# Security Audits

Brava smart contracts undergo comprehensive security audits by leading blockchain security firms. All audit reports are publicly available.

#### Completed Audits

<table><thead><tr><th width="161">Auditor</th><th width="151">Date</th><th>Scope</th><th data-type="content-ref">Report</th></tr></thead><tbody><tr><td>SigmaPrime</td><td>January 2025</td><td>Core contracts, actions, and governance</td><td><a href="https://github.com/sigp/public-audits/blob/master/reports/brava/report.pdf">https://github.com/sigp/public-audits/blob/master/reports/brava/report.pdf</a></td></tr><tr><td>SigmaPrime</td><td>November 2025</td><td>Module Integrations: CCTP, ZeroEx, EIP712 Typed Data Safe Module</td><td><a href="https://github.com/sigp/public-audits/blob/master/reports/brava/module-integrations/report.pdf">https://github.com/sigp/public-audits/blob/master/reports/brava/module-integrations/report.pdf</a></td></tr></tbody></table>

#### Audit Scope

Audits cover:

* **Core Contracts:** SequenceExecutor, AdminVault, Logger, SafeDeployment
* **Action Contracts:** Protocol adapters and utility actions
* **Governance:** Role-based access control and time-delayed proposals
* **Cross-Chain:** EIP712 module and CCTP integration
* **Security:** BravaGuard, fee system, and authentication

#### Bug Bounty

For security researchers, we maintain a responsible disclosure program. If you discover a vulnerability:

* **Email**: <security@brava.finance>
* **Scope**: All smart contracts and critical infrastructure
* **Rewards**: Commensurate with severity and impact

We appreciate ethical hackers who help keep Brava secure.