TRUST Summit | Nov 3, 2025 | NYCWhere decision-makers define the next chapter of secure blockchain adoption.
Learn more

Cirus

Audit name:

[PT] Cirus | Mob_iOS | Apr2024

Date:

Apr 24, 2024

Table of Content

Introduction
Audit Summary
Document Information
System Overview
Executive Summary
Findings
Appendix 1. Severity Definitions
Appendix 2. Scope
Disclaimer

Want a comprehensive audit report like this?

Introduction

We express our gratitude to the Cirus team for the collaborative engagement that enabled the execution of this Security Assessment.

titlecontent
PlatformiOS
Timeline16/04/2024 - 23/04/2024
Methodologyhttps://hackenio.cc/dApp_methodology

    Protect your dApp with insights like these.

    Audit Summary

    Total9.5/10
    Security Score

    9.5/10

    Test Coverage

    \-

    Code Quality Score

    \-

    Documentation Quality Score

    \-

    6Total Findings
    5Resolved
    1Accepted
    0Mitigated

    The system users should acknowledge all the risks summed up in the risks section of the report

    Document Information

    This report may contain confidential information about IT systems and the intellectual property of the Customer, as well as information about potential vulnerabilities and methods of their exploitation.

    The report can be disclosed publicly after prior consent by another Party. Any subsequent publication of this report shall be without mandatory consent.

    Document

    NameDecentralized Application (dApp) Code Review and Security Analysis Report for Cirus
    Audited ByEce Orsel
    Approved ByStephen Ajayi
    Websitehttps://hacken.io
    Changelog23/04/2024 - Preliminary Report

    • Document

      Name
      Decentralized Application (dApp) Code Review and Security Analysis Report for Cirus
      Audited By
      Ece Orsel
      Approved By
      Stephen Ajayi
      Website
      https://hacken.io
      Changelog
      23/04/2024 - Preliminary Report

    System Overview

    The following table provides a synopsis of target systems that were within the scope of this Security Assessment.

    Cirus Mobile Application: iOS

    Executive Summary

    Security score

    Upon auditing, the code was found to contain 0 critical, 0 high, 2 medium, and 4 low severity issues, leading to a security score of 9.5 out of 10.

    All identified issues are detailed in the “Findings” section of this report.

    Summary

    The comprehensive audit of the customer's dapp yields an overall score of 9. This score reflects the combined evaluation of documentation, code quality, test coverage, and security aspects of the project.

    Findings

    Code
    Title
    Status
    Severity
    F-2024-1498Lack of Anti-Debugging Protection
    fixed

    Medium
    F-2024-1495Accessible Swagger API Endpoint
    fixed

    Medium
    F-2024-1494Sensitive Data Exposure via iOS Pasteboard
    fixed

    Low
    F-2024-1493Unrestricted Clipboard Access to Sensitive Fields
    fixed

    Low
    F-2024-1491The App Allows Screenshots with Sensitive Data
    fixed

    Low
    F-2024-1487No Jailbreak Detection for iOS Application
    accepted

    Low
    1-6 of 6 findings

    Uncover findings like these to secure your project.

    Appendix 1. Severity Definitions

    Severity

    Description

    Critical
    		These issues present a major security vulnerability that poses a severe risk to the system. They require immediate attention and must be resolved to prevent a potential security breach or other significant harm.

    High
    		These issues present a significant risk to the system, but may not require immediate attention. They should be addressed in a timely manner to reduce the risk of the potential security breach.

    Medium
    		These issues present a moderate risk to the system and cannot have a great impact on its function. They should be addressed in a reasonable time frame, but may not require immediate attention.

    Low
    		These issues present no risk to the system and typically relate to the code quality problems or general recommendations. They do not require immediate attention and should be viewed as a minor recommendation.

    • Severity

      Critical

      Description

      These issues present a major security vulnerability that poses a severe risk to the system. They require immediate attention and must be resolved to prevent a potential security breach or other significant harm.

      Severity

      High

      Description

      These issues present a significant risk to the system, but may not require immediate attention. They should be addressed in a timely manner to reduce the risk of the potential security breach.

      Severity

      Medium

      Description

      These issues present a moderate risk to the system and cannot have a great impact on its function. They should be addressed in a reasonable time frame, but may not require immediate attention.

      Severity

      Low

      Description

      These issues present no risk to the system and typically relate to the code quality problems or general recommendations. They do not require immediate attention and should be viewed as a minor recommendation.

    Appendix 2. Scope

    The scope of the project includes the following;

    Scope Details

    Mobile ApplicationiOS
    APINot Required
    WhitepaperNot Required
    RequirementsNot Required
    Technical RequirementsNot Required

    • Scope Details

      Mobile Application
      iOS
      API
      Not Required
      Whitepaper
      Not Required
      Requirements
      Not Required
      Technical Requirements
      Not Required

    Disclaimer