Our distinguished team of security experts and blockchain specialists have the proven industry experience to upgrade projects to the next level in smart contract tech by developing with the best and most enhanced, cutting-edge protocols.
Get quote now
GCA’s Lead Blockchain Developer, Researcher and Expert in information security with over 7 years of work experience.
Head of Service
Why an audit?
....No, no. Must also consider the scope.
The scope of the audit is very important as it defines the level of its sophistication and depth.
Our team performs
Automated code reviews are executed using static analysis tools to identify the presence of vulnerabilities and to detect any possible coding flaws, back doors and malicious code.
Vulnerabilities will typically be related to under / overflow bugs, transaction-ordering dependence / front running, re-entrancy attacks, and other bugs that are well suited to an automated analysis.
Our specialists also conduct unit test reviews, dynamic analysis, and penetration tests to expand the process of assessing certain business logic, where necessary, and to simulate typical attacks such as short address, re-entrance, re-ordering and other attacks.
How could the coverage be extended?
Want to get even more in-depth?
If desired, smart contracts can be manually deployed to a testnet for assessment. These testnets will be used to find edge cases in your code, whether it’s a way to lock user funds in the contract or if a bonus percentage is being calculated incorrectly.
Additionally, they’ll help to identify bugs in your test suite if they are provided with the associated unit tests. Last but not least, our security experts will review the cryptography embedded into the smart contract to identify any potential behavioral defects
How is all this reported?
Our team compiles a detailed report covering every test that was conducted. The report is intended only to provide documentation that a client has corrected all findings noted by our team until the day the report is delivered.
The report cannot and does not protect against personal or business loss as a result of the use of the applications or systems described.Testing is conducted on the applications and systems as they exist on that particular day of the report delivery.
Information security threats are continually changing, with new vulnerabilities discovered on a daily basis. Duly note that no application can ever be 100% secure no matter how much security testing is performed.