# Audits and Security Security is at the core of Plume’s commitment to providing a safe and reliable platform for real world asset tokenization. We work with trusted third-party auditors to regularly review our code, smart contracts, and integrations to identify and mitigate potential risks. By conducting thorough audits across key components of our infrastructure, we ensure that Plume’s platform maintains the highest standards of security and resilience. *** ### **Completed Audits** Below is a list of completed audits for core components of the Plume ecosystem. Each audit includes comprehensive reviews of smart contracts, bridge integrations, and staking mechanisms to protect user assets and ensure a secure experience on the Plume platform. 1. **Plume Chain Audits** * *Description:* The Plume chain is built on top of Arbitrum Nitro and Arbitrum Stylus, which power Plume's EVM-compatible interface, precompiles, interactive challenge protocol, native token bridge, and more. These open-source technologies are developed and maintained by the Arbitrum team. * *Audit Reports*: [View all Arbitrum audits](https://docs.arbitrum.io/audit-reports) 2. **Data Availability Layer Audits** * *Description*: Plume uses the AnyTrust data availability protocol developed by Arbitrum, which relies on a permissioned Data Availability Committee (DAC) to store transaction data off-chain. The committee issues cryptographic proofs of data availability that are posted on the parent chain, significantly reducing costs while preserving strong availability guarantees as long as at least one committee member is honest. * *Audit Reports*: [View all Arbitrum audits](https://docs.arbitrum.io/audit-reports) 3. **Multi-Chain Interoperability Audits** * *Description*: Plume's multi-chain interoperability is powered by LayerZero, and core tokens like PLUME and WETH use LayerZero's Omnichain Fungible Token standard on Plume. * *Audit Report*: [View all LayerZero audits](https://github.com/LayerZero-Labs/Audits/tree/main/audits) 4. **Cross-Chain Yield Audits** * *Description:* Plume supports natively cross-chain assets that can generate yield on any chain with our partner [Nucleus](https://nucleusearn.io). Their cross-chain vaults power [pUSD](https://docs.plume.org/plume/tokens/plume-usd), [Optimizer](https://docs.plume.org/plume/plume-portal/optimizer) and multi-chain vaults on Plume's flagship RWA staking protocol [Nest](https://nest.credit). * *Audit Report:* [View all Nucleus audits](https://github.com/Ion-Protocol/nucleus-boring-vault/tree/master/audit) 5. **Plume Staking Audits** * Description: Plume Staking allows users to delegate their PLUME tokens to validators who help secure the chain. In exchange, users earn PLUME rewards. The staking contract currently supports staking, delegation, and unstaking — with claiming and restaking rewards coming soon. * *OtterSec's Audit Report:* [*Link*](https://github.com/plumenetwork/contracts/blob/main/plume/audit/ottersec.pdf) * *Immunefi's Audit Report:* [*Link*](https://github.com/plumenetwork/contracts/blob/main/plume/audit/immunefi.pdf) *** ### **Ongoing Security Practices** In addition to external audits, Plume follows continuous security practices to maintain a safe environment for users: * **Continuous Monitoring**: Our team actively monitors the platform for any unusual activity, enabling rapid response to potential issues. * **Regular Code Reviews**: We conduct regular internal code reviews, ensuring ongoing adherence to best security practices across our codebase. * **Partnerships with Leading Auditors**: Plume partners with reputable auditing firms to perform thorough reviews of new contracts, features, and integrations before mainnet deployment. ### **Commitment to Transparency** Plume is dedicated to transparency in all security efforts. We publicly share audit reports and keep our community informed of any security updates. Our commitment to open reporting allows users to trust Plume with confidence, knowing our systems undergo continuous review and improvement. *** ### **Questions?** If you have questions about Plume’s security practices or would like to learn more about our audits, feel free to contact us at .