# Security

Security is paramount in DeFi, where a large amount of trust must be placed on properly coded smart contracts and on other safety measures.

## **Smart Contract Audits**

### MixBytes Audit

An audit of the full suite of Pickle Finance smart contracts by [MixBytes](https://mixbytes.io/) commenced on October 3, 2020.&#x20;

To date, the all of the PickleJar [**strategy** ](/appendix-c-previous-docs/old-docs/strategies.md)contracts have been audited.&#x20;

No critical or major issues were found in the strategy contracts. Minor issues have been fixed. The audit report warned of suspicious proxy functions (which the Pickle Finance developers explained were necessary and were protected by a 12 hour timelock). The full report can be viewed [**here**](https://github.com/pickle-finance/protocol/blob/master/audits/MixBytes_Audit_All_Strategies.pdf).

An audit of the remaining contracts is underway and is expected to complete shortly.

### **Haechi Audit**&#x20;

An audit of the full suite of Pickle Finance smart contracts by [Haechi](https://audit.haechi.io/) commenced on October 20, 2020.&#x20;

Haechi has completed a preliminary audit of our smart contracts. We are currently working through remediations, at which point a final report will be issued.

## **Timelocks & Multisig**

All key admin functions on the [MasterChef ](https://etherscan.io/address/0xbD17B1ce622d73bD438b9E658acA5996dc394b0d)contract, which controls the emission of PICKLEs to the [Farms](/appendix-c-previous-docs/old-docs/farms.md) are controlled by a [**24 hour timelock contract**](https://etherscan.io/address/0x0040E05CE9A5fc9C0aBF89889f7b60c2fC278416).&#x20;

All key admin functions relating to the [PickleJars](/appendix-c-previous-docs/old-docs/jars.md) are controlled by a [**12 hour timelock contract**](https://etherscan.io/address/0xD92c7fAa0Ca0e6AE4918f3a83d9832d9CAEAA0d3).

Each of the above timelock contracts must be executed through a 2/5 community [**multisig wallet**](https://etherscan.io/address/0x9d074E37d408542FD38be78848e8814AFB38db17). The current multisig keyholders are as follows:

![](/files/-MSwz9covoAP3wOruCpI)

Polygon multi-sig wallet.<br>

![](/files/-Mf8Mr9kVCzVCqCmRPoM)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.pickle.finance/appendix-c-previous-docs/old-docs/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.