HOW WE CONDUCT BLOCKCHAIN AUDIT
Get in touch with us to receive a free quotation of your blockchain project's audit - based on your white / yellowpaper. Our specialists will dig deeply into it to suggest the best solutions.
VERIFYING CONSENSUS ALGORITHMS
Blockchain applications are much more complex than simple smart contracts, we therefore put much more effort on verifying the consensus algorithms and nodes communication. We simulate them in practice (using test networks) and in theory (using ML models) so that we can easily find the bottlenecks that can allow hackers take over the network.
TESTING DIFFERENT ATTACK VECTORS
Our team consists of people with different competences, every of which is engaged in the audit of your project. We can therefore test the software from different angles, conducting penetration tests, checking cryptographic algorithms and simulating the application on test networks with different attack vectors.
CONTINUOUS COMMUNICATION
We are in continuous contact with your team, using communication tools of your choice (Slack, Discord, WebTalk, you name it!) for quicker information flow. We inform you about the bugs and vulnerabilities found on the spot and suggest possible fixes. Once the fix is applied, we check it again for no additional costs!
BUSINESS LOGIC VALIDATION
If needed, our team can also verify the business logic of the blockchain network with assumptions received. Such measures will ensure the investors that the project can become a business success and will increase the probability of investment.
OUR COMPETENCES
Penetration testing including stack / buffer / variable overflow, library dependencies
Communication testing, including MITM attacks, IP spoofing or table poisoning
Consensus algorithms weaknesses, including 51% attack, stake-bleeding, stake-grinding or malicious node operation
Overload attacks including DoS / DDoS and testing the network load with ML models
Verification of the basic blockhain functionalities, including staking, mining, minting, fee calculation, etc.
Cryptography analysis, including communication encoding, password and data hashing
IN AN ETHEREUM SMART CONTRACT PROJECT WE HAVE FOUND A VARIABLE SHADOWING ISSUE WHICH WOULDN’T ALLOW THE VESTING MECHANISM TO RELEASE TOKENS. THESE TOKENS WORTH MORE THAN $1 000 000 WOULD BE FROZEN FOREVER
IN DISPATCH LABS BLOCKHAIN PROJECT WE HAVE DISCOVERED A DDOS OPPORTUNITY WHICH WOULD CAUSE THE WHOLE NETWORK TO BE COMPLETELY BLOCKED AND INOPERABLE WITHIN MINUTES. RESTARTING THE NETWORK COULD TAKE UP TO A FEW DAYS
IN A BLOCKCHAIN PROJECT CONDUCTED FOR OUR ANONYMOUS CLIENT, WE FORTUNATELY MANAGED TO FIND AN EXPLOIT THAT WOULD ALLOW TO ARRANGE A SPLIT NETWORK ATTACK. THE FIX HAS ALLOWED THE CLIENT TO SAVE THE PROJECT WORTH MORE THAN $10 000 000.
SOLVE YOUR PROBLEMS IN 5 SIMPLE STEPS
PREPARATION
Supply our team with audit-ready code and additional materials (white or yellow-paper).
COMMUNICATION
We conduct the audit, suggesting fixes to all the vulnerabilities we find.
AUDIT
We conduct the audit, suggesting fixes to all the vulnerabilities we find.
FIXES
Your development team applies fixes while consulting with our auditors on their safety.
