1-6-5. Security Audit
Last updated
Last updated
Our blockchain ecosystem conducts rigorous code audits to further ensure security. In particular, tokens and their storage wallets are subject to code audits by Quantstamp, Inc., which is extremely important for security and for asset protection. Quantstamp is the leader in blockchain security, having performed over 250 audits and secured over $200 billion in value. Our mission is to facilitate the mainstream adoption of blockchain technology through our security and risk assessment services. Enterprise companies and NGOs such as Visa, Toyota, and Siemens also trust Quantstamp to secure their blockchain implementations.
The Quantstamp auditing process follows a routine series of steps:
1. Code review that includes the following
i. Review of the specifications, sources, and instructions provided to Quantstamp to make sure we understand the size, scope, and functionality of the smart contract.
ii. Manual review of code, which is the process of reading source code line-by-line in an attempt to identify potential vulnerabilities.
iii. Comparison to specification, which is the process of checking whether the code does what the specifications, sources, and instructions provided to Quantstamp describe.
2. Testing and automated analysis that includes the following: i. Test coverage analysis, which is the process of determining whether the test cases are actually covering the code and how much code is exercised when we run those test cases. ii. Symbolic execution, which is analyzing a program to determine what inputs cause each part of a program to execute.
3. Best practices review, which is a review of the smart contracts to improve efficiency, effectiveness, clarify, maintainability, security, and control based on the established industry and academic practices, recommendations, and research.
4. Specific, itemized, and actionable recommendations to help you take steps to secure your smart contracts.