A security audit is a process in which a client subjects his or her smart contracts to a review, in which one or more auditors search and document vulnerabilities that may alter the project correct functionality. The main idea of this post is to specify the process of audits, who belongs to them and how the different individuals interact from the moment the client reaches us to the moment we end communication with them.
After our articles Smart Contract Auditing: Human vs. Machine and Auditing Solidity code with Slither we decided to test another static analysis tool from ChainSecurity called Securify.
CoinFabrik was asked to audit the contracts for the ArcadierX project. Firstly, we will provide a summary of our discoveries and secondly, we will show the details of our findings.
CoinFabrik has been hired to audit the DMToken smart contract. First of all, we will describe what is the analysis performed by our team. Next, we will provide a summary of our discoveries and we will detail all our findings. And at the end, we will express our opinion in the conclusion.
The contract audited is at address 0x2ccbff3a042c68716ed2a2cb0c544a9f1d1935e1. The contract was deployed at transaction 0x111287826ad158a7ae11a9893f03e9e8998ed7b2bac061c83bed7b68e1958a6d.
Introduction CoinFabrik has been hired to audit the contracts for the Decentraland Land Auction. In the following sections we will provide a description of the contracts and their purpose, the audit methodology, detailed information about the issues found and, to wrap up, our conclusions on the contracts. Overview The contracts audited are from the “Land […]
Smart contract security is a serious problem today. Security flaws, misbehavior, and inefficiency are very expensive when you deploy a Smart Contract to the Blockchain. Companies are especially concerned about their Smart Contract code because once it is run, there is no turning back (they are irreversible) and money can be stuck in the blockchain and lost forever. Thus, to make sure their code is written correctly, these enterprises usually hire well known external auditors (like Coinfabrik) because they know that a problem in their code could cost a lot more money if they skip the audit. Since Smart contracts are used to move, store, distribute funds, errors in smart contract code and design must be minimized. Furthermore, since the appearance of the ICOs in the past few years and with their boom in 2017 and 2018, the smart contract security audits have become one of the most ordered services in the blockchain industry.
CoinFabrik was asked to audit the contract for the DreamTeam token and token sale (previously audited). Firstly, we will provide a summary of our discoveries and secondly, we will show the details of our findings. Summary The contract audited is in the DreamTeam repository at https://github.com/dreamteam-gg/smart-contracts. The audit is based on the commit 616ed2538526001d25b75680e4d3bd8f3c4deac2, and […]
The smart contracts that have been audited were taken from the RCN repository at: https://github.com/ripio/rcn-network/tree/v2. The audit is based on the commit 3ded36151ad55543d16c354e70161852de4061d0, which was updated to reflect changes at: 052e5fd4d77301e854d0ecdaadbd785dd91950ce.
Coinfabrik was asked to audit the contracts for the RightMesh Token sale. In the first part, we will give a summary of our discoveries and follow them with the details of our findings. The contracts audited are from the RightMesh repository at https://github.com/firstcoincom/solidity. The audit is based on the commit f24ea6c5787b2d40423f4dc312d832592b1cd335 at branch master. Summary […]
Coinfabrik was hired to audit the contract in terms of its security. First of all, we will analyze the code and deliver a summary of the reviewed contract. After evaluating the contract, we will write a detailed description of our discoveries and proposed changes, followed by the conclusion. The audited contract is from the DMarket […]
Coinfabrik’s smart contract audit team was commissioned to conduct a security audit of the contracts for the RCN Network. RCN Network is a P2P lending protocol based on smart contracts. The protocol connects lenders and borrowers from anywhere in the world. The engine allows borrowers to create loan requests, and lenders to fulfill those requests. […]
By Ismael Bejarano and Pablo Yabo Coinfabrik smart contract audit’s team was hired to review the contracts for the Realisto’s ICO or token sale. We audited the contracts from repository https://github.com/realisto/smartcontract at commit b8f68bd4330f4852260636c00013794ffec1c6a7. In the next section, we provide a short summary of the contracts and our discoveries. After that, we present our detailed […]