Merkle Network successfully passes Smart Contract Audit from PeckShield.
Our most awaited security audit has been completed by PeckShield. It is vital to ensure that safety is properly implemented in the protocol and it is securely protected against any outside threats, so our partners can use the Merkle infrastructure without any hassle.
What is PeckShield and what does their audit mean?
PeckShield was founded in 2018 by former Qihoo 360 Chief Scientist Xuxian Jiang, and major investors include Gaorong Capital. Team members are based in Hangzhou, Beijing, and San Francisco, and consist of seasoned security professionals and senior researchers from world-leading security groups at companies such as Qihoo 360, Microsoft, Intel, Juniper, and Alibaba, etc.
PeckShield has established strategic and long-term cooperations with key players in all areas of the blockchain ecosystem, such as blockchain infrastructure vendors, exchanges, crypto wallets, mining pools, DApp developers, as well as Defi pioneers. They also attracted widespread attention from the industry since they have, among other things, discovered issues such as Ethereum smart contract BatchOverflow loophole, been included in the Etherscan.io recommended vendor list for smart contracts security audit and ranked Top 3 worldwide in the Ethereum Bounty Program. With dozens of years of experience and noted achievements in the area of vulnerability analysis, operating systems, and malware defence, PeckShield offers independent service brands such as dAppTotal and CoinHolmes and provides security total solutions to all blockchain users.
How did they go about auditing Merkle Network?
The methodology used defined was based on the OWASP Risk Rating Methodology that Likelihood represents how likely a particular vulnerability is to be uncovered and exploited in the wild; Impact measures the technical loss and business damage of a successful attack; Severity demonstrates the overall criticality of the risk.
During the first phase of the audit, they study the smart contract source code and run an in-house static code analyzer through the codebase. The purpose here is to statically identify known coding bugs, and then manually verify (reject or confirm) issues reported by their tool. They further manually review business logic, examine system operations, and place Defi-related aspects under scrutiny to uncover possible pitfalls and/or bugs.
Key Findings:
PeckShield did not find any critical or high severity bugs and reported 1 medium severity and 2 low severity bugs in our smart contracts. All of them have been fixed to meet the highest security standards for smart contracts.
You can read the full audit report here - https://bit.ly/3nLQ1jJ
About Merkle Network:
Merkle Network is a Web3.0 interoperability protocol that enables cross-chain transfers of blockchain assets and data between blockchains. Based on the observation that transferring assets and data between the chains has been one of the biggest challenges in the crypto space, it is proposed to solve the interoperability issue with cross-protocol that allows blockchains to communicate.
Follow Merkle Network Official channels below:
Website | Twitter | Announcement Channel | Medium | Whitepaper
