Public report pending
Security and Audit Status
Security posture and audit status without overstated claims.
Version za-counsel-draft-2026-07-14 · Republic of South Africa · Counsel-review draft
uLend uses server-side provider credentials, idempotency keys, rate limits, same-origin checks for mutating web requests, analytics redaction, and managed database requirements for money-facing records.
Public audit reports, final security sign-off, and bounty scope remain pending. Audits, monitoring, and tests reduce some risks but do not eliminate risk or guarantee recovery.
