Mezo's Mainnet Security Reviews and Code Audits

One of Mezo’s core commitments has always been the security and safety of user funds. With Mainnet here, that commitment is stronger than ever.

Before getting into the details of the audit reports, it is worth a reminder of the team’s history when it comes to Bitcoin security:

• The team has been building on Bitcoin since 2014, with notable projects such as Fold, Keep, and tBTC.
• tBTC, the most decentralized Bitcoin bridge, has been live and in production since 2020. Over 21k BTC has been bridged, with 4.7k BTC currently secured by the network of signers.
• The early deposit contract on Mezo has secured $322 million in total deposits since launch.

For Mezo, security is a foundational principle demonstrated through code, architecture, and proven experience. Bringing this experience to Mezo’s launch, the team knows what strong security looks like and takes no shortcuts.

That commitment shaped the path to mainnet: a deliberate, methodical process backed by months of testing, multiple external audits, and a launch strategy focused on long-term resilience and user trust.

Audited by Industry-Leading Firms

In the months leading up to Mainnet, Mezo underwent a series of independent security audits across the protocol stack:

• Halborn conducted two separate reviews of the core Cosmos-based codebase, including a "clean room" assessment to confirm sound implementation practices.
• OtterSec examined Mezo's bridging logic and validator infrastructure, focusing on potential attack surfaces around BTC tokenization and validator consensus.
• Spearbit/Cantina analyzed MUSD, the overcollateralized stablecoin used within Mezo, covering refinancing logic, liquidation mechanisms, and overall system design.
• Quantstamp and Thesis Defense independently audited Mezo Passport, the system of contracts for Mezo accounts for both Bitcoin and EVM wallets.

Let’s zoom in on Cantina.

Cantina’s open competition model offers broad, community-driven scrutiny. This approach surfaced a wide range of submissions (Eigenlayer and Liquity had 790 and 700 findings uncovered from their Cantina reviews), which allows for deeper visibility across the stack beyond what a single audit firm could provide. Every issue was reviewed, triaged, and evaluated for impact.

Key figures from the review:

• 647 total issues submitted
• 389 MUSD-related issues
• 289 issues (~75%) were determined invalid or incorrect, and the team responded to every single one to explain why it was invalid.
• 59 issues were prioritized to be fixed before launch, with the remaining 41 being fixed post-launch.

This process helped isolate critical bugs, eliminate false positives, and uncover novel findings that informed improvements to core components.

Across all audits, Mezo has either resolved or explicitly accounted for all critical and high-severity issues. In cases where findings reflected architectural tradeoffs, the team made conscious decisions based on system design goals and the roadmap toward future upgrades.

You can view Mezo's audits in the GitHub repo at https://github.com/mezo-org/audits or the documentation.

Borrow Securely on Mezo

Mezo is ready.

With Mainnet live and ample security audits completed, Mezo is ready for anyone who wants to take the next step in becoming their own bank. Get started on Mezo and mint MUSD at fixed rates, and put your assets to work across a growing circular economy.

Mezo makes Bitcoin work like money. Now, let Mezo work for you.

🏦 Start borrowing • 📚 Read the docs • 💬 Join Discord • 🛡 View audits

Let's build the circular Bitcoin economy. Follow @MezoNetwork