English

日本語
Español
Português
Русский
한국어
Türkçe
Tiếng Việt
Bahasa Indonesia
हिन्दी

English

日本語
Español
Português
Русский
한국어
Türkçe
Tiếng Việt
Bahasa Indonesia
हिन्दी

Appearance

Security

Security is one of the highest priorities in Pondora's design and development process. Every smart contract, module, and protocol change undergoes rigorous review before reaching mainnet. The architecture is built around the principle that user funds should be protected by on-chain validators — not by trust in any operator or off-chain service.

Pondora's self-custodial design means assets remain under user control at all times. Critical operations require cryptographic proofs verified on-chain, and safety mechanisms like time-locked self-withdrawal ensure users can always reclaim their funds, even if off-chain services become unavailable.

Completed Audits

All smart contracts deployed to mainnet have been independently audited by reputable Cardano security firms. Full audit reports are available as PDFs below.

V2 Audits — Invariant0

Pondora V2 Core (PlutusV3 Smart Account)

The PlutusV3 version of the Smart Account, covering:

  • Token Unlock Module (account abstraction, direct asset swaps, external dApp aggregation)
  • Defragmentation Module
  • One-time Unlock Module
  • Dependencies Module (service fees)

Download audit report (PDF)

Hyper Mode + Strategies

Additional core features added to the V2 Smart Account:

  • Hyper Mode — temporary delegation of signing authority for a limited period
  • Child Intents — the ability for intents to create or destroy others, enabling complex DeFi strategies

Download audit report (PDF)

V1 Audits — Anastasia Labs

Smart Account V1 (Pondora Core)

The original V1 Smart Account contract.

Download audit report (PDF)

NFT Marketplace Modules

The first modules to be audited — Pondora's NFT Marketplace contracts.

Download audit report (PDF)

Ongoing Security Practices

  • All new smart contracts and protocol changes are audited before mainnet deployment
  • On-chain validators independently verify every state transition — no off-chain claim is taken at face value
  • Safety mechanisms like self-withdrawal are enforced on-chain, ensuring fund recovery even if off-chain services go offline
  • The Echo consensus network uses threshold signatures so that no single party can forge approvals
  • Echo network participation can be independently tracked and verified at echo.pondora.org to confirm that network operation is sufficiently decentralized

Built by Pond Labs

Copyright © 2026 Pondora