Disclaimer
Important information about our services and limitations
Security Audits Are Point-in-Time Assessments
A security audit represents our analysis of code and systems at a specific moment. Code changes, dependency updates, market conditions, and newly discovered attack vectors can all affect security after an audit is completed. An audit does not guarantee ongoing security.
Information Only
BlackHart Security provides information and recommendations only. Our audit reports, monitoring alerts, and security assessments are intended to inform your decision-making process.
We identify potential vulnerabilities and suggest remediation strategies. The decision to implement, modify, or disregard our recommendations rests entirely with you.
Client Responsibility
Implementation decisions rest entirely with the client. You are responsible for:
- Evaluating our findings in the context of your protocol
- Deciding which recommendations to implement
- Verifying that fixes are correctly implemented
- Conducting additional testing as you deem necessary
- Maintaining ongoing security practices
- Monitoring for new threats and vulnerabilities
No Liability for Post-Audit Exploits
BlackHart Security accepts no liability for security incidents, exploits, or losses that occur after the completion of our audit engagement, regardless of whether:
- The vulnerability was present during our audit
- The exploit used a vector we analyzed
- Our recommendations were implemented
- The protocol was under continuous monitoring
Shared Responsibility
Smart contract security is a shared, ongoing responsibility. Effective security requires:
Our Role
- • Thorough code analysis
- • Vulnerability identification
- • Clear recommendations
- • Monitoring (if engaged)
Your Role
- • Review findings carefully
- • Implement fixes properly
- • Test changes thoroughly
- • Maintain vigilance
Monitoring Limitations
Continuous monitoring reduces but does not eliminate risk. Even with 24/7 monitoring:
- Some attacks may execute faster than detection and response
- Novel attack vectors may not match known patterns
- Social engineering and insider threats may bypass technical controls
- Network conditions may affect alert delivery
Zero-Day Vulnerabilities
We provide no guarantee against zero-day exploits or novel attack vectors. The security landscape evolves continuously, and new vulnerabilities are discovered regularly in:
- Programming languages and compilers
- Blockchain protocols and consensus mechanisms
- Dependencies and external libraries
- Infrastructure and tooling
- Economic and game-theoretic models
Not Financial Advice
Nothing in our reports, communications, or website constitutes financial, investment, legal, or tax advice. Our services focus solely on technical security assessment. Consult appropriate professionals for other guidance.
By Engaging Our Services
By engaging BlackHart Security for audit or monitoring services, you acknowledge that you have read, understood, and agree to this Disclaimer. You accept that security is an ongoing process requiring continuous effort from all parties, and that no audit can guarantee complete security.
If you have questions about this Disclaimer, please contact us before engaging our services.