Skip to main content

Documentation Index

Fetch the complete documentation index at: https://cowswap-mintlify-docs-audit-1775035615.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Security Best Practices

Token Approval Safety

Approve only the exact amount needed for your orders rather than unlimited amounts. For TWAP orders specifically, approve precisely n * partSellAmount.

Safe Configuration Requirements

Proper setup demands three critical steps:
  1. Configure the fallback handler to the ExtensibleFallbackHandler address
  2. Set the domain verifier for GPv2Settlement
  3. Test with a small order before full deployment
Incorrect fallback handler configuration will cause all orders to fail signature verification.

Order Parameter Validation

Ensure:
  • Official handler addresses are used (not custom or unverified ones)
  • Each order has a unique salt value to prevent hash collisions
  • TWAP parameters meet specific constraints (e.g., n > 1, span must not exceed t)

Merkle Tree and Proof Management

Secure storage of merkle proofs is essential.
Loss of proofs means you cannot execute orders, even though they’re valid on-chain.
Redundant backup systems are recommended for proof storage.

Monitoring and Emergency Response

Post-creation oversight involves:
  1. Track execution on CoW Explorer
  2. Verify watchtower pickup of your orders
  3. If issues arise:
    • Cancel problematic orders immediately
    • Revoke token approvals if security concerns exist
Last modified on April 1, 2026