# Audit/Security To ensure the funds of all our users stay secure, we take a two-stage approach at security; by designing our contracts as trustless and hiring professional auditors. ## Trustless Contracts From the ground up, KogeFarm vaults were designed to take every precaution possible to create trustless contracts. A trustless contract prevents malicious hackers (and even us) from withdrawing your funds at any time. Every KogeFarm contract was designed to prevent any access at all except for the depositor. For example, no KogeFarm contracts have a `migrate()` function. Although commonly used, the existence of a `migrate()` function could be one method for a malicious hacker (or even us) to drain funds from a contract. Without this function, even if a hacker were to obtain the KogeFarm contracts' admin keys, they would only be able to increase the fee on rewards (up to 10%) or stop compounding by emergency withdrawing from the source farm. In contrast, many other yield optimizers allow admins to migrate LPs, often under a time lock. But, experience has shown that a time lock is **not** a guarantee of safety as it often [goes unmonitored](https://rekt.news/deathbed-confessions-c3pr/). KogeFarm contracts were designed to not have any ability but our users to remove funds in any way. ## Audits Don't just believe our work; believe the two professional audit firms that have audited our contracts. KogeFarm contracts have been audited by both [Obelisk](https://github.com/Tibereum/obelisk-audits/blob/main/Kogefarm.pdf) (auditors of PolyCat) and [Paladin](https://paladinsec.co/projects/kogefarm/) which found relatively minor issues which were resolved. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://koge.gitbook.io/kogefarm/audit.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.