# Overview The short version: Chamber's core contracts have been live on Ethereum mainnet **since October 2020 with no loss of depositor funds**. That track record is the product of three things working together — a constraint-first architecture, ongoing audits, and a live bug bounty. ## Architecture — the Guard System Every trade a manager or trader submits is checked against a set of guards before it hits the underlying protocol. Guards allowlist which contracts the vault can interact with, which assets the vault can hold, and which specific actions (swap, deposit, borrow, stake) are allowed. Transactions outside those rules are rejected at the contract level — not filtered in a UI, not flagged by a monitoring system, rejected. This architecture has been in use since 2020 and iterated on continuously. The goal isn't to trust the manager more. It's to make the vault safer by design. See [Guard system](/security/guard-system.md) for the full mechanic. ## Audits Core contracts and each major integration (Aave, Pendle, GMX, Ethena, Hyperliquid, and others) have been audited since 2020 by **Obsidian**, **Sherlock**, **Santipu**, **iosiro**, **CertiK**, and **Trust Security**. Auditing is ongoing: new integrations and major upgrades are audited before they ship. See [Audits](/security/audits.md) for the full timeline. ## Bug bounty Chamber runs a live bug bounty through [Immunefi](https://immunefi.com/) with payouts up to $50,000 for critical-level vulnerabilities. The program covers core contracts and active integrations. See [Bug bounty](/security/bug-bounty.md). ## Risk model Security controls don't reduce every risk. Market risk, strategy risk, and the risk of a manager making bad trades inside the vault's rules are not something contract-level guards can prevent — and Chamber doesn't pretend to. See [Risk model](/security/risk-model.md) for the categories Chamber actively reduces vs. those that remain with the depositor, and [Deposit: risks](/deposit/risks.md) for the depositor-facing view. ## Incident history No loss of depositor funds since launch in October 2020. See [Incident history](/security/incident-history.md). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.chamberfi.com/security/overview.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.