Security Model

Rollr implements multiple layers of security to protect users from MEV attacks, ensure fair execution, and maintain protocol integrity. Security is our highest priority.

Private Mempool

Transactions submitted through Rollr are not broadcast to the public mempool, preventing frontrunning and sandwich attacks.

Direct Validator Routing

Bundles are sent directly to validators via encrypted channels, never touching the public mempool.

Zero Information Leakage

Failed bundles are never published on-chain, protecting your strategy from being observed by competitors.

Bundle Simulation

All bundles are simulated against current chain state before submission to ensure profitability and prevent wasted gas fees.

Pre-Execution Validation

Bundles are simulated in an isolated environment to verify all transactions will succeed before sending to validators.

Profitability Analysis

Simulation engine calculates expected MEV profit and verifies it exceeds bundle cost before execution.

State Conflicts Detection

Identifies potential conflicts with other pending transactions and adjusts routing accordingly.

Validator Security

Rollr maintains strict standards for validator participation to ensure network security and reliability.

Identity Verification

All validators undergo KYB (Know Your Business) verification before network access is granted.

Performance Monitoring

Continuous monitoring of validator uptime, latency, and bundle success rates with automatic alerting.

Slashing Protection

Validators who violate protocol rules or attempt to censor bundles face stake slashing and network removal.

Decentralization

Network maintains geographic and operator diversity to prevent centralization and single points of failure.

Smart Contract Security

All Rollr smart contracts have been audited by leading security firms including Trail of Bits and OtterSec.

Multiple Audits

Comprehensive security audits by independent firms specializing in Solana smart contract security.

Trail of BitsCompleted

OtterSecCompleted

Bug Bounty Program

Active bug bounty program with rewards up to $100,000 for critical vulnerability disclosures.

Critical$100,000

High$25,000

Transparency & Monitoring

Rollr maintains transparency through real-time metrics and on-chain data while protecting user privacy.

Public Metrics

Bundle count, success rates, and total MEV captured are published in real-time on the dashboard.

On-Chain Verification

All executed bundles are verifiable on-chain through Solana explorers for complete transparency.

Privacy Protection

Individual bundle contents and searcher identities remain private until on-chain execution.

Best Practices for Users

Use Hardware Wallets

Always use hardware wallets (Ledger, Trezor) when signing high-value transactions through Rollr.

Verify Bundle Contents

Double-check all transaction parameters before signing. Rollr never asks for seed phrases or private keys.

Set Slippage Limits

Always include appropriate slippage protection in swap transactions to prevent unexpected losses.

Monitor Confirmations

Track bundle status through the Rollr dashboard and verify execution on Solana explorers.

Incident Response

In the unlikely event of a security incident, Rollr maintains a comprehensive response protocol:

Immediate Action (0-1 hour)

Pause affected systems, notify core team, begin investigation

Communication (1-4 hours)

Public disclosure via Twitter, Discord, and status page with known details

Resolution (4-24 hours)

Deploy fixes, restore services, publish post-mortem analysis

Prevention (24+ hours)

Implement additional safeguards, update procedures, conduct external review

Security Hotline: security@rollr.network - Report vulnerabilities for bug bounty consideration