj-C06TVFF3Rl8cc6X2K/view?usp=sharing">Hacken - Baskets</a></td><td>May 8, 2024</td></tr><tr><td><a href="https://drive.google.com/file/d/1Msmo2gt43ghSGmIcggOsBaZ0lBMwuTtg/view?usp=sharing">Hacken - Wrapped Baskets</a></td><td>July 9, 2024</td></tr></tbody></table>

### Security

All critical contracts in our protocol sit behind a proxy which allows the team and/or future governance votes to make critical updates without full redeployments. Given the nascent nature of this category, mutability is critical to survival, including giving the team immediate recourse in the event of an exploit of our protocol or a partner's.

As an RWA protocol, some level of centralization is already inherent in the protocol's design. That feature is embraced to ensure the users who have put their trust in Tangible will never have it broken due to the protocol’s inability to quickly respond to a [crisis](/protocol-overview/legal.md#periods-of-crisis) at the contract level.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.tangible.store/protocol-overview/audits-and-security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.