Every month several important smart contract audits are performed by blockchain security companies like us. It is important to stay up to date with the latest findings in order to learn and improve protection processes. Following we will describe three recent and interesting findings:
Two months before the AEternity Universe One Conference, CoinFabrik was asked to build the payments application that would be used in that conference. The app would be built on top of and focused on AEternity State-Channel technologies. It should include a mobile phone application allowing users to register as merchants or customers and perform payments.
Public blockchains allow insertion of arbitrary data. Even specific-purpose blockchains like Bitcoin already contain a lot of non-financial data. Although this data insertion can be beneficial in some use cases (e.g. proof of existence), it can also cause damage. If a blockchain contained videos with instructions on how to torture someone, there would immediately be broad consensus that this data must be deleted. But since blockchains are supposed to be immutable databases, the question is: what can be done if this happens?
The security of your crypto-assets depends on one piece of information that you must protect: your private key. If your private key is stolen, all your assets can be stolen. If your private key is lost, all your assets are lost.
Catalina Juarros – Ismael Bejarano – Pablo Yabo Overview The Dogethereum bridge project purports to solve a problem presented by the Dogecoin community in 2015 and for which Alex van de Sande started a bounty: to exchange Dogecoins and Ethereum ERC20 tokens back and forth on a one-to-one basis in a decentralized manner. Such an […]
Introduction CoinFabrik has been hired to audit the contracts for the Decentraland Land Auction. In the following sections we will provide a description of the contracts and their purpose, the audit methodology, detailed information about the issues found and, to wrap up, our conclusions on the contracts. Overview The contracts audited are from the “Land […]
Prior to the Bitcoin blockchain of “Satoshi Nakamoto”, distributed ledger systems were lacking two important properties which are essential for a decentralized digital cash system. The first property which existing distributed ledger systems were missing, was the ability to scale to a network of millions of users. And secondly, systems at the time were not permissionless
CoinFabrik has been hired to audit the INLOCK token sale smart contracts. We started this audit report writing a summary of the smart contracts provided by the client and a list of the analysis methods used to audit the contracts. Next, we detailed our findings ordering the issues by severity, followed by all the observations we considered important to add. We ended this audit with a conclusion explaining how do the auditors value the code reviewed, and what are the most important things that need to be corrected to it to make it work flawlessly and securely.