Our smart contracts have been reviewed by Quantstamp and found to have no high or medium risk vulnerabilities. They did observe there was a certain amount risk due to the centralization of power in the Pool administrators, but they deemed it low risk because users can pull their funds out.
We're looking at ways to decentralize the role of adminstrators in the near future.
View Quantstamp Certificate
Security Bug Bounty
We have an open security bug bounty to incentive vulnerability disclosures. The bug bounty is described on GitHub.
See bug bounties on Github Issues
Public Source Code
We strive to be as transparent as possible by publishing the source code on Github and verifying the smart contracts on Etherscan.
View source code on Github
See verified code on Etherscan