# Overview

Pingu takes security very seriously. Code and processes are thoroughly reviewed, stress-tested, and independently audited.

## **Monad Security**

Contract security starts with underlying blockchain security. Monad is a high-performance Layer 1 blockchain built from the ground up with security and decentralization at its core. As an independent Layer 1 that maintains Byzantine Fault Tolerance, Monad can tolerate up to one-third of nodes being malicious or offline while continuing to operate correctly. The network's robust security is achieved through multiple layers:

1. MonadBFT, Monad's custom consensus mechanism derived from HotStuff, uses linear communication where validators send votes to leaders who aggregate them into Quorum Certificates, requiring a supermajority of two-thirds plus one validators to agree before blocks are finalized.
2. The protocol includes built-in tail-forking resistance, preventing malicious validators from abandoning validated blocks to exploit MEV opportunities. This ensures fairness and prevents particularly harmful attacks that plague other blockchain networks.
3. Monad achieves sub-second finality with 400ms block times and 800ms finality, meaning transactions become irreversible almost instantly while maintaining full security guarantees.
4. Full EVM bytecode compatibility ensures that Monad inherits the battle-tested security standards of Ethereum smart contracts while dramatically improving performance.

This architecture, combined with custom database optimization and low hardware requirements, enables real decentralization from day one with a global network of validators running on consumer-grade hardware.

## **Oracle Security**

Pingu contracts rely on accurate price data to determine when order execution and liquidations occur, which in turn determine profits and losses for both traders and liquidity providers.

Pingu uses [Pyth](https://pyth.network/) to price orders on-demand. Pyth sources prices from several of the most liquid and reliable global trading venues, minimizing reliance on a single source and the likelihood of price wicks or data errors.

Learn more about [order settlement](https://docs.pingu.exchange/pingu-exchange-docs/trade/orders/order-settlement).

## Risk Mitigation

Ensuring protocol integrity is essential to security. Learn more about Pingu's [risk mitigation](/pingu-exchange-docs/security/risk-mitigation.md) tactics.

## Audit

Pingu has run 2 independent audits with Shellboxes: <https://shellboxes.com/audit/reports/Pingu_Exchange_Audit_Report.pdf> <https://shellboxes.com/audit/reports/Pingu_Exchange_v2_Audit_Report.pdf>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.pingu.exchange/pingu-exchange-docs/security/overview.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.