Oasis code is open-source, giving everyone in the community the ability to pressure test and audit the core technology. We use the Maker protocol which is open source and has been tested extensively.
This page provides all relevant links and documentation as a reference. If you think you have found a bug or security issue you can contact email@example.com and your report will be treated with the highest priority.
For Oasis Borrow you can find our code here: https://github.com/OasisDEX/oasis-borrow/
These are the contract addresses for the Maker protocol which are used in Oasis.app: https://changelog.makerdao.com/releases/mainnet/active/contracts.json
The maker protocol also has a documentation portal where you can find more information on how it works: https://docs.makerdao.com/
All contracts are verified on Etherscan so you can also check the code deployed in there.
For Oasis Multiply you can find our code here: https://github.com/OasisDEX/multiply-proxy-actions
The deployed contracts live at:
We also have in depth documentation about Multiply that you can review here.
Multiply Contracts were audited by ChainSecurity and you can find their report here: https://chainsecurity.com/security-audit/oasis-multiply-smart-contracts/