> For the complete documentation index, see [llms.txt](https://lemonad.gitbook.io/lemonad-docs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://lemonad.gitbook.io/lemonad-docs/security-audit.md).
# Security Audit
Security and trust are foundational to the LeMONAD ecosystem. To ensure the robustness, reliability, and safety of user funds, **all LeMONAD smart contracts have undergone a comprehensive security audit conducted by Stonewall Security**, a specialized Web3 security firm focused on high-assurance smart contract protection.
#### Auditor: Stonewall Security
**Stonewall Security** is a Web3-native auditing firm specializing in smart contract audits designed to provide what they describe as *“immovable Web3 security.”* Their work focuses on identifying vulnerabilities, validating protocol logic, and hardening DeFi systems against real-world attack vectors.\
**Website:**
#### Audited Contracts
The audit covered the full scope of the LeMONAD ecosystem, including core protocol infrastructure, decentralized exchange components, on-chain games, and oracle integrations.
**Core Contracts**
* LEMON Token
* Vault Contract
* Team Vesting Contract
**DEX Contracts**
* LemonFactory
* LemonPair
* LemonRouter
* LemonChef (Farming)
* Fee Collector
* WMON Wrapper
**Game Contracts**
* LemonPredict (Prediction Markets)
* LemonBattles (PvP Combat)
* LemonLotto (Daily and Weekly Lottery)
* LemonDice (Coin Flip)
* SqueezeRacing (NFT Racing)
* Game Registry
* Game Treasury
* NFT Stats Registry
**Oracle and Randomness Integration**
* Entropy Manager (VRF)
* Entropy Consumer Base
#### Audit Scope and Methodology
The Stonewall audit assessed both technical vulnerabilities and protocol-level logic across all contracts. Key focus areas included:
| Category | Description |
| ---------------- | --------------------------------------------------------------- |
| Reentrancy | Protection against callback and state manipulation attacks |
| Access Control | Verification of role-based permissions and privilege boundaries |
| Integer Safety | Prevention of overflow and underflow vulnerabilities |
| Oracle Security | Secure integration with Pyth price feeds and entropy sources |
| Front-Running | Mitigation of MEV and transaction-ordering risks |
| Logic Validation | Review of economic and business logic correctness |
| Gas Efficiency | Identification of unnecessary gas usage and optimizations |
#### Ongoing Security Commitment
While audits significantly reduce risk, LeMONAD recognizes that security is an ongoing process. The protocol follows best practices including conservative permissions, transparent on-chain logic, and upgrade pathways where appropriate. Future upgrades and feature expansions may undergo additional reviews to maintain the highest security standards as the ecosystem evolves.
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://lemonad.gitbook.io/lemonad-docs/security-audit.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.