# Audits and Security **`Who audited Quill?`** Liquity v2's smart contracts and protocol architecture underwent rigorous auditing by these firms: [**Certora**](https://www.certora.com): A leader in formal verification for smart contracts, Certora ensures critical code correctness and security through advanced automated tools. [**ChainSecurity**](https://www.chainsecurity.com): Specializing in blockchain security audits, ChainSecurity combines rigorous analysis with cutting-edge techniques to protect decentralized systems. [**Coinspect**](https://www.coinspect.com/): Known for its focus on smart contract and blockchain audits, Coinspect delivers security reviews tailored to DeFi protocols and crypto projects. [**Dedaub**](https://dedaub.com/): Offering deep-dive vulnerability assessments, Dedaub provides security solutions to enhance smart contract reliability and safeguard assets. [**GetRecon**](https://getrecon.xyz/): A prominent auditing firm, Recon strengthens protocol resilience through expert code reviews and meticulous vulnerability assessments. On top of that, **Quill** was also audited by **GetRecon**. **`What was audited?`** The audits focused on critical areas to ensure security, functionality, and resilience, including: * **Smart Contracts**: All core contracts, particularly those managing **$USDQ** issuance, collateralization and liquidation mechanisms, were checked for vulnerabilities and potential exploits. * **zk-Rollup Integration**: The integration with Scroll’s zk-Rollup technology were assessed for security risks, ensuring seamless and safe Layer 2 functionality. * **Governance Modules**: The governance contracts, launching in Q1, will undergo auditing to secure voting mechanisms, proposal handling, and treasury controls. * **Economic Security**: An economic audit verified that the protocol’s fee structures, stability mechanisms and liquidation penalties are correctly implemented to prevent exploits or systemic risks. These audits are fundamental to **Quill**’s commitment to user security and protocol reliability, ensuring a robust and secure DeFi platform for users. **`How does Quill ensure security in zk-Rollups?`** **Quill** ensures security within its zk-Rollup implementation by leveraging several layers of protection: 1. **Zero-Knowledge Proofs**: zk-Rollups generate cryptographic proofs (specifically, validity proofs) for every batch of transactions. These proofs are submitted to the Layer 1 blockchain, where they verify that each transaction in the rollup batch is valid. This mechanism prevents any fraudulent or incorrect data from being processed, as only valid proofs are accepted on Layer 1. 2. **Inherited Layer 1 Security**: Because zk-Rollups rely on the underlying security of Layer 1 (Ethereum, in the case of **Quill** on Scroll), they inherit its robust decentralization and security. This means that zk-Rollup transactions benefit from Ethereum’s consensus and integrity, adding a layer of protection against network attacks. 3. **Audits and Code Reviews**: **Quill**’s zk-Rollup implementation undergoes rigorous security audits by reputable firms like Trail of Bits and DeBaub. These audits review the smart contracts and rollup code for vulnerabilities, ensuring that the protocol maintains a secure and resilient architecture. 4. **Data Availability on Layer 1**: **Quill**’s zk-Rollup solution ensures data availability by recording transaction data on Layer 1. This means that in the unlikely event of an issue on Layer 2, all data required to restore the network’s state remains accessible and secure on Ethereum. 5. **Continuous Monitoring**: **Quill** employs real-time monitoring and alert systems to quickly detect and respond to any unusual activity or potential vulnerabilities. This proactive approach ensures ongoing security for user assets and transactions. Together, these elements enable **Quill** to offer high performance without compromising on security, creating a reliable DeFi environment on zk-Rollups. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.quill.finance/faq/audits-and-security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.