While producing any kind of software, developers have to chose if they keep the code to themselves or if they open the code to the public. Close-sourced software normally has to be audit by some company that specializes in this area to give an assurance to the people using that software. Open-sourced software can be audited by these companies and can also be audited by anyone who wants to because the code is public.
Minswap, a cryptocurrency DEX stablished on Cardano, choose to first being closed-sourced and have an audit. All of this went fine and no exploits were found. On the 19th of March they decided that it was time to open-source their code. Open-sourcing is a must have in cryptocurrencies ecosystem because it contributes to decentralization and also gives people confidence in the project.
After three days of the code being open-sourced someone discovered a bug on the smart-contract that could drain all the money on the protocol. The issue was reported to the team and they solved the problem. The bug wasn't exploited and nobody lost their money.
Minswap has been live for some weeks neither the team nor the auditors discovered any issue with it. It only took 3 days of the code being open-sourced for someone to discover a major bug. This is why open-sourcing a software is so important, it gives the power to secure and build the software quickly. This major bug could colapse the protocol completely if it were exploited by a bad actor, but when everyone can see the code this type of bugs normally are quickly communicated to the team. If a bounty for finding it is put in place it works even better, because people normally prefer clean money over dirty money and instead of exploiting the system they rather claim the bounty for finding a bug.
This team went in the right direction and claimed a bonus for it. Sometimes not even a team of good auditors find a major problem on a protocol but a whole world of people will find it for sure.
When finding a project to invest in, it's important to find if the code is audited and if it's open-sourced, all of this ensures the user that the project is legit and wants to go in the right direction.