Internal security
Protects:
Centralization risks
Trustlessness
Hi, I'm Gavin, one of DeltaPrime's founders. Nice to meet you! I know the rest of my team by heart, and fully trust them. That being said, we don't want you to have to trust us as well. After all, DeltaPrime is fully trustless. This is why we design our internal security measures with the same vigor as we design our external security measures. The security measures below are put in place to protect you from a hypothetical internal bad actor or compromised wallet.
Timelock
A timelock is an enforced period of time that code submissions have to pass before they are updated in the code itself. Timelocks protect users from unexpected changes in code, yet they also restrict developers in potential crucial code updates should the need arise. Because of this, DeltaPrime has a progressive timelock period.
During the alpha version, which ran from March 2022 until January 2023, there was no timelock, allowing developers to immediately push necessary updates.
Now, DeltaPrime has a 24-hour timelock. This allows users to adapt their Prime Account or deposited funds to the submitted changes in a 24-hour period prior to any code update.
In the future, the 24-hour timelock will be upgraded to a 72-hour timelock.
Multisig
Additionally to the timelock, every code upgrade and treasury transaction must be approved by 2/3 of DeltaPrime's founding team. This is enforced through a multisignature contract which only allows code upgrades when 2 out of 3 core team members have signed the upgrade with their cold storage wallet. This protects you from a rogue dev / teammember pushing malicious code.
Hardware wallets
The team uses hardware wallets for any protocol update. This means that if someone was to hack our computers, they would not be able to push any code changes, as the hardware wallets are physical.
Doxxed team
The full founding team is doxxed on our landing page. This means that we not only believe in the success of DeltaPrime, but that we are willing to bet our reputation on it. Next to our IRL pictures a link to our LinkedIn is available at the homepage as well.
Audits
Good to know: auditors also check for centralization risks. This means that potential backdoors, deliberate exploit opportunities and other risks are reported by the auditor with or without the team's approval.
For more information on audits and to find the full list of audits performed on the DeltaPrime codebase see the next page.
Last updated