We are excited to announce that we had opted for an audit by the expert team at Hacken.io and that it has now been successfully completed. Vanig is focused on cybersecurity as we build ourselves from the ground up. If we do not care about these we will have to answer for the consequences of getting hacked, which can be really terrible. Over the last year, there were many cases of hacking into smart contracts of ICO start-ups that seemed solid and secure.
As a crypto startup, the audit of Smart Contracts that we use is extremely important. The audit by Hacken includes both objective findings from the contract code as well as subjective assessments of the overall architecture and design choices by consulting experts. This audit evaluates whether the code has been written in a way that ensures readability and maintainability. Also, it assesses if the codebase follows the modern best and established practices for Smart Contracts development.
Hacken OU, a leading security consulting firm, was hired by Vanig to conduct a Smart Contract Code Review and Security Analysis against the Crowd Sale smart contract. Here are some of the analysis that took place, and their results:
The Vanig project’s smart contract was scanned with several publicly available Solidity analysis tools such as Remix, Mythril, and Solhint. The results were manually checked as well.
A manual audit of the entire contract was performed. The logic of the contract was thoroughly checked as well. This also involves checking the automated analysis at various points.
Results: The token implementation at Vanig is an ERC20 standard compliant token functional with burnable ability. All of the inherited contracts are OpenZeppelin implementation. Others are:
The Vanig code is clean and well-documented. The project compiles successfully. All the custom token functions work normally. There are no critical issues in the code that endanger the smart contract security.
There are certain commonly known and specific vulnerabilities that one needs to protect their contract against. Some of these that were checked are:
- Timestamp dependence
- Gas Limit and Loops
- DoS with Throw
- DoS with Block Gas Limit
- Transaction-Ordering Dependence
- Style guide violations
- ERC20 API violations
- Malicious libraries
- Compiler Version issues
- Unchecked external calls
- Unsafe type interference
A test for these and many more vulnerabilities revealed that our code was compliant, and had no hidden vulnerabilities that might impact us in the future.
Hacken has said in its concluding remarks, ‘In general, code quality is high and our feedback is very positive’.
We are extremely excited to see that our hard work has now received praises from pioneers in the field of security. This will help us in our roadmap for building an e-commerce solution that truly targets all the issues in the supply chain industry and brings efficiency and trust on to the system by using blockchain technology.
An audit of a smart contract is to verify that the code we have written that will be integrated into the public Ethereum blockchain is secure and trustworthy. We consider it our responsibility to ensure our customer’s financial investments are protected.
Full audit can be seen here: https://vanig.io/assets/pdfs/sc_audit_vanig_final.pdf
Are you as excited as we are? Let us know how you feel in the comments below!
· Website: https://vanig.io
· Telegram: https://t.me/vanigplatform
· Twitter: https://twitter.com/vanigplatform
· Facebook: https://facebook.com/vanigplatform
· LinkedIn: https://www.linkedin.com/company/vanigllc
· Reddit: https://www.reddit.com/r/vanigplatform