Audits and Security

Security is at the core of Plume’s commitment to providing a safe and reliable platform for real world asset tokenization. We work with trusted third-party auditors to regularly review our code, smart contracts, and integrations to identify and mitigate potential risks. By conducting thorough audits across key components of our infrastructure, we ensure that Plume’s platform maintains the highest standards of security and resilience.

Completed Audits

Below is a list of completed audits for core components of the Plume ecosystem. Each audit includes comprehensive reviews of smart contracts, bridge integrations, and staking mechanisms to protect user assets and ensure a secure experience on the Plume platform.

1. Plume Chain Audits

   • Description: The current Plume mainnet chain is built on top of Arbitrum Nitro and Arbitrum Stylus, which power Plume's EVM-compatible interface, precompiles, interactive challenge protocol, native token bridge, and more. These open-source technologies are developed and maintained by the Arbitrum team.

   • Audit Reports: View all Arbitrum audits

2. Data Availability Layer Audits

   • Description: Plume is built with Celestia underneath, providing an efficient and decentralized data availability layer that greatly reduces transaction costs and increases resiliency.

   • Audit Report: View all Celestia audits

3. Multi-Chain Interoperability Audits

   • Description: Plume's multi-chain interoperability is powered by LayerZero, and core tokens like PLUME and WETH use LayerZero's Omnichain Fungible Token standard on Plume.

   • Audit Report: View all LayerZero audits

4. Cross-Chain Yield Audits

   1. Description: Plume supports natively cross-chain assets that can generate yield on any chain with our partner Nucleus. Their cross-chain vaults power pUSD, Optimizer and multi-chain vaults on Plume's flagship RWA staking protocol Nest.

   2. Audit Report: View all Nucleus audits

5. Plume Staking Audits

   1. Description: Plume Staking allows users to delegate their PLUME tokens to validators who help secure the chain. In exchange, users earn PLUME rewards. The staking contract currently supports staking, delegation, and unstaking — with claiming and restaking rewards coming soon.

   2. OtterSec's Audit Report: Link

Ongoing Security Practices

In addition to external audits, Plume follows continuous security practices to maintain a safe environment for users:

• Continuous Monitoring: Our team actively monitors the platform for any unusual activity, enabling rapid response to potential issues.

• Regular Code Reviews: We conduct regular internal code reviews, ensuring ongoing adherence to best security practices across our codebase.

• Partnerships with Leading Auditors: Plume partners with reputable auditing firms to perform thorough reviews of new contracts, features, and integrations before mainnet deployment.

Commitment to Transparency

Plume is dedicated to transparency in all security efforts. We publicly share audit reports and keep our community informed of any security updates. Our commitment to open reporting allows users to trust Plume with confidence, knowing our systems undergo continuous review and improvement.

Questions?

If you have questions about Plume’s security practices or would like to learn more about our audits, feel free to contact us at [email protected].