🔐Security

Security is one of the highest priorities for us in Rango and we aim to make sure our users are not. To achieve this goal we abide by security best practices in industry.

Smart Contracts:

Rango never deploys un-audited smart contracts and we avoid exposing users to risks. Our smart contracts go through rigorous internal and external audits before being used in production. ( Link to Audit reports https://docs.rango.exchange/smart-contracts/audit-reports)

Rango uses multi-signature admins wherever necessary.

Protocol Security

Rango never implements a weak protocol. All bridges/DEXs go through a security vetting mechanism before implementation to ensure user safety. Rango Operation Department always monitors on-chain activity and disables affected protocols which have confirmed incident(s) or security breaches.

SSL, WAF, Dos & DDoS Protection & Rate Limits

Rango uses ssl for all communications, all traffic is encrypted from user to edge and origin servers with trusted SSL keys.In addition Rango uses WAF with adaptive rules to detect any attacks and prevent suspicious activity. IDP systems are in place for rapid response to any security issue(s) or attacks as they arise.

Application Layer

Rango has implemented circuit breakers, pausing mechanisms and health checks. If any protocol does not look healthy in terms of uptime or liquidity, it is dynamically dropped out of our routing system. The tokens available on our platform are dynamically retrieved from underlying bridges and dexes. We also check for honeypots and tax tokens using third party APIs.

Infrastructure:

Our infra uses several hardware and software-based firewalls.