Smart‑Contract Audit
Roulette's program has undergone informal peer review by community developers as well as automated checks by AI auditing systems. No critical vulnerabilities have been reported to date, and the codebase is considered safe for a liquidity cap of USD 30,000.
Present status
| Scope | Reviewers | Findings |
|---|---|---|
| Core program v1 | Independent Security Researchers | 0 critical, 0 high, 3 medium issues |
| Core program v1 | AI Auditing Systems | 0 critical, 0 high, 2 medium issues |
Limited liability
Until a professional audit is complete, Delaforge org recommends keeping the liquidity of any single vault below $30,000.
Scope of Checks
The informal reviews focused on critical security vectors:
- Math Safety: Overflow/underflow protection in payout calculations.
- Solvency: Ensuring the Vault never pays out more than it holds.
- Access Control: Verifying that only the authorized Game Keeper can trigger state transitions.
- Randomness Integrity: Confirming inputs to the RNG (Random Number Generator) cannot be manipulated by anyone.
Verify it Yourself
Don't trust, verify. You can build the program from source and compare the hash with the on-chain bytecode. View Build Instructions on GitHub
Roadmap
| Milestone | Target | Notes |
|---|---|---|
| Internal game cycles | Q1 2026 | Stress‑test with live volume and edge‑case bets. |
| Professional audit | Q3 2026 | Engage an agency for full line‑by‑line review and formal verification. |
| Revoke program authority | Q3 2026 | Freeze the program code by revoking upgrade authority. |
| Publish report & lift cap | Q4 2026 | PDF report + on‑chain checksum; raise or remove liquidity limit. |
Post‑audit actions
- Report publication — audit PDFs and diff logs will be hosted in this documentation and pinned to IPFS.
- Bug‑bounty launch — a public programme will incentivise ongoing scrutiny.
- Governance vote — the community will decide new liquidity thresholds.