search

shield-checkCLMM Security & Audits

This page summarizes security assurances for Swap.io Liquidity (CLMM): audits, live bounty, verified deployment, and code/IDL verification.

hashtag
βœ… Audits

  • Raydium Base Audit (Q3 2022, OtterSec) The underlying CLMM design was audited by OtterSec. πŸ“„ View reportarrow-up-right

  • Swap.io Independent Audit (Apr 2025, Zenith Security) Our modifications to the Raydium fork were reviewed by Zenith Security. πŸ“„ View reportarrow-up-right

πŸ‘ Findings confirm our changes are limited in scope and do not introduce significant vulnerabilities.

hashtag
πŸ›‘οΈ Bug Bounty

We run a public bounty for responsible disclosure.

hashtag
πŸ“¦ Program Deployment (On-Chain)

hashtag
πŸ” Code & IDL Verification

Solscan Program Security Page provides:

  • Source Code Verified β€” deployed bytecode matches our open-source repo

  • Commit Reference β€” links to the exact audited commit

  • IDL Verified β€” interface is published and verified for safe integrations

  • Security Links β€” consolidated references for transparency

πŸ”— Solscan: Program Securityarrow-up-right

hashtag
🧾 Transparency Commitments

We publish and maintain:

  • Independent (upstream) and Swap.io audit reports

  • A live bug bounty program

  • Verified on-chain program ID & explorer profile

  • Source & commit verification + IDL for developers

βœ… Our goal is maximum verifiability for users, integrators, and auditorsβ€”and to uphold best practices in the Solana ecosystem.

Last updated