Integrity Check & Security

To mitigate smart contract risks, FynX has integrated three pillars of security:

1) Audits: zkSecurity, Zokyo, Quantstamp and Secure3

2) Real-Time Protection and wallet screening: Hexagate

3) Bug Bounties: Immunefi

To ensure no illicit parties can access the protocol, FynX users are required to pass an integrity check.

Access token

Before using FynX's functions, all users must obtain an "Access Token". Currently, users are required to mint an ‘Access token’ per chain.

When a user connects their wallet, FynX checks if they already have the ‘Access Token’ in that same wallet - meaning they have already passed the integrity check.

  • If the user has already completed their verification through one of our verification partners, no additional verification is required - the user can mint their "Access Token" and use FynX's functions as normal.

  • If no token is detected in the user’s wallet, then the only buttons available are for minting one, by going through the verification process provided by our partners. This process is as follows:

Verification flow

  1. FynX checks if the user has a Binance Account Bound Token (BABt), Galxe Passport, or soulbound tokens from zkMe in the connected wallet.

  2. If one of the above tokens is detected, the user does not need to pass the integrity check again, they can directly mint the ‘Access Token’.

  3. If the user does not have one of the above tokens, they need to provide an attestation from their preferred verification partners among the supported options. Currently, FynX supports reusable attestations (for multiple wallets) from Authento. Alternatively, users can obtain attestations for their wallet through two major CEXs (Coinbase, Binance) or partner protocols (zkMe, Galxe, and AiPrise) and get verified. The verification process takes <1 minute and when it is complete, the user can mint their ‘Access Token’. For a full list of FynX's verification options check here.

Once the user's PII has been verified, all they have to do is very easily mint a non-transferable token (the ‘Access Token’) that confirms they provided a KYC(B) attestation.

Upon minting the ‘Access Token’, users are then eligible to deposit funds into the smart contract.

PreviousOverview

Last updated