Skip to main content

Overview

The Polymarket CTF Exchange smart contracts have been audited by ChainSecurity, a leading blockchain security firm. The audit ensures that the protocol meets the highest standards of security and reliability.

Audit Report

The comprehensive security audit was conducted by ChainSecurity and covers all core components of the CTF Exchange protocol.

ChainSecurity Audit Report

View the complete security audit report

Audit Scope

The audit covered the following key areas:
  • Order matching and execution (CTFExchange.sol:58-89)
  • Asset operations and transfers
  • Fee calculations and distributions
  • Signature validation for multiple wallet types
  • Admin and operator role management (Auth.sol:8-83)
  • Role-based function restrictions
  • Permission verification mechanisms
  • Pausability controls (Pausable.sol:6-23)
  • Reentrancy protection (BaseExchange.sol:7)
  • Nonce management for replay protection (NonceManager.sol:6-20)
  • Token registration and validation (Registry.sol:12-52)
  • Complement verification
  • Condition ID tracking

Security Features

The CTF Exchange implements multiple layers of security:

Reentrancy Protection

All state-changing functions use OpenZeppelin’s ReentrancyGuard to prevent reentrancy attacks.
The exchange inherits from ReentrancyGuard in BaseExchange.sol:7, ensuring that critical functions like fillOrder, fillOrders, and matchOrders cannot be reentered during execution.

Access Control

The protocol implements a dual-role access control system:
  • Admin Role: Can pause/unpause trading, manage roles, configure factories, and register tokens
  • Operator Role: Can execute trades on behalf of users (CTFExchange.sol:61-89)

Signature Validation

The exchange supports multiple signature types for enhanced security and compatibility:

EOA Signatures

Standard ECDSA signatures for externally owned accounts

Proxy Wallets

Polymarket proxy wallet signatures with owner verification

Gnosis Safe

Safe multisig wallet signatures

EIP-1271

Smart contract signatures via EIP-1271 standard

Nonce Management

Each user has an incrementable nonce that can be used to invalidate all outstanding orders: 
function incrementNonce() external
function isValidNonce(address usr, uint256 nonce) public view returns (bool)
This provides users with an emergency mechanism to cancel all their orders at once.

Emergency Controls

The exchange includes pausability controls that can halt all trading in case of security incidents.
Admins can pause trading using pauseTrading() and resume it with unpauseTrading(). When paused, all trading functions (fillOrder, fillOrders, matchOrders) will revert with a Paused() error. See Admin Controls for more details on administrative functions.

Best Practices

For integrators and operators working with the CTF Exchange, please review our Security Best Practices guide.

Contact

If you discover a security vulnerability, please follow responsible disclosure practices:

Report Security Issues

Contact the Polymarket team directly through official channels. Do not disclose vulnerabilities publicly.

Build docs developers (and LLMs) love

Get started for freeTalk to us