Hacken & KuCoin: pentests and bug bounties as CEXs’ keys to users’ trust
In May 2021, KuCoin reached Hacken to order Penetration Testing, later they ordered Bug Bounty
Hacken is launching a monitoring tool. Get details and join our beta program
Company name: OneLedger
Company description: OneLedger’s mission is to simplify businesses’ adoption of blockchain technology and its integration into their specific business applications and products. The company believes that the applications of the future will maintain individual data sovereignty and operate across interconnected blockchain networks enabling seamless independent user interactions. OneLedger specializes in providing solutions catering to the Supply Chain (specifically Blockchain EDI) and the Real Estate industry.
Service: Hacken performed a blockchain security review of the OneLedger protocol, analyzed blockchain implementation and tested the potential attacker endpoints, reviewed the architecture and made a smart-contract audit.
OneLedger requested a third-party security audit to help identify potential weaknesses and blind spots across the entire infrastructure. This included checking potential entry points that hackers may utilize to compromise the network, smart contract, RPC, etc.
Hacken Service Summary
Hacken performed the blockchain security testing for OneLedger. The project scope was:
1. Architecture Analysis and Threat Modelling
2. Manual and Automated Code Review
3. Smart Contract Audit
4. Manual Validators testing
During the project, consultants found some security issues and the Hacken engineers made recommendations on how to fix them.
Security engineers performed threats analysis, architecture review and prepared a security testing plan covering all the potential security issues.
The smart contract within the scope was manually reviewed and analyzed with static analysis tools. Security engineers found some issues during the initial smart contract audit.
The customer redesigned the smart contract and fixed all found issues. However, low to medium issues were found during the secondary smart contract audit. The customer has already begun working on fixing the medium to high priority issues as recommended by our team.
According to the review, the Hacken auditors recommend the OneLedger Protocol to fix security issues to achieve a secure state. The original code of OneLedger was noted to be of very good quality. The OneLedger team has already started working on the bug fixes, and after the fixes are made, the Hacken team will perform a review of fixes and re-test critical components of the protocol.
To learn more about OneLedger, visit https://www.oneledger.io/
Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email