Goldfinch
Protocol Security — Category Scores
Smart Contract Security
Completed Audits
3+ audits
Auditor Reputation
Reputable firms
Critical Vulnerabilities Found
Some resolved
Upgradeability Risk
Admin-controlled
Admin Privilege Controls
Multisig owner
Test Coverage
50 - 80%
Formal Verification
None
Fuzzing
Basic fuzzing
ERC Standard Compliance
Fully compliant
Audit Recurrence
Ad-hoc
Spell Review / Governance Review
Internal security review
Oracle & Data Integrity
Oracle Decentralization
2 providers
Price Deviation Protection
Basic threshold checks
Fallback Oracle System
Manual fallback
Manipulation Resistance
Moderate safeguards
Custody & Asset Backing
Custody Provider
Third-party (non-regulated)
Proof of Reserves
Self-reported
Redemption Guarantee
Best effort
Insurance Coverage
No insurance
Redemption & Liquidity Safety
Redemption Mechanism
Manual / ad-hoc
Liquidity Buffer
Below 5%
Governance Risk
Emergency Shutdown Controls
Admin-only pause
Timelock Delay
Under 24 hours
Compliance & Transfer Restrictions
KYC Gating
Required KYC for all
Whitelist Enforcement
On-chain enforced
Jurisdiction Restrictions
Basic geo-blocking
Operational Security
Bug Bounty Program
Structured program
Incident Response Plan
Informal process
Monitoring Systems
Basic alerting
Third-Party Dependency Risk
Some dependencies reviewed
Operational Audit (SOC 2 / ISO 27001)
None
Learn More
GOLDFINCH SECURITY FAQ
Goldfinch has an RWA Protocol Security Score of 45/100 with a grade of C. This protocol-level score is evaluated across 8 risk categories: smart contract security, oracle integrity, custody, redemption safety, governance, compliance, operational security, and transparency.
Goldfinch's protocol security score of 45 is a weighted average across 8 protocol risk categories: • Smart Contract Security (20%) • Oracle & Data Integrity (15%) • Custody & Asset Backing (15%) • Redemption & Liquidity Safety (10%) • Governance Risk (10%) • Compliance & Transfer Restrictions (10%) • Operational Security (10%) • Transparency & Proof Systems (10%) Each protocol category is scored 0–100 and multiplied by its weight to produce the overall score.
A protocol security grade of C means Goldfinch has notable areas requiring protocol security improvements. Review the detailed category breakdown to identify which protocol risk categories need the most attention.
The RWA Protocol Security Score of 45 (C) indicates Goldfinch's security posture relative to other RWA protocols on the leaderboard. This protocol security score should be one factor in your due diligence — also review the detailed category breakdown, consider regulatory compliance in your jurisdiction, and consult security professionals for high-value decisions. A higher protocol security score reflects stronger controls but does not constitute a guarantee of security.
Each RWA protocol is assessed across 8 risk categories: 1. Smart Contract Security — Protocol audit history, vulnerability resolution, upgradeability, admin privileges, test coverage. 2. Oracle & Data Integrity — Oracle decentralization, price manipulation protections, protocol fallback mechanisms. 3. Custody & Asset Backing — Protocol custody provider quality, multisig controls, proof of reserves, insurance coverage. 4. Redemption & Liquidity Safety — Protocol redemption mechanisms, liquidity buffers, bank-run protections. 5. Governance Risk — Protocol admin key management, token distribution, emergency controls, timelock delays. 6. Compliance & Transfer Restrictions — Protocol KYC gating, whitelist enforcement, jurisdiction restrictions. 7. Operational Security — Protocol bug bounty programs, incident response, monitoring, operational audits. 8. Transparency & Proof Systems — Protocol public financial disclosures, audit reports, on-chain asset verification.
