Hacken Token
$ -- --.--
At a glance

EOS smart contracts inherit all the advantages of the smart contract model, including accuracy, transparency, security, and trust. However, the state of these parameters highly depends on their implementation: an unexpected logic flow can cause a large security vulnerability that makes EOS cryptocurrency theft possible

An EOS smart contract audit service is a third-party security analysis of the smart contract code that reduces the risk of being hacked. The audit ensures an agreement is made between parties in order to execute a specific service and reach common requirements. Hacken performs smart contract audits in accordance with the internal methodology. A basic security audit includes a manual codebase audit as well as an automated tools security audit

01

EOS Smart Contract Audit

A Smart contract audit is a process of testing source code against all known vulnerabilities as well as researching any new potential threats. A Smart Contract audit aims to identify and prevent the deployment of security vulnerabilities.

A smart contract audit by Hacken includes functional analysis and manual security review of the code. The audit produces a detailed and precise review of each line of the code and checks the logic of the contract. The outcome of the audit is clear and easy to understand report

02

DApp Security Review

A DApp is a decentralized application. Its backend code runs on a decentralized peer-to-peer network in contrast to a regular app whose backend code runs on a centralized server.

A Hacken DApp security review service focuses on client and server-side security issues of applications. A DApp review consists of a smart contract audit for the back-end and “smart” penetration testing for the front-end. A “Smart” pentest differs from a regular pentest in the way that it doesn’t perform SQL since it has no database to analyze.

*If the DApp is of combined nature (smart contract + backend with a database, then a regular pentest is performed)

FAQ

✅ What is the difference between “smart” penetration testing and regular penetration testing?

“Smart” penetration testing does not provide for performing SQL since DApps, unlike traditional apps, do not have any database. That is why no SQL is required. However, some DApps may have a combined nature (combination of smart contract and backend with the database), so, in this case, traditional penetration testing is performed.


✅ What are the key activities performed during a DApp security review?

The DApp security review performed by Hacken experts provides for estimating the security of the back-end and front-end. The back-end security is tested through the conduct of a smart contract audit while front-end security is tested by performing penetration testing.


✅ What are the key security risks attributable to EOS smart contracts?

EOS smart contracts inherit most of the parameters attributable to the smart contract model. However, the quality of their implementation may vary among projects and there is always a risk that unexpected logic flow may create conditions enabling malicious actors to steal crypto assets.


✅ What components does the Hacken security audit include?

The Hacken security audit provides for performing functional analysis and manual review of the code to check the logic of the contract. The results of the audit are described in the report written in the client-friendly language. As a result, clients can prevent the deployment of vulnerabilities.

hackenproof logo

The world trusted Bug Bounty Platform. Run custom-tailored Bug Bounty Programs to secure your business and assets.