Security
LNES-01 is an early Mainnet-Beta MVP. Use small amounts first. Verify all accounts before signing.
LNES-01 is in active development. The program has executed a confirmed SettleExergy transaction but has not undergone a formal third-party security audit. Use only amounts you are prepared to lose while the protocol matures.
Required verification steps
Complete every item on this checklist before sending any capital through LNES-01:
- 01Verify the Program ID matches
Fe8KhdiFWhKcPWH2N2Svqc3VSpK9EzN8nMh9pQ3cPCeDon Solscan - 02Verify the USDC mint address against the official USDC program
- 03Verify all destination account addresses before signing
- 04Simulate the full transaction and inspect account delta before submitting
- 05Verify account ownership for all PDAs using the correct program authority
- 06Verify the expected vault split matches the protocol specification
- 07Use a limited hot wallet — never expose a primary key in agent environments
- 08Wait for transaction finality before treating the job as settled
Verification status
| Property | Status |
|---|---|
| Deployed on Mainnet-Beta | Yes |
| SettleExergy executed | Confirmed |
| Upgradeable | Yes |
| Program verified (source) | Pending |
| security.txt | Pending |
| Third-party audit | Phase 9 |
Responsible disclosure
Report vulnerabilities privately before public disclosure. Include the following in your report:
- —Transaction signatures demonstrating the issue
- —Account addresses involved
- —Reproduction steps
- —Expected versus actual behavior
Key management
Agent environments present unusual risks for private key exposure. Follow these practices to reduce surface area:
Hot wallet isolation
Create a dedicated keypair for agent settlement operations with a limited USDC balance. Never use a primary or high-value wallet in an automated context.
Environment secrets
Store private keys as environment variables or use a secrets manager. Never commit key material to source control or include it in agent configuration files.