Strengthening Cede.store Security: Our Commitment to Trust and Excellence

Published in

Cede Labs

3 min readNov 14, 2023

Introduction

In the rapidly evolving world of decentralized finance (DeFi), trust and security stand as the pillars of user confidence and platform reliability. At Cede Labs, we are dedicated to bridging the gap between centralized finance (CeFi) data & liquidity and DeFi, with our non-custodial browser wallet, cede.store.

Backed by influential entities in the space such as GSR, Stake Capital, DoraHacks and top DeFi founders, we empower users to seamlessly transfer funds from centralized exchanges to blockchain ecosystems, without the necessity for extensive development efforts on their part. Indeed, we’re building cede.store : a non-custodial browser wallet for CEX connectivity. Our extension allows users to track and manage their CEX assets while keeping DeFi values: self-custody (API key) and DeFi UX (browser wallet).

Basically, you can let your users track, trade and transfer their CEX assets directly on any dApp integrating us as they would integrate a Metamask or any DeFi wallet.

Recently, we undertook a comprehensive security audit to fortify our platform and ensure the utmost security for our users. In this article, we are excited to share the results and improvements made following the audit, solidifying our commitment to creating a secure and user-centric DeFi experience.

The Penetration Testing: Hacken’s Comprehensive Security Assessment

The penetration testing was conducted by Hacken, a reputable cybersecurity firm renowned for its extensive work in auditing numerous web3 projects. Hacken’s methodology is grounded in a wealth of experience, best practices, and international methodologies and guides, such as PTES and OWASP, ensuring a thorough and reliable security assessment.

The scope of the penetration testing encompassed:

Cede.store Browser Extension: A white-box penetration test was conducted to scrutinize the security of our browser wallet.
api.cedelabs.io: A security assessment of our API, which is exclusively used for public data such as price information, was carried out to confirm its robustness.

The audit process followed a comprehensive workflow, including pre-engagement interactions, white-box security assessments, vulnerability detection, analysis, and verification, mapping application code against industry best practices (OWASP ASVS), and compiling a detailed final report outlining findings, related risks, and recommendations.

Results and Improvements

We are proud to announce that following Hacken’s meticulous assessment, cede.store emerged with flying colors, obtaining a perfect score of 10/10. The audit identified three vulnerabilities, all of which have been promptly addressed and rectified, ensuring an even more secure platform for our users.

The level of risk for our organization has been assessed to be LOW, with no direct paths for external attackers to compromise the entire system discovered.

The detailed penetration testing report is available here : https://github.com/cedelabs/cede.store/blob/main/Cede Labs PT Complete Report.pdf

Emphasizing Transparency and Security

Our partnership proposition extends beyond just a product; it is an invitation to join a community committed to innovation, security, and transparency.

By choosing cede.store, you are not just gaining a tool; you are gaining a partner dedicated to supporting your journey in the DeFi & CeFi space, backed by a secure and user-centric platform.

At Cede Labs, we get up every day with a very clear goal in mind: to become the CeFi data & liquidity gateway for any kind of financial apps.

In Conclusion

As we continue to innovate and strengthen our platform, the security and trust of our users remain our top priorities. The results of the Hacken penetration testing are a testament to our relentless commitment to providing a secure, seamless, and user-friendly DeFi experience.

We invite you to discover more about our partnership opportunities and join us in revolutionizing the DeFi space, ensuring a secure, transparent, and thriving ecosystem for all.

Explore more:

Cede Labs — Bridging CeFi and DeFi, Securely.