A security audit is a process in which a client subjects his or her smart contracts to a review, in which one or more auditors search and document vulnerabilities that may alter the project correct functionality. The main idea of this post is to specify the process of audits, who belongs to them and how the different individuals interact from the moment the client reaches us to the moment we end communication with them.
This is a step by step guide that shows how to publish a text in the Roptsten testnet of Ethereum. In order to publish in the Mainnet you will need to select it in the first step of the following tutorial.
After our articles Smart Contract Auditing: Human vs. Machine and Auditing Solidity code with Slither we decided to test another static analysis tool from ChainSecurity called Securify.
CoinFabrik has been hired to audit the EasyPool smart contracts. We start this report writing a summary with the smart contracts provided by the client and a list of the analysis methods used to audit the contracts. Next, we will make a summary of the files we analysed and the public facing functions provided by the ProPool contract.
CoinFabrik was asked to audit the contracts for the ArcadierX project. Firstly, we will provide a summary of our discoveries and secondly, we will show the details of our findings.
CoinFabrik has been hired to audit the DMToken smart contract. First of all, we will describe what is the analysis performed by our team. Next, we will provide a summary of our discoveries and we will detail all our findings. And at the end, we will express our opinion in the conclusion.
The contract audited is at address 0x2ccbff3a042c68716ed2a2cb0c544a9f1d1935e1. The contract was deployed at transaction 0x111287826ad158a7ae11a9893f03e9e8998ed7b2bac061c83bed7b68e1958a6d.
Introduction CoinFabrik has been hired to audit the contracts for the Decentraland Land Auction. In the following sections we will provide a description of the contracts and their purpose, the audit methodology, detailed information about the issues found and, to wrap up, our conclusions on the contracts. Overview The contracts audited are from the “Land […]
Following our Smart Contract Auditing: Human vs. Machine article, we now analyze Slither, which is another static analysis tool from Trail of Bits. It includes aids for contract summaries, which can be helpful for making a mental model of the contract and rechecking assumptions. Considering the ease of use, it’s a good idea to try […]
In this article we are benchmarking several auditing tools. The smart contract security audit is a critical phase in the development of smart contracts. The DAO hack was just one trip in the odyssey to secure Ethereum smart contracts and compatible blockchains like RSK and Cardano. It is important to highlight that back in 2016 […]
CoinFabrik has been hired to audit the EasyPool smart contracts. We start this PDF report writing a summary with the smart contracts provided by the client and a list of the analysis methods used to audit the contracts. Next, we detailed our findings ordering the issues by severity, followed by all the observations we considered important to add.
The second stage of the Dogethereum bridge was presented on September 5, 2018 at 10 am (PT) and live streamed. The bridge uses “superblocks” to move coins from Dogecoin to Ethereum and collateralization to move coins from Ethereum to Dogecoin. We are excited because this innovation can also be used to bridge other blockchain pairs. […]
Thanks to the invention of cryptocurrencies a new kind of financial product has been made possible, the crypto-backed loans. Following is a brief comparison of 10 platforms that providing access to it. As we can see by looking at the table the options vary greatly respect to the interest rates, platforms fees, and currencies accepted. […]