Audit
Services

Get in Touch

End-to-end dApp audit

A complex Decentralized Application is more than just a set of Smart Contracts. To ensure security and compliance, the entire application must be audited, covering each of its components such as frontend, backend, database, connected system components (e.g. Oracle) and the underlying blockchain infrastructure.
Our self-developed audit methodology consists of different types of test to be executed in order to discover a wide range of vulnerabilities. Test include, amongst other things, assessment of governance, processes and procedures, technical and physical controls, risk/vulnerability management, code review, penetration test.

Smart Contract audit

Blockchains are secure, Smart Contracts are not. Vulnerabilities of smart contracts can result in not only reputation but huge financial losses, especially if valuable tokens are involved.

Smart Contract audit is the process that can reveal these vulnerabilities. Our self-developed audit methodology is based on industry best practices and incorporates the analysis of Smart Contract’s functionality and the execution of automatic and manual tests against well-known vulnerabilities as well as the manual audit of the codebase. Our comprehensive audit report consists of not only the findings, but also the recommendations meant to mitigate the exposure of Smart Contract.

Smart Contract / dApp verification

We provide verification that your decentralized system works as intended.

Customers need to have a clear understanding of business logic of a Smart Contract prior to utilizing them. Taking reasonable steps to interpret the contract is not easy as it requires deep coding skills. Our experts, as an independent team, can help all involved parties translate the coded terms of Smart Contracts and make sure that the code corresponds to their original intention.

Permissioned blockchain audit

Custom-built or cloud-based permissioned (private) blockchains hold multiple advantages compared to permissionless (public) ones. They are more enterprise-ready considering the performance and scalability they can provide.

Our auditors evaluate the blockchain architecture on how it satisfies business side requirements (e.g. performance, transaction speed, trust level of involved parties, confidentiality, etc.). We also assess the security posture of the implemented solution by identifying vulnerabilities of blockchain and supporting infrastructure and the operation processes. Our comprehensive audit report consists of our observations and recommendations.

Penetration testing

Penetration testers use the same toolset as blackhat hackers to discover security vulnerabilities. Identifying and remedying security holes prevents hackers from performing attacks against the blockchain environment. Our comprehensive approach tests the entire environment of the distributed application (i.e. frontend, backend, APIs, data sources, Smart Contract, underlying blockchain infrastructure), identifying vulnerabilities and recommending improvements to eliminate or mitigate the problem.

Privacy assessment

As any other application, Smart Contract /dApps can store or process personally identifiable information. GDPR and national privacy laws apply to these systems. Our auditors evaluate how private data is protected and how they meet the expectations mandated by law. We identify potential vulnerabilities and suggest solutions to avoid the corruption of this data.

System compliance audit

Companies might be subject to different statutory and regulatory requirements: the financial sector is one of the most regulated industries. We review the adherence of the blockchain platform and DApps based on blockchain to legal expectations. Audits reveal non-compliant issues that might result in major penalties. The audit report states the level of compliancy, it consists of the identified problems as well as recommendations to mitigate the risk arising from deviations.

Oracle audit

The integrity of a distributed application heavily depends on the integrity of its components. Therefore, the integrity of external systems feeding the blockchain with data also require a thorough assessment. Our auditors evaluate whether technical, physical and administrative (e.g. processes, procedures) controls are in place around these systems or if are they effective enough to provide a high level of confidence in the input data.

Audit readiness assessment

Passing a blockchain system audit requires comprehensive protection implemented across the system, requiring thorough preparations. As professional auditors, we understand the expectations and the necessary level of controls to be implemented. We evaluate the system, pinpoint deficiencies and advise how to mitigate the problems in order to effectively secure the system and pass third party audits. We can also create the required but missing or incomplete documentation (e.g. blueprint, processes, policies and standards, etc.)

Contact Us