Pay for Expenses
Issue a Report
Blockchain Security Audit Scheme
The SlowMist team adopts the strategy of "Black-box + Gray-box" to conduct a complete security test on the project in the way closest to the real attack.
Blockchain Common Vulnerability List：https://github.com/slowmist/Cryptocurrency-Security-Audit-Guide/blob/main/Blockchain-Common-Vulnerability-List.md
The SlowMist team adopts the strategy of "Black-box + Gray-box" to conduct a complete security test on the project in the way closest to the real attack. The SlowMist team examines the most concerned vulnerabilities of exchanges, they are as follows:
This audit scheme is characterized by its low cost and short time. It’s most suitable for blockchains that are based on secondary development of more mature projects, such as Bitcoin-Core, Go-Ethereum, Bitshares, EOSIO, etc.
The SlowMist team adopts the strategy of "White-box" to conduct a complete security test on the project.
The SlowMist team checks code quality using open source or commercial code scanners, we support all popular language, such as C/C++/Golang/Rust/Java/Nodejs/C#
The SlowMist team manually checks the code line by line, looking for common coding pitfalls as follows:
Based on the characteristics of certain blockchains, such as Polkadot and Cosmos, we have implemented customized security audit measures.
Take Polkadot for example. The Polkadot ecological project uses Substrate as its developmental framework. Developers can focus on the implementation of their business logic without paying attention to the integration of underlying network components and ledgers. Based on these characteristics, we abandoned the blockchain audit project. With regards to the network layer, consensus layer, cryptography, and other underlying modules, we’ve added more detailed audit entries. Those entries added are as follows:
Blockchain Based Cryptocurrency Security Audit Guide: https://github.com/slowmist/Cryptocurrency-Security-Audit-Guide