Socket contracts are deployed on Arbitrum One, Avalanche C-Chain, Binance Smart Chain, Ethereum, Fantom, Optimism Mainnet, Polygon, Gnosis Chain and Aurora.
They have been audited by peers and by professional auditors, here is the audit report.
Socket's contract don't use any proxies controlled by multisigs. Instead we use modularity to fullfill our promise of security, everything on-chain can be verified and it's immutable.
If you want to deep dive into the contract architecture you can check out the page below
Socket registry contract is called with calldata to initiate bridging transaction. This contract stores bridge and middleware IDs with corresponding Implementation contract addresses, representing which bridge and DEX respectively will be used for a given route.
HopImpl / HopImplL2
Hop protocol implementation contract, calls sendToL2 / swapAndSend function in Hop contracts
Native Polygon Bridge implementation, called by the registry when selected bridge is Polygon Native bridge. Calls depositEtherFor / depositFor functions.
Native Arbitrum Bridge implementation, calls depositEth / outboundTransfer function in Arbitrum bridge contract